firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 18:10:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yiqink_7GYXx8MqkILR6pu61mkrSdi-EUacc72OL_JswyaXoZn3_7A==
Age: 2295
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11418
Expires: Thu, 15 Sep 2022 21:59:02 GMT
Date: Thu, 15 Sep 2022 18:48:44 GMT
Connection: keep-alive
ar.moddroid.co/apps/videomusic/soundcloud
104.18.21.115301 Moved Permanently 154 B URL HTTP/1.1 ar.moddroid.co/apps/videomusic/soundcloud
IP 104.18.21.115:0
File type HTML document, ASCII text, with no line terminators
Hash c11fd21d7ddfbff6e505e4d003e75249
9ccc81c34c90c95c2f6ed315f62cce5a2028d1be
97cf4639518f67c660bdd7969f2e4328d789f66cc77384dd4584d1e245f644a5
Analyzer Verdict Alert fortinet Malware
GET /apps/videomusic/soundcloud HTTP/1.1
Host: ar.moddroid.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 18:48:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://ar.moddroid.co/apps/videomusic/soundcloud
Vary: Accept, Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b389ceab200b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2A5cxibfNBIHOogYSkFCxJHfVc2iaxkwktuVZHDRplMzXVokuA9hNQ==
age: 51209
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 18:03:22 GMT
Expires: Thu, 15 Sep 2022 18:03:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5JTuqOl3Kt2KskHbnEaqkvQh1RmJCXAVq6kVi10atVUhcgaT1EZm9w==
Age: 2723
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3656
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:45 GMT
Last-Modified: Thu, 15 Sep 2022 17:47:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdn.ezjojoy.com/packages/com.soundcloud.android/icon_27dbfd.png
104.18.16.131200 OK 4.0 kB URL HTTP/2 cdn.ezjojoy.com/packages/com.soundcloud.android/icon_27dbfd.png
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 330ce7ec304a73cf917b1aca10faba51
77d6debd2f81e903f8fbf0dc6bc2000e7624024e
4d4a5a941a4efc4a70f7b7ac7c8f1498e7336b42d37cfbca65ff55b94057bc2f
GET /packages/com.soundcloud.android/icon_27dbfd.png HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:45 GMT
content-type: image/webp
content-length: 4044
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6160
content-disposition: inline; filename="icon_27dbfd.webp"
etag: "61e5800a-1810"
last-modified: Mon, 17 Jan 2022 14:41:14 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AVm7oo1anGih
x-77-nzt-ray: bggOnUXbuoI
x-77-pop: singapore2SG
x-cache: MISS
cf-cache-status: HIT
age: 178811
expires: Thu, 15 Sep 2022 22:48:45 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 74b389d52cf9b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 2f386a22421b0577785f455b40dc1e87
07f01fa9377afac6080ed67777842a022b88c7c0
e05347abf5a2da08cbf149070a6b0c0daff8fafcd1a185bc5ca4a69cd9f4b9bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E05347ABF5A2DA08CBF149070A6B0C0DAFF8FAFCD1A185BC5CA4A69CD9F4B9BC"
Last-Modified: Wed, 14 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1216
Expires: Thu, 15 Sep 2022 19:09:01 GMT
Date: Thu, 15 Sep 2022 18:48:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 51a81875cfc576cfdef5dc96f978e713
b9a85de614d936aff9daa4b1bd78d724b6849d13
56e3788cc93f90cd8ca56314c7e3d43672dce2a51b4558b2ceacc26a2496db9a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56E3788CC93F90CD8CA56314C7E3D43672DCE2A51B4558B2CEACC26A2496DB9A"
Last-Modified: Wed, 14 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14350
Expires: Thu, 15 Sep 2022 22:47:55 GMT
Date: Thu, 15 Sep 2022 18:48:45 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-72DT1JGQ0Z
142.250.74.72200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-72DT1JGQ0Z
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash b280e3d2b2079f26e31333f261f2334b
e6d26c8a0afc8eadec07933f1131f96a9a7bb0a4
adbc116856eb4900dcedf6916bd2b514a5a7082cd3afe4f2295d3d180192532d
GET /gtag/js?id=G-72DT1JGQ0Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 18:48:45 GMT
expires: Thu, 15 Sep 2022 18:48:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hb.towerycacara.com/taHBeGeWGMfxFL/51740
23.109.82.72200 OK 25 B URL HTTP/1.1 hb.towerycacara.com/taHBeGeWGMfxFL/51740
IP 23.109.82.72:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /taHBeGeWGMfxFL/51740 HTTP/1.1
Host: hb.towerycacara.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 18:48:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ar.moddroid.co
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 16-Sep-2022 18:48:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 16-Sep-2022 18:48:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56b4a90e8be043082aa30d490fe93e47
6c94d4b9610ec757d7e7851ac2e478edff1309f8
c59724a0ece262f497d3f09f4e90ae49a11a3a150134183cc10ef2c47f5fe9b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rbdQJoY0tzsVa6K3We1RtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: utcaWQLweYS9tfCmkO+MSKE9SVk=
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 8f841073d0648467dd376a8a99383fa4
35775604eda548bc0c278d78a6c1c78e55f5be8d
07f61518fa3437e72b86cc24bf15677f8e6aa1ccd5bc43d9261cdbbc80363324
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07F61518FA3437E72B86CC24BF15677F8E6AA1CCD5BC43D9261CDBBC80363324"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Fri, 16 Sep 2022 00:48:15 GMT
Date: Thu, 15 Sep 2022 18:48:45 GMT
Connection: keep-alive
ej.showishsinus.com/r9H1cTBGF0vL/51749
23.109.82.97200 OK 25 B URL HTTP/1.1 ej.showishsinus.com/r9H1cTBGF0vL/51749
IP 23.109.82.97:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /r9H1cTBGF0vL/51749 HTTP/1.1
Host: ej.showishsinus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 18:48:45 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ar.moddroid.co
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 16-Sep-2022 18:48:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 16-Sep-2022 18:48:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-5.jpg
104.18.16.131200 OK 66 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-5.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 164dd80908cbd2d01d5298daa115119b
dd3a7b56c910bc85889191b954117c323b1241eb
2c6ccc6785947c4c669eea9ef0b189765aee445f03888bc95dcb0fa596e58328
GET /moddroid-uploads/2021/04/soundcloud-5.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:45 GMT
content-type: image/webp
content-length: 66150
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=107814
content-disposition: inline; filename="soundcloud-5.webp"
etag: "617a4510-1a526"
last-modified: Thu, 28 Oct 2021 06:37:04 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AVm7ooT/sOCh
x-77-nzt-ray: y8oSNBdsc34
x-77-pop: singapore2SG
x-cache: MISS
cf-cache-status: HIT
expires: Thu, 15 Sep 2022 22:48:45 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 74b389d52cf1b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
propu.sh/ntfc.php?p=5234444
139.45.197.250200 OK 6.0 kB URL HTTP/2 propu.sh/ntfc.php?p=5234444
IP 139.45.197.250:0
File type C source, ASCII text, with very long lines (14631), with no line terminators
Hash 724f42d7ac6f59926770a786c9cded7c
73619f98b3e69f8055d4f8b3e89999f6e1621748
96b05322dad50dc9ec99d9ff7e0de9eb1efa2074994914d016e34662202b59f7
GET /ntfc.php?p=5234444 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 08:49:51 GMT
etag: W/"6320442f-3922"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash d1c89b0c456466babe0a0c3325865f8f
9e21160128a29fb362eac7c2eb4f8aa94075d0dc
23fa5011741d69865212a07832d3ab238c2e2fe667961a9b48ddea2996bbfb7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "23FA5011741D69865212A07832D3AB238C2E2FE667961A9B48DDEA2996BBFB7F"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9069
Expires: Thu, 15 Sep 2022 21:19:55 GMT
Date: Thu, 15 Sep 2022 18:48:46 GMT
Connection: keep-alive
cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-3.jpg
104.18.16.131200 OK 66 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-3.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 92599a1d06b84b3040e72125f23a3e75
005cec2fc1a05fe4b5bfc68991ec95ad44b2f2b3
ffc2d4888e7b7dd68a5772b57dac594b90b7bb4c53032fc93da6716c301426eb
GET /moddroid-uploads/2021/04/soundcloud-3.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: image/webp
content-length: 65838
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=89555
content-disposition: inline; filename="soundcloud-3.webp"
etag: "617a4513-15dd3"
last-modified: Thu, 28 Oct 2021 06:37:07 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AVm7ooQpVRih
x-77-nzt-ray: Cl0zJbch3dE
x-77-pop: singapore2SG
x-cache: MISS
cf-cache-status: HIT
expires: Thu, 15 Sep 2022 22:48:46 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 74b389d53d15b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-1.jpg
104.18.16.131200 OK 70 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-1.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02888a88c7e56dea75e2a1e6c7241d1a
2863a37fc9bd37e3eef36b8e9a4dae7eba8f1c02
f64e243b0c0fbdcc28aef9cd2cf88f8df41d1d5d50e1b986b7c85cc9a3e27f83
GET /moddroid-uploads/2021/04/soundcloud-1.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: image/webp
content-length: 70410
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=91233
content-disposition: inline; filename="soundcloud-1.webp"
etag: "617a4516-16461"
last-modified: Thu, 28 Oct 2021 06:37:10 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AVm7oo27enCh
x-77-nzt-ray: e2u1aTX2W1k
x-77-pop: singapore2SG
x-cache: MISS
cf-cache-status: HIT
expires: Thu, 15 Sep 2022 22:48:46 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 74b389d52cecb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-2.jpg
104.18.16.131200 OK 56 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-2.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2f49819283ea3ed6d2448aaa9bba8c9e
3e59f5a0a55db7506770dc0a986ba9f760402173
04c5cc7ff6016255bed93ea9a2187c5947c1ea92e9496825e5aa9c197e3b6d7a
GET /moddroid-uploads/2021/04/soundcloud-2.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: image/webp
content-length: 55454
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=77352
content-disposition: inline; filename="soundcloud-2.webp"
etag: "617a4513-12e28"
last-modified: Thu, 28 Oct 2021 06:37:07 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AVm7ooR6imWh
x-77-nzt-ray: ywrJGpx3Poo
x-77-pop: singapore2SG
x-cache: MISS
cf-cache-status: HIT
expires: Thu, 15 Sep 2022 22:48:46 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 74b389d52cfcb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 8abaae08e857ce70e2e3e05e3c892c3a
d964ba316c59addf10e29018f95e7bc12c55b793
5c12e411338b132d76660e348ce57e6e1ff73c8e8e40e8dfd4e6a697aea1a2bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C12E411338B132D76660E348CE57E6E1FF73C8E8E40E8DFD4E6A697AEA1A2BC"
Last-Modified: Wed, 14 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Thu, 15 Sep 2022 22:57:41 GMT
Date: Thu, 15 Sep 2022 18:48:46 GMT
Connection: keep-alive
cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-4.jpg
104.18.16.131200 OK 56 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud-4.jpg
IP 104.18.16.131:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbdbc9e3007a4f630ce9cb998f3335a7
0ab507ee560a41d342034ceacccb0cbd31592ee4
6f4742d0d50d123eb8bccac84741ef684c85b20e294eaac87b417669a9920886
GET /moddroid-uploads/2021/04/soundcloud-4.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: image/webp
content-length: 56540
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=83947
content-disposition: inline; filename="soundcloud-4.webp"
etag: "617a4511-147eb"
last-modified: Thu, 28 Oct 2021 06:37:05 GMT
vary: Accept
x-77-cache: MISS
x-77-nzt: AVm7ooTQvr2h
x-77-nzt-ray: 2g8Ca7Y6rMg
x-77-pop: singapore2SG
x-cache: MISS
cf-cache-status: HIT
expires: Thu, 15 Sep 2022 22:48:46 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 74b389d53d17b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
propu.sh/zone?pub=0&zone_id=5234444&is_mobile=false&domain=ar.moddroid.co&var=&ymid=&var_3=
139.45.197.250200 OK 705 B URL HTTP/2 propu.sh/zone?pub=0&zone_id=5234444&is_mobile=false&domain=ar.moddroid.co&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (704)
Hash 5366b3c8099dea174fe272a945817bd2
f020790b96b48d2a5fbc9e344a3fb5b4a4caa486
2208e4571f9dffa8707e97a95bbc1cc322aa8c463da1991647d502285eb6d704
GET /zone?pub=0&zone_id=5234444&is_mobile=false&domain=ar.moddroid.co&var=&ymid=&var_3= HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ar.moddroid.co/
Origin: https://ar.moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: 9dca1a3cf28178bc0409ef3f9a89e1f7
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud.jpg
104.18.16.131200 OK 126 kB URL HTTP/2 cdn.ezjojoy.com/moddroid-uploads/2021/04/soundcloud.jpg
IP 104.18.16.131:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x889, components 3\012- data
Size 126 kB (126104 bytes)
Hash 5db5b00427d729a2d5c60a516b9efa5f
eb287cd13de81035e3f742ff201a8bac99166659
c233a598f84c04adebc0017c05e5e9ed87987584fa97fac46b644904cbfe9430
GET /moddroid-uploads/2021/04/soundcloud.jpg HTTP/1.1
Host: cdn.ezjojoy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: image/jpeg
content-length: 126104
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=154935, status=webp_bigger
etag: "617a4518-25d37"
last-modified: Thu, 28 Oct 2021 06:37:12 GMT
x-77-cache: MISS
x-77-nzt: AVm7oo206B6h
x-77-nzt-ray: axI5vNSCCRg
x-77-pop: singapore2SG
x-cache: MISS
cf-cache-status: HIT
expires: Thu, 15 Sep 2022 22:48:46 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b389d52d0bb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11873
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 18:48:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11873
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 18:48:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11873
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 18:48:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11873
Expires: Thu, 15 Sep 2022 22:06:39 GMT
Date: Thu, 15 Sep 2022 18:48:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Rx8KX_QI5I2x7q0gcvxcJX7QzZUe2KkfqAUVR64lEujF4xDEWWDhZQ==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 80853
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MYJf90B8rX8_nPUl4stpbZcQeQDaZ2Hgyu6GmsfdqUh-0Nx5OJJThw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:54 GMT
age: 80812
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 73375
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 75821
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 72727
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 80829
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1558334541.rsc.cdn77.org/nfs/20220713/etp.min.js
185.76.9.22200 OK 46 kB URL HTTP/2 1558334541.rsc.cdn77.org/nfs/20220713/etp.min.js
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 text, with very long lines (64538), with no line terminators
Hash de1b0628b42e9b3e604402d96b8f12c8
3fe448b92eea4ec61fd2e8ec25ecebef490e06a2
a62098d93415254ad4d9ecdd201bd20180b1425f4f196179977beed16f89d6ca
GET /nfs/20220713/etp.min.js HTTP/1.1
Host: 1558334541.rsc.cdn77.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: application/javascript
x-amz-id-2: hvdUbfxrrcARK+CUv9SPrhpgAamtVVfwyTZCcF/EzEFTF7PgJQ9OjzMeFsQIwReeSBMSWm0dlPY=
x-amz-request-id: P7PEKPR45FAYEK1N
last-modified: Wed, 13 Jul 2022 11:46:22 GMT
etag: W/"4a6d92884e34440513ee02b5dee9a0cb"
x-accel-expires: @1663993228
server: CDN77-Turbo
x-77-nzt: AblMCRRLbxf/AsAEAA
x-77-nzt-ray: 01EkBNbYmhI
x-cache: HIT
x-age: 311298
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ar.moddroid.co/
Origin: https://ar.moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:47 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ar.moddroid.co/
Content-Type: application/json
Origin: https://ar.moddroid.co
Content-Length: 392
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:47 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 06837769002716c8d904ad9a842b16d8
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 18:48:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=602791,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b389dedadbb4f9-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8a4e4fc7fad3cc835e8bcce3907bf698
a9ae31dab19583ff3de9731b831770368fb14aa4
3ffd54394b183b192028fa5fe374ab6e7db8c2083b15e9af9a09a6d1ec73f854
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 18:48:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 12:52:22 GMT
Expires: Thu, 22 Sep 2022 12:52:21 GMT
Etag: "a9ae31dab19583ff3de9731b831770368fb14aa4"
Cache-Control: max-age=582813,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b389dedaf4fabc-OSL
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3b79aa9f34195a02060c099835214c5d
95577d637a0d8fe05277dcdb626ab621fff416de
865a0c3134e3a4c4bf83f0e18f6699eae1a0f35f625516c2e28b568f0149abdf
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:47 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f6379fdabd544d37b655478471934836; expires=Fri, 15 Sep 2023 18:48:47 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ar.moddroid.co/
Content-Type: text/plain;charset=UTF-8
Origin: https://ar.moddroid.co
Content-Length: 1537
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 15 Sep 2022 18:49:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ar.moddroid.co
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
region1.google-analytics.com/g/collect?v=2&tid=G-72DT1JGQ0Z>m=2oe9e0&_p=257115771&cid=1582420866.1663267711&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663267711&sct=1&seg=0&dl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&dt=SoundCloud%20v2022.09.09-release%20MOD%20APK%20(Premium%20Unlocked%2C%20AD-Free)%20Download%20for%20Android&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-72DT1JGQ0Z>m=2oe9e0&_p=257115771&cid=1582420866.1663267711&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663267711&sct=1&seg=0&dl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&dt=SoundCloud%20v2022.09.09-release%20MOD%20APK%20(Premium%20Unlocked%2C%20AD-Free)%20Download%20for%20Android&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-72DT1JGQ0Z>m=2oe9e0&_p=257115771&cid=1582420866.1663267711&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663267711&sct=1&seg=0&dl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&dt=SoundCloud%20v2022.09.09-release%20MOD%20APK%20(Premium%20Unlocked%2C%20AD-Free)%20Download%20for%20Android&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://ar.moddroid.co
date: Thu, 15 Sep 2022 18:48:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 283 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a033bec2d27f8b3d69a6ad99eb6e2a20
865fbfdc4db9fa80bc67888397deec59a72c46af
cd708a3f1f070f64a82b3f543d0de54511b2d731861d76e6f01143ff00425aaa
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Thu, 15 Sep 2022 18:38:23 GMT
last-modified: Thu, 15 Sep 2022 09:55:03 GMT
expires: Thu, 22 Sep 2022 09:55:02 GMT
etag: "865fbfdc4db9fa80bc67888397deec59a72c46af"
cache-control: max-age=589941,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 74b37aa4b8749189-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1663267103
via: cache23.l2de2[0,0,304-0,H], cache4.l2de2[2,0], cache7.se1[84,84,200-0,H], cache1.se1[86,0], cache7.se1[88,0]
age: 624
x-cache: HIT TCP_REFRESH_HIT dirn:3:276760723
x-swift-savetime: Thu, 15 Sep 2022 18:48:47 GMT
x-swift-cachetime: 1176
timing-allow-origin: *, *
eagleid: 2ff62c9b16632677274404149e, 2ff62c9b16632677274404149e
ocsp.trust-provider.cn/
47.246.44.205200 OK 283 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a033bec2d27f8b3d69a6ad99eb6e2a20
865fbfdc4db9fa80bc67888397deec59a72c46af
cd708a3f1f070f64a82b3f543d0de54511b2d731861d76e6f01143ff00425aaa
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Thu, 15 Sep 2022 18:38:23 GMT
last-modified: Thu, 15 Sep 2022 09:55:03 GMT
expires: Thu, 22 Sep 2022 09:55:02 GMT
etag: "865fbfdc4db9fa80bc67888397deec59a72c46af"
cache-control: max-age=589941,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 74b37aa4b8749189-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1663267103
via: cache23.l2de2[0,0,304-0,H], cache15.l2de2[0,0], cache1.se1[82,82,200-0,H], cache1.se1[84,0], cache4.se1[86,0]
age: 624
x-cache: HIT TCP_REFRESH_HIT dirn:11:448518529
x-swift-savetime: Thu, 15 Sep 2022 18:48:47 GMT
x-swift-cachetime: 1176
timing-allow-origin: *, *
eagleid: 2ff62c9816632677274396748e, 2ff62c9816632677274396748e
goomaphy.com/500/5331011?excludes=&oaid=f6379fdabd544d37b655478471934836&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 goomaphy.com/500/5331011?excludes=&oaid=f6379fdabd544d37b655478471934836&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5331011?excludes=&oaid=f6379fdabd544d37b655478471934836&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://ar.moddroid.co/
Origin: https://ar.moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:47 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
104.22.32.172200 OK 97 kB URL HTTP/2 offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
IP 104.22.32.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ef316842349308dfa69b2337a1f2f26
cfb295c74af7d2432c8f0dde1819e1aa35b2ab89
88d7d3964d36d102797d185fb23dab82ac6142c12a5119497b95d2dc018c5bcd
GET /www/images/3ef316842349308dfa69b2337a1f2f26.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:47 GMT
content-type: image/png
content-length: 96644
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-17984"
expires: Fri, 16 Sep 2022 13:44:58 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 18229
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b389e28fb1992d-ARN
X-Firefox-Spdy: h2
etpweb.happymod.io/event/report/web
43.134.152.57200 OK 14 B URL HTTP/2 etpweb.happymod.io/event/report/web
IP 43.134.152.57:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JSON data\012- , ASCII text, with no line terminators
Hash 886be12a79c0b1bd90e23851bce11841
233d6221d8c9f4971eb1c8a9e76d8d21b0e99bb8
d76b81313242d55a46cabc4b8da69f512aa3a94a9be70924be9a0b1bfc96f52e
POST /event/report/web HTTP/1.1
Host: etpweb.happymod.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 834
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:47 GMT
content-type: application/json; charset=utf-8
content-length: 14
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With, AccessKey,Timestamp
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ar.moddroid.co
access-control-expose-headers: Timestamp
X-Firefox-Spdy: h2
etpweb.happymod.io/event/report/web
43.134.152.57200 OK 14 B URL HTTP/2 etpweb.happymod.io/event/report/web
IP 43.134.152.57:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JSON data\012- , ASCII text, with no line terminators
Hash 886be12a79c0b1bd90e23851bce11841
233d6221d8c9f4971eb1c8a9e76d8d21b0e99bb8
d76b81313242d55a46cabc4b8da69f512aa3a94a9be70924be9a0b1bfc96f52e
POST /event/report/web HTTP/1.1
Host: etpweb.happymod.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 885
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:47 GMT
content-type: application/json; charset=utf-8
content-length: 14
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With, AccessKey,Timestamp
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ar.moddroid.co
access-control-expose-headers: Timestamp
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 15 Sep 2022 18:41:12 GMT
expires: Thu, 15 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 455
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 848674a3bc6b0d4d6cba22b140c574bc
ec95f08f3a5b022c3753f78e30f71d03e2895d78
069aaae82ec20e5bbcc694f9603bded464798891e5e2abc27baadeace22f6a05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ar.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F
216.58.207.194200 OK 138 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ar.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F
IP 216.58.207.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ad1b511c41568cff34d4015aeb9155f4
7bf4e34a3b5503582e9c03469549514e19780641
b561959984c7d9855a5c551e7f9c528f98ad97c9579049bd4471a3e304c3ebd3
GET /pagead/ppub_config?ippd=ar.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ar.moddroid.co/
Origin: https://ar.moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Thu, 15 Sep 2022 18:48:47 GMT
expires: Thu, 15 Sep 2022 18:48:47 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 138
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Sep-2022 19:03:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (44512)
Hash 9b69336f9ed6b1a08ca86f19e3a22658
d2403373370c64ac88c5270a7fd931ae181250fa
bedb4935c1be0245d4bec66988f530ff3b29efea6a51c8cfc73f3c3496615cac
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27896
date: Thu, 15 Sep 2022 18:48:47 GMT
expires: Thu, 15 Sep 2022 18:48:47 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1335 / 417 of 1000 / last-modified: 1663240138"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e235f7fa7276382ea5216c5a4cb5a62e
eb28d368e7528abcce53805f837a0dabab34a79b
adb38c177a024fe3505f24444c4dd008a1decd31b6fc4f043f8e94eb851dbd56
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 18:48:48 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 19 Sep 2022 15:21:19 GMT
ETag: "eb28d368e7528abcce53805f837a0dabab34a79b"
Last-Modified: Thu, 15 Sep 2022 15:21:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2120
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b389e46bf10afa-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=ar.moddroid.co
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=ar.moddroid.co
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ar.moddroid.co HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 18:48:48 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash 034d4604beaddff5783b9878fadfaee6
64d5e1e0dbbbd62d6a64349dd964763b7ab4cbea
f8a957ee3468693f465da61d899438a2b674369b80c9d5c9ffff1111a7091290
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 71985
date: Thu, 15 Sep 2022 18:48:48 GMT
access-control-allow-origin: *
etag: "63216d10-11931"
expires: Thu, 15 Sep 2022 19:48:48 GMT
last-modified: Wed, 14 Sep 2022 08:56:32 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=ar.moddroid.co
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=ar.moddroid.co
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ar.moddroid.co HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 18:48:48 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a8761319363e537f58bedc071786c203
1e983c0df7eeca5ed22cf839bb36c16c251101fe
528d57282b86878146b06df898cfa945913c02e05e5f8b1190907d456f13860e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
142.250.74.65200 OK 3.1 kB URL HTTP/2 b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 15 Sep 2022 18:48:48 GMT
expires: Fri, 15 Sep 2023 18:48:48 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 15 Sep 2022 18:48:48 GMT
access-control-allow-origin: *
etag: "63216d10-2b"
expires: Thu, 15 Sep 2022 19:48:48 GMT
accept-ranges: bytes
last-modified: Wed, 14 Sep 2022 08:56:32 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ar.moddroid.co/
Content-Type: application/json
Origin: https://ar.moddroid.co
Content-Length: 736
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:48 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3be2559514a008d796e2e7c74247dda2
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
mc.yandex.ru/watch/86638922/1?wmode=7&page-url=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2055%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1623260139296%3Ahid%3A319201215%3Az%3A0%3Ai%3A20220915184833%3Aet%3A1663267713%3Ac%3A1%3Arn%3A195310494%3Arqn%3A1%3Au%3A1663267713431785225%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663267709181%3Ads%3A0%2C0%2C327%2C5%2C612%2C0%2C%2C1227%2C4%2C%2C%2C%2C2211%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663267713%3At%3ASoundCloud%20v2022.09.09-release%20MOD%20APK%20%28Premium%20Unlocked%2C%20AD-Free%29%20Download%20for%20Android&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/86638922/1?wmode=7&page-url=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2055%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1623260139296%3Ahid%3A319201215%3Az%3A0%3Ai%3A20220915184833%3Aet%3A1663267713%3Ac%3A1%3Arn%3A195310494%3Arqn%3A1%3Au%3A1663267713431785225%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663267709181%3Ads%3A0%2C0%2C327%2C5%2C612%2C0%2C%2C1227%2C4%2C%2C%2C%2C2211%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663267713%3At%3ASoundCloud%20v2022.09.09-release%20MOD%20APK%20%28Premium%20Unlocked%2C%20AD-Free%29%20Download%20for%20Android&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 351581d592432f895410273527fcecd5
dd243ed13218c05ccb2f589ecf244dcc579c6435
2dd12c051286a5d29782669cd306a147e5ee36fc613bb4985489e5b015022f38
GET /watch/86638922/1?wmode=7&page-url=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2055%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1623260139296%3Ahid%3A319201215%3Az%3A0%3Ai%3A20220915184833%3Aet%3A1663267713%3Ac%3A1%3Arn%3A195310494%3Arqn%3A1%3Au%3A1663267713431785225%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663267709181%3Ads%3A0%2C0%2C327%2C5%2C612%2C0%2C%2C1227%2C4%2C%2C%2C%2C2211%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663267713%3At%3ASoundCloud%20v2022.09.09-release%20MOD%20APK%20%28Premium%20Unlocked%2C%20AD-Free%29%20Download%20for%20Android&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ar.moddroid.co
Referer: https://ar.moddroid.co/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 15 Sep 2022 18:48:48 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Sep-2022 18:48:48 GMT
last-modified: Thu, 15-Sep-2022 18:48:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14705), with no line terminators
Hash 1d2d8ff677b78525820b0fb334d77ff2
e8ffeb9b752aea22c0d4258381773a43f75851dc
5002b0233bc87fb5884c06cb21938c692f5fd19d1e8318095b721623b04a3971
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 18:48:48 GMT
server: cafe
cache-control: private
content-length: 11167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 377139fa706b038c106d663d1c7c402a
7337cfac49077bc4fd74b2e4a405d4391176f585
9aa6fb206804f92cadb70ef6a3cf1b0d0b117be62166923c98b25c8a9c66bb3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 15 Sep 2022 18:48:48 GMT
expires: Thu, 15 Sep 2022 18:48:48 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash 34b2553c81f6d1c9657279fb7b442ed4
d9d429ce26701d5a3066c7afb317325142335e7a
84de9c76b4119c9999898bce7580862de9972f7bbb856b31fa312de599d3c719
GET /pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7572
x-xss-protection: 0
date: Thu, 15 Sep 2022 18:37:53 GMT
expires: Thu, 29 Sep 2022 18:37:53 GMT
cache-control: public, max-age=1209600
etag: 3190241002381566568
content-type: text/javascript; charset=UTF-8
age: 655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=184417&plc=6615336&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&c1=3060631&auorder=22886445&aulitem=56868964&aucrtv=434279737&auxch=1&pltfrm=1&ausite=960091948452&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&aubndl=&audeal=
23.38.201.200200 OK 1.2 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=184417&plc=6615336&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&c1=3060631&auorder=22886445&aulitem=56868964&aucrtv=434279737&auxch=1&pltfrm=1&ausite=960091948452&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&aubndl=&audeal=
IP 23.38.201.200:0
File type HTML document, ASCII text, with very long lines (536)
Hash fe53dc25629ee5489a237d90f18b1b7c
ad1d6d4e56a809fe8675087e4c0ee2fad111547e
f82df9cd9bdd8a6a38fda6f0bfd4fd17b8998493f2895b7beab8e59e834e96f2
GET /dvbs_src.js?ctx=1828362&cmp=184417&plc=6615336&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&c1=3060631&auorder=22886445&aulitem=56868964&aucrtv=434279737&auxch=1&pltfrm=1&ausite=960091948452&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&aubndl=&audeal= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:19:47 GMT
Accept-Ranges: bytes
ETag: "f128ce2aabbd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Timing-Allow-Origin: *
Content-Length: 1170
Date: Thu, 15 Sep 2022 18:48:48 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&c1=3060631&auorder=22886445&aulitem=56868964&aucrtv=434279737&auxch=1&pltfrm=1&ausite=960091948452&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&aubndl=&audeal=
23.38.201.200200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&c1=3060631&auorder=22886445&aulitem=56868964&aucrtv=434279737&auxch=1&pltfrm=1&ausite=960091948452&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&aubndl=&audeal=
IP 23.38.201.200:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (7951)
Hash b157f17bb8f2bd4cf71cc5440e15a5d6
b060e7ab2e1c0bf90210d4b9e912d680d4164b56
585cc4b3a3784c87adf2bb0ed258915fd9f758ed0fa83491c04734ea3c447205
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&c1=3060631&auorder=22886445&aulitem=56868964&aucrtv=434279737&auxch=1&pltfrm=1&ausite=960091948452&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&aubndl=&audeal= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 10:17:42 GMT
Accept-Ranges: bytes
ETag: "067d263ecc8d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3315
Date: Thu, 15 Sep 2022 18:48:48 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src_internal109.js
23.38.201.200200 OK 20 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal109.js
IP 23.38.201.200:0
File type ASCII text, with very long lines (2581), with CRLF, LF line terminators
Hash ed91f1e6cf14d6661fcf683a8d031c95
fb0c088dfceeacb3150c1b7d13a94836236278bc
e93902bb2edca1fe7472e34ea840c94fa8529979dd6ee33139c5bef944944f68
GET /dvbs_src_internal109.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:20:14 GMT
Accept-Ranges: bytes
ETag: "03bb312aabbd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 19455
Date: Thu, 15 Sep 2022 18:48:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 979014a2d4b501776633e545cb609b6e
2389a69c87bcb1b5d962361cec5a71bd43ba0b3b
26f3609adf40f444aa7770872be9a73c083ffe711a6caed25208c1fc00d709b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 02d0b230f81cc15b2032ece17295c28f
61ac1c181d9ad5502260b6653b34f4163d344f25
a6324b20143fc93ab7c059cb21b14e19fc7770f0ecef580e4d0094fce30f78df
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 15 Sep 2022 18:48:48 GMT
date: Thu, 15 Sep 2022 18:48:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-v6JP8zIpBGUnt_j0pZlf_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8ff1c0d8a380ce4a561609526d995bf5
135ecd7e71ea2823d39f8c1efcb2121618ed8167
f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.netsolssl.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 45731e4629f69a521e216a6554916c30
977b3c1934e01f420489b9431321cb402300f108
8a11fa882485529641d55f4a7fde614d9b7c88de150b68c1099c05a0c5ce65da
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 18:48:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 00:10:18 GMT
Expires: Thu, 22 Sep 2022 00:10:17 GMT
Etag: "977b3c1934e01f420489b9431321cb402300f108"
Cache-Control: max-age=537087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b389ea9d16b51e-OSL
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_897808125766&jsTagObjCallback=__tagObject_callback_897808125766&num=6&ctx=1828362&cmp=184417&plc=6615336&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=897808125766&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&ppid=103&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&aucrtv=434279737&auorder=22886445&ausite=960091948452&auxch=1&aulitem=56868964&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&chro=0&hist=1&winh=90&winw=1005&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40TauU2%26C%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40Tau2AADTauG%3A56%40%3EFD%3A4TauD%40F%3F54%3D%40F5Tau&dvp_exetime=11.00&aubndl=&audeal=&callbackName=__verify_callback_897808125766
213.254.244.109200 OK 1.4 kB URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_897808125766&jsTagObjCallback=__tagObject_callback_897808125766&num=6&ctx=1828362&cmp=184417&plc=6615336&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=897808125766&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&ppid=103&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&aucrtv=434279737&auorder=22886445&ausite=960091948452&auxch=1&aulitem=56868964&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&chro=0&hist=1&winh=90&winw=1005&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40TauU2%26C%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40Tau2AADTauG%3A56%40%3EFD%3A4TauD%40F%3F54%3D%40F5Tau&dvp_exetime=11.00&aubndl=&audeal=&callbackName=__verify_callback_897808125766
IP 213.254.244.109:0
File type ASCII text, with very long lines (1533)
Hash 10465d4055c9b83a2c8aac279d16fe6f
3aa1a4d22af3e8c8edab2ef0980147c8efa3f905
96ac67c22570ed1a68a972ff226e546f5d1674e8088e2f9772fb59d92942ea5c
GET /verify.js?flvr=0&jsCallback=__verify_callback_897808125766&jsTagObjCallback=__tagObject_callback_897808125766&num=6&ctx=1828362&cmp=184417&plc=6615336&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=897808125766&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&ppid=103&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&aucrtv=434279737&auorder=22886445&ausite=960091948452&auxch=1&aulitem=56868964&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&chro=0&hist=1&winh=90&winw=1005&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40TauU2%26C%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40Tau2AADTauG%3A56%40%3EFD%3A4TauD%40F%3F54%3D%40F5Tau&dvp_exetime=11.00&aubndl=&audeal=&callbackName=__verify_callback_897808125766 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 18:48:46 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 09/14/2022 18:48:49
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54bd2af71210a73e2f5491611491beb4
8579f437d31aabd2a677b4529093b0d891cf6f02
e4b959a4c103a84aed15da70fd3074dc6ccd55300efa86e4b59a7cf1682200b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=456480826;ord=jcumej;dc_rfl=2,https%3A%2F%2Far.moddroid.co%2F$0;xdt=1;crlt=TFQLZ_c2z0;stc=1;sttr=42;prcl=s
216.58.207.198200 OK 26 kB URL HTTP/2 ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=456480826;ord=jcumej;dc_rfl=2,https%3A%2F%2Far.moddroid.co%2F$0;xdt=1;crlt=TFQLZ_c2z0;stc=1;sttr=42;prcl=s
IP 216.58.207.198:0
File type ASCII text, with very long lines (56824), with no line terminators
Hash 99ed880b724698160ff85a9f26055d45
9c1b9e14660ca7331c5501b79be3cac5e269a90a
75b06a96f4ba9495108d30c46dcbce7cc47c7f94521f23e82227f072127bed29
GET /ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=90.265;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=456480826;ord=jcumej;dc_rfl=2,https%3A%2F%2Far.moddroid.co%2F$0;xdt=1;crlt=TFQLZ_c2z0;stc=1;sttr=42;prcl=s HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 18:48:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 25790
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Sep-2022 19:03:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP 142.250.74.10:0
Hash 272677fdfbd7d9d123c719af5d763189
b2956a51b10db992ff37514cf0b43e166f80ab06
9206076e7194da0d41d0722bd3d9db130ab65dd0820a031281438ad1e41b12f5
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 18:48:49 GMT
date: Thu, 15 Sep 2022 18:48:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/10511297001590780717?sqp=-oaymwEOCKwCEPoBIAFIZFABWAE&rs=AOga4qnmNOomuwVM0nfzNlMjsz2iLUh_Ag
216.58.211.6200 OK 48 kB URL HTTP/2 s0.2mdn.net/simgad/10511297001590780717?sqp=-oaymwEOCKwCEPoBIAFIZFABWAE&rs=AOga4qnmNOomuwVM0nfzNlMjsz2iLUh_Ag
IP 216.58.211.6:0
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 111e799829b334275d00631dd7e3e6be
2545ec845df8e4fefe2cd2d89997849dcfe03148
bf724e9715be10551c7c9d31cf824596d0122271df5a16f4c156da89ce153914
GET /simgad/10511297001590780717?sqp=-oaymwEOCKwCEPoBIAFIZFABWAE&rs=AOga4qnmNOomuwVM0nfzNlMjsz2iLUh_Ag HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 47925
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 21:33:00 GMT
expires: Fri, 08 Sep 2023 21:33:00 GMT
cache-control: public, max-age=31536000
age: 594949
last-modified: Thu, 16 Jun 2022 18:19:41 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=259&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40TauU2%26C%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40Tau2AADTauG%3A56%40%3EFD%3A4TauD%40F%3F54%3D%40F5Tau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1663267714349418&jsCallback=dvCallback_1663267714349806&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3068&tgjsver=3068&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=158&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&aucrtv=434279737&auorder=22886445&ausite=960091948452&auxch=1&aulitem=56868964&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=183585010.281597&dvp_tukv=1264693575606.6929&dvp_uuid=721980532014.549&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1581475829038
213.254.244.109200 OK 1.0 kB URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=259&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40TauU2%26C%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40Tau2AADTauG%3A56%40%3EFD%3A4TauD%40F%3F54%3D%40F5Tau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1663267714349418&jsCallback=dvCallback_1663267714349806&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3068&tgjsver=3068&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=158&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&aucrtv=434279737&auorder=22886445&ausite=960091948452&auxch=1&aulitem=56868964&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=183585010.281597&dvp_tukv=1264693575606.6929&dvp_uuid=721980532014.549&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1581475829038
IP 213.254.244.109:0
File type ASCII text, with very long lines (2179), with no line terminators
Hash ca3bde9ee732fb1bfaf25755a54a9ad9
50782f7f795ede39833f103b9d5da89f6b1377c5
bab8bb1543e425fc07049fbd6e3fcb9b2b55a9daf0df8bc09c5862b9515a0034
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=259&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40TauU2%26C%3Dl9EEADTbpTauTau2C%5D%3E%4055C%40%3A5%5D4%40Tau2AADTauG%3A56%40%3EFD%3A4TauD%40F%3F54%3D%40F5Tau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1663267714349418&jsCallback=dvCallback_1663267714349806&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3068&tgjsver=3068&lvvn=28&m1=13&refD=2&fcifrms=9&brh=1&sdf=2&dvp_epl=158&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ar.moddroid.co/apps/videomusic/soundcloud/&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0ioX2TWo_fWNddqJNXuXp9j&aucrtv=434279737&auorder=22886445&ausite=960091948452&auxch=1&aulitem=56868964&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=183585010.281597&dvp_tukv=1264693575606.6929&dvp_uuid=721980532014.549&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1581475829038 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 18:48:48 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 09/14/2022 18:48:49
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=84e31236b73b4674b674af6fe15b7c35&cbust=1663267714576420
23.38.201.200302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=84e31236b73b4674b674af6fe15b7c35&cbust=1663267714576420
IP 23.38.201.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=84e31236b73b4674b674af6fe15b7c35&cbust=1663267714576420 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=84e31236b73b4674b674af6fe15b7c35&akipv6=
Date: Thu, 15 Sep 2022 18:48:49 GMT
Connection: keep-alive
tpsc-frc.doubleverify.com/event.png?impid=84e31236b73b4674b674af6fe15b7c35&akipv6=
213.254.244.109204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=84e31236b73b4674b674af6fe15b7c35&akipv6=
IP 213.254.244.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=84e31236b73b4674b674af6fe15b7c35&akipv6= HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 15 Sep 2022 18:48:50 GMT
Cache-Control: max-age=0
Expires: 09/14/2022 18:48:50
Pragma: no-cache
rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=f09208f5347b4109b91c3518ea6aee61&dvpx_gfbc=1&cbust=1663267713823498&google_error=3
213.254.244.109204 No Content 0 B URL HTTP/1.1 rtbc-frc.doubleverify.com/bsevent.gif?flvr=0&impid=f09208f5347b4109b91c3518ea6aee61&dvpx_gfbc=1&cbust=1663267713823498&google_error=3
IP 213.254.244.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bsevent.gif?flvr=0&impid=f09208f5347b4109b91c3518ea6aee61&dvpx_gfbc=1&cbust=1663267713823498&google_error=3 HTTP/1.1
Host: rtbc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 15 Sep 2022 18:48:48 GMT
Cache-Control: max-age=0
Expires: 09/14/2022 18:48:50
Pragma: no-cache
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
142.250.74.34200 OK 5.6 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (7383), with no line terminators
Hash 42959d71d0e3050adcb64e8974160160
f612a44680203dce762386af6821e9d12f99afb6
b5f439425cab4e05d790f1be016398f5c5328b4e735a931fc465d7fa23187b5a
GET /getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 18:48:50 GMT
server: cafe
cache-control: private
content-length: 5628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpsc-frc.doubleverify.com/event.png?impid=84e31236b73b4674b674af6fe15b7c35&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1663267714577676&google_error=3
213.254.244.109204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=84e31236b73b4674b674af6fe15b7c35&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1663267714577676&google_error=3
IP 213.254.244.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=84e31236b73b4674b674af6fe15b7c35&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1663267714577676&google_error=3 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 15 Sep 2022 18:48:49 GMT
Cache-Control: max-age=0
Expires: 09/14/2022 18:48:50
Pragma: no-cache
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAze_34OIdYGiCRSno3RWmUmZVHnt4BtxacoMmoo-OA_Ubi3pm6x7TuocAGgIrQbQdWYIXmp0T3svkS8wuwNukzkLC0QchkcKKfzwnJJOYCJ3BeTbAny7c0-pNCUkKq0VCfdfxRek&sai=AMfl-YSyEHGDqXeK3pMJtMaxgB0M3XKFT9BwDPoV0B6ZgF3KAb78AM30lbXdEDKFrA_o3LQqJyxyPR6gRJoge_9OPHmmiduzv5WAVyZh8cPaZB63qP9ayzxacN9NBZHbrmc&sig=Cg0ArKJSzJAlQ5RFmCgzEAE&cid=CAASJ-RoB-e8j_Q6hnhNcci_b2TYnDmPYmioUBuvQWpSRU_6zpUfs4rMrg&id=lidar2&mcvt=1073&p=849,132,943,860&mtos=0,1073,1073,1073,1073&tos=0,1073,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=3194137279&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267713416&rpt=1067&isd=0&lsd=0&met=mue&wmsd=0
142.250.74.34200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAze_34OIdYGiCRSno3RWmUmZVHnt4BtxacoMmoo-OA_Ubi3pm6x7TuocAGgIrQbQdWYIXmp0T3svkS8wuwNukzkLC0QchkcKKfzwnJJOYCJ3BeTbAny7c0-pNCUkKq0VCfdfxRek&sai=AMfl-YSyEHGDqXeK3pMJtMaxgB0M3XKFT9BwDPoV0B6ZgF3KAb78AM30lbXdEDKFrA_o3LQqJyxyPR6gRJoge_9OPHmmiduzv5WAVyZh8cPaZB63qP9ayzxacN9NBZHbrmc&sig=Cg0ArKJSzJAlQ5RFmCgzEAE&cid=CAASJ-RoB-e8j_Q6hnhNcci_b2TYnDmPYmioUBuvQWpSRU_6zpUfs4rMrg&id=lidar2&mcvt=1073&p=849,132,943,860&mtos=0,1073,1073,1073,1073&tos=0,1073,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=3194137279&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267713416&rpt=1067&isd=0&lsd=0&met=mue&wmsd=0
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsvAze_34OIdYGiCRSno3RWmUmZVHnt4BtxacoMmoo-OA_Ubi3pm6x7TuocAGgIrQbQdWYIXmp0T3svkS8wuwNukzkLC0QchkcKKfzwnJJOYCJ3BeTbAny7c0-pNCUkKq0VCfdfxRek&sai=AMfl-YSyEHGDqXeK3pMJtMaxgB0M3XKFT9BwDPoV0B6ZgF3KAb78AM30lbXdEDKFrA_o3LQqJyxyPR6gRJoge_9OPHmmiduzv5WAVyZh8cPaZB63qP9ayzxacN9NBZHbrmc&sig=Cg0ArKJSzJAlQ5RFmCgzEAE&cid=CAASJ-RoB-e8j_Q6hnhNcci_b2TYnDmPYmioUBuvQWpSRU_6zpUfs4rMrg&id=lidar2&mcvt=1073&p=849,132,943,860&mtos=0,1073,1073,1073,1073&tos=0,1073,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=3194137279&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267713416&rpt=1067&isd=0&lsd=0&met=mue&wmsd=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Thu, 15 Sep 2022 18:48:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7zT1XuKCzYXel1l6zByS91S8nojHHyfDeKjCQPenZI9tgMxkTPyIDNx71oLw188B8PzPWUir8aky482bMEr4&sig=Cg0ArKJSzK2kXakU3S8lEAE&id=lidar2&mcvt=1077&p=0,0,90,728&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=456480826&rs=6&la=0&cr=0&vs=4&r=v&rst=1663267713416&rpt=1079&wmsd=0
142.250.74.34200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7zT1XuKCzYXel1l6zByS91S8nojHHyfDeKjCQPenZI9tgMxkTPyIDNx71oLw188B8PzPWUir8aky482bMEr4&sig=Cg0ArKJSzK2kXakU3S8lEAE&id=lidar2&mcvt=1077&p=0,0,90,728&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=456480826&rs=6&la=0&cr=0&vs=4&r=v&rst=1663267713416&rpt=1079&wmsd=0
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsu7zT1XuKCzYXel1l6zByS91S8nojHHyfDeKjCQPenZI9tgMxkTPyIDNx71oLw188B8PzPWUir8aky482bMEr4&sig=Cg0ArKJSzK2kXakU3S8lEAE&id=lidar2&mcvt=1077&p=0,0,90,728&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=456480826&rs=6&la=0&cr=0&vs=4&r=v&rst=1663267713416&rpt=1079&wmsd=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Thu, 15 Sep 2022 18:48:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaRdRO6gaJs_LPr6CFCwtEz52j96Gw560e6cD7utrjs32dhTeOnvjU7LTe5NLQJab9QDo2QBQaNMGJh0knQiVRT8piUCKgIUgmgEOt1DKBSxwC5ZtPXaPx0DHrKQ&sai=AMfl-YSWFlPrN1iuTyGXElFJLTWLs3Rlx0X6oBnCk7NL_rp_qTm-Pgy0_2Ee5trVNso0OXNgaIv-PrT-sScXZv_nEUl00ofXP_Zs_YkAo0VWbGL3iI0fSuhIzI0sORGf5PA&sig=Cg0ArKJSzDwG5lULHfP4EAE&cid=CAASJ-RoUMnQ1ZDw2cGlPNShmU7eog7s6-OVpIXAmUjqTQwjokWt3Nzc0w&id=lidar2&mcvt=1030&p=93,474,143,794&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3497377981&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267714000&rpt=757&isd=0&lsd=0&met=ie&wmsd=0
142.250.74.34200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaRdRO6gaJs_LPr6CFCwtEz52j96Gw560e6cD7utrjs32dhTeOnvjU7LTe5NLQJab9QDo2QBQaNMGJh0knQiVRT8piUCKgIUgmgEOt1DKBSxwC5ZtPXaPx0DHrKQ&sai=AMfl-YSWFlPrN1iuTyGXElFJLTWLs3Rlx0X6oBnCk7NL_rp_qTm-Pgy0_2Ee5trVNso0OXNgaIv-PrT-sScXZv_nEUl00ofXP_Zs_YkAo0VWbGL3iI0fSuhIzI0sORGf5PA&sig=Cg0ArKJSzDwG5lULHfP4EAE&cid=CAASJ-RoUMnQ1ZDw2cGlPNShmU7eog7s6-OVpIXAmUjqTQwjokWt3Nzc0w&id=lidar2&mcvt=1030&p=93,474,143,794&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3497377981&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267714000&rpt=757&isd=0&lsd=0&met=ie&wmsd=0
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsuaRdRO6gaJs_LPr6CFCwtEz52j96Gw560e6cD7utrjs32dhTeOnvjU7LTe5NLQJab9QDo2QBQaNMGJh0knQiVRT8piUCKgIUgmgEOt1DKBSxwC5ZtPXaPx0DHrKQ&sai=AMfl-YSWFlPrN1iuTyGXElFJLTWLs3Rlx0X6oBnCk7NL_rp_qTm-Pgy0_2Ee5trVNso0OXNgaIv-PrT-sScXZv_nEUl00ofXP_Zs_YkAo0VWbGL3iI0fSuhIzI0sORGf5PA&sig=Cg0ArKJSzDwG5lULHfP4EAE&cid=CAASJ-RoUMnQ1ZDw2cGlPNShmU7eog7s6-OVpIXAmUjqTQwjokWt3Nzc0w&id=lidar2&mcvt=1030&p=93,474,143,794&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3497377981&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267714000&rpt=757&isd=0&lsd=0&met=ie&wmsd=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Thu, 15 Sep 2022 18:48:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuv9Uv4xfU_lUXbE34FfdUubOMKgdR2RCwCvEChjqRGCDh6U-0RB33A9MgjPblzndVl7yWInEULExDkthXMbLPQewug0y7UYyDrwDMj2maTVuNNvCSEQyKUImTSuQ24ucHREHTSuPo&sai=AMfl-YTW3x3oQ_3z3JB95xEL2VcHaCJUR53k_ClwsN_7064adytzhplD7EDGfZBUtcCKNH-QS1MmE5f_8q8MEmJNEuSVwLuoAS_ih3lF6Zg6SVS27Iz5HJu19dANSAOt2A&sig=Cg0ArKJSzKeW50t7lJ_kEAE&cid=CAASJuRoIAAXteg5YfzmoTT7mM-q72hcGM7nso3xhUBtRXeTUA1hUfAY&id=lidar2&mcvt=1003&p=671,484,921,784&mtos=542,1003,1003,1003,1003&tos=542,461,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2226504710&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267714236&rpt=630&isd=0&lsd=0&met=ie&wmsd=0
142.250.74.34200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuv9Uv4xfU_lUXbE34FfdUubOMKgdR2RCwCvEChjqRGCDh6U-0RB33A9MgjPblzndVl7yWInEULExDkthXMbLPQewug0y7UYyDrwDMj2maTVuNNvCSEQyKUImTSuQ24ucHREHTSuPo&sai=AMfl-YTW3x3oQ_3z3JB95xEL2VcHaCJUR53k_ClwsN_7064adytzhplD7EDGfZBUtcCKNH-QS1MmE5f_8q8MEmJNEuSVwLuoAS_ih3lF6Zg6SVS27Iz5HJu19dANSAOt2A&sig=Cg0ArKJSzKeW50t7lJ_kEAE&cid=CAASJuRoIAAXteg5YfzmoTT7mM-q72hcGM7nso3xhUBtRXeTUA1hUfAY&id=lidar2&mcvt=1003&p=671,484,921,784&mtos=542,1003,1003,1003,1003&tos=542,461,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2226504710&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267714236&rpt=630&isd=0&lsd=0&met=ie&wmsd=0
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsuv9Uv4xfU_lUXbE34FfdUubOMKgdR2RCwCvEChjqRGCDh6U-0RB33A9MgjPblzndVl7yWInEULExDkthXMbLPQewug0y7UYyDrwDMj2maTVuNNvCSEQyKUImTSuQ24ucHREHTSuPo&sai=AMfl-YTW3x3oQ_3z3JB95xEL2VcHaCJUR53k_ClwsN_7064adytzhplD7EDGfZBUtcCKNH-QS1MmE5f_8q8MEmJNEuSVwLuoAS_ih3lF6Zg6SVS27Iz5HJu19dANSAOt2A&sig=Cg0ArKJSzKeW50t7lJ_kEAE&cid=CAASJuRoIAAXteg5YfzmoTT7mM-q72hcGM7nso3xhUBtRXeTUA1hUfAY&id=lidar2&mcvt=1003&p=671,484,921,784&mtos=542,1003,1003,1003,1003&tos=542,461,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2226504710&rs=4&la=0&cr=0&vs=4&r=v&rst=1663267714236&rpt=630&isd=0&lsd=0&met=ie&wmsd=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Thu, 15 Sep 2022 18:48:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
goomaphy.com/impression/IlBBVGLK6wtfWCCkAqlny1oie2yQzK-kSN2cOsvcjP-BuuFT4cGFwLHcAidKglSA4jCxxmt2ztpwx_axPlCLZ2SfVUEsaTjEfZOa_3T8qitziig71wPyLTg7qW2ZQw-tOoawftqiv-Bart04mFYOG9-u-Ei3MW-jp1BBOb0aP1J1YQvuWsFU8YfLM0aKTPx288bZ3b5gT2PdUqYfnh8DNhkt0aY7bM8Wt0qmKq0_S8CVdxDG5JIwnKMtMhR3bPj8eI4D6Djo2m99Fysa2ImXLytz90KPRH2FeBFz5R-rVtHK_beAb3ttAxhYUZkWPnOy4lWdmCOi8fEFxy99oQXvXQy9KdSjulmtqZ-0HwONGgvE79WsNeGfTk7DlXrAhYcmZXYyMqP0QI7qZTIC3AYxETVirc9GsTRqR4Me68S1zyY-tmuQFeOuCrj-cRug4naTdAAgKKRi4ur9he0kV4RvzNQTTauGUxyPyQ1vKbTUzJd5d1aww9lKtjRDZVikCDmCB8EIUxNFjEyiyWgAV1fipKKJhf49MfcPSP2BLVQZS86ztzsApLnOrk5fGudtrtS4aKjt7THEWoOxMcmMyQPCx2AowmsMYkRb?_z=5331011&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=8&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 goomaphy.com/impression/IlBBVGLK6wtfWCCkAqlny1oie2yQzK-kSN2cOsvcjP-BuuFT4cGFwLHcAidKglSA4jCxxmt2ztpwx_axPlCLZ2SfVUEsaTjEfZOa_3T8qitziig71wPyLTg7qW2ZQw-tOoawftqiv-Bart04mFYOG9-u-Ei3MW-jp1BBOb0aP1J1YQvuWsFU8YfLM0aKTPx288bZ3b5gT2PdUqYfnh8DNhkt0aY7bM8Wt0qmKq0_S8CVdxDG5JIwnKMtMhR3bPj8eI4D6Djo2m99Fysa2ImXLytz90KPRH2FeBFz5R-rVtHK_beAb3ttAxhYUZkWPnOy4lWdmCOi8fEFxy99oQXvXQy9KdSjulmtqZ-0HwONGgvE79WsNeGfTk7DlXrAhYcmZXYyMqP0QI7qZTIC3AYxETVirc9GsTRqR4Me68S1zyY-tmuQFeOuCrj-cRug4naTdAAgKKRi4ur9he0kV4RvzNQTTauGUxyPyQ1vKbTUzJd5d1aww9lKtjRDZVikCDmCB8EIUxNFjEyiyWgAV1fipKKJhf49MfcPSP2BLVQZS86ztzsApLnOrk5fGudtrtS4aKjt7THEWoOxMcmMyQPCx2AowmsMYkRb?_z=5331011&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=8&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/IlBBVGLK6wtfWCCkAqlny1oie2yQzK-kSN2cOsvcjP-BuuFT4cGFwLHcAidKglSA4jCxxmt2ztpwx_axPlCLZ2SfVUEsaTjEfZOa_3T8qitziig71wPyLTg7qW2ZQw-tOoawftqiv-Bart04mFYOG9-u-Ei3MW-jp1BBOb0aP1J1YQvuWsFU8YfLM0aKTPx288bZ3b5gT2PdUqYfnh8DNhkt0aY7bM8Wt0qmKq0_S8CVdxDG5JIwnKMtMhR3bPj8eI4D6Djo2m99Fysa2ImXLytz90KPRH2FeBFz5R-rVtHK_beAb3ttAxhYUZkWPnOy4lWdmCOi8fEFxy99oQXvXQy9KdSjulmtqZ-0HwONGgvE79WsNeGfTk7DlXrAhYcmZXYyMqP0QI7qZTIC3AYxETVirc9GsTRqR4Me68S1zyY-tmuQFeOuCrj-cRug4naTdAAgKKRi4ur9he0kV4RvzNQTTauGUxyPyQ1vKbTUzJd5d1aww9lKtjRDZVikCDmCB8EIUxNFjEyiyWgAV1fipKKJhf49MfcPSP2BLVQZS86ztzsApLnOrk5fGudtrtS4aKjt7THEWoOxMcmMyQPCx2AowmsMYkRb?_z=5331011&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=898&wfc=8&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Cookie: OAID=f6379fdabd544d37b655478471934836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:52 GMT
content-type: image/gif
content-length: 43
x-trace-id: 8deb1bab2640d7bf482054eb3bfac001
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type gzip compressed data, max compression\012- data
Hash 49dcb3f23a58f998f11d8c2ca1b90a68
0aee92fad52d2f03484a134901a90260af43e913
92223ea8fd1122967d4b3adaec6c401be4ab899e973ed13fb3fb90520cdefcfa
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 83684
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 83684
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 18:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpsc-frc.doubleverify.com/event.png?impid=84e31236b73b4674b674af6fe15b7c35&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=157&eoid=11&msrjs=3068&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=99&vltms=157&sei=145&vetms=70&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=23&isumms=22&nvr=6&isgmmims=23&isgmv4mims=23&elmtp=6&isbxdms=2314&b0=100&b11=2293&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2393&sftb=2393&msrdp=4&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1082&isuiabvms=1082&isgmpims=711&isgmv4dpims=1082&ispmxpms=1082&engalms=21&dvp_dpr=1&ttfurm=3243&cbust=1663267717577350
213.254.244.109204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=84e31236b73b4674b674af6fe15b7c35&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=157&eoid=11&msrjs=3068&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=99&vltms=157&sei=145&vetms=70&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=23&isumms=22&nvr=6&isgmmims=23&isgmv4mims=23&elmtp=6&isbxdms=2314&b0=100&b11=2293&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2393&sftb=2393&msrdp=4&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1082&isuiabvms=1082&isgmpims=711&isgmv4dpims=1082&ispmxpms=1082&engalms=21&dvp_dpr=1&ttfurm=3243&cbust=1663267717577350
IP 213.254.244.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=84e31236b73b4674b674af6fe15b7c35&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=157&eoid=11&msrjs=3068&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=99&vltms=157&sei=145&vetms=70&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=23&isumms=22&nvr=6&isgmmims=23&isgmv4mims=23&elmtp=6&isbxdms=2314&b0=100&b11=2293&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2393&sftb=2393&msrdp=4&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1082&isuiabvms=1082&isgmpims=711&isgmv4dpims=1082&ispmxpms=1082&engalms=21&dvp_dpr=1&ttfurm=3243&cbust=1663267717577350 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Thu, 15 Sep 2022 18:48:50 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 09/14/2022 18:48:53
Pragma: no-cache
my.rtmark.net/gid.js?pub=0&userId=7575fb17b8264f75aa442b341a1522d8&zoneId=5234444&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=7575fb17b8264f75aa442b341a1522d8&zoneId=5234444&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3b79aa9f34195a02060c099835214c5d
95577d637a0d8fe05277dcdb626ab621fff416de
865a0c3134e3a4c4bf83f0e18f6699eae1a0f35f625516c2e28b568f0149abdf
GET /gid.js?pub=0&userId=7575fb17b8264f75aa442b341a1522d8&zoneId=5234444&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ar.moddroid.co/
Origin: https://ar.moddroid.co
Connection: keep-alive
Cookie: ID=f6379fdabd544d37b655478471934836
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:53 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f6379fdabd544d37b655478471934836; expires=Fri, 15 Sep 2023 18:48:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ar.moddroid.co/
Content-Type: application/json
Origin: https://ar.moddroid.co
Content-Length: 400
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:53 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 97b0cdd3014dcb728cad6856c3af6676
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn.doubleverify.com/dv-measurements3068.js
23.38.201.200200 OK 0 B URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3068.js
IP 23.38.201.200:0
GET /dv-measurements3068.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b2fc7da55647efac20c30c982358a512.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 13 Sep 2022 16:36:13 GMT
Accept-Ranges: bytes
ETag: "807cceef8ec7d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 106967
Date: Thu, 15 Sep 2022 18:48:49 GMT
Connection: keep-alive
ar.moddroid.co/apps/videomusic/soundcloud
104.18.20.115301 Moved Permanently 0 B URL HTTP/2 ar.moddroid.co/apps/videomusic/soundcloud
IP 104.18.20.115:0
Analyzer Verdict Alert fortinet Malware
GET /apps/videomusic/soundcloud HTTP/1.1
Host: ar.moddroid.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 15 Sep 2022 18:48:45 GMT
content-type: text/html; charset=utf-8
location: /apps/videomusic/soundcloud/
vary: Accept, Accept-Encoding
x-powered-by: Express
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b389d09d74fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ar.moddroid.co/apps/videomusic/soundcloud/
104.18.20.115200 OK 0 B URL HTTP/2 ar.moddroid.co/apps/videomusic/soundcloud/
IP 104.18.20.115:0
Analyzer Verdict Alert fortinet Malware
GET /apps/videomusic/soundcloud/ HTTP/1.1
Host: ar.moddroid.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:45 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b389d22e7efac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.22.169200 OK 0 B IP 104.21.22.169:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 7130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LirErrt%2FbkwbGwT0rto4OQNtNrFag3%2BzBXmaV5IpfqHLMM7brLgBi1e8dQJkW3zdDoDcNm34CrdaayzIWEKZlXCR4WPyCnRZLwCLzPXVpzq9TmO6eaOWeXS0MGTcbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b389dd5f41fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
goomaphy.com/400/5331011
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5331011 HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: application/javascript
x-trace-id: 3e842ee2515add7072b9b307da03adc8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=e69205ba6dee4adcb951312f4f44a68d; expires=Fri, 15 Sep 2023 18:48:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
goomaphy.com/500/5331011?excludes=&oaid=f6379fdabd544d37b655478471934836&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 goomaphy.com/500/5331011?excludes=&oaid=f6379fdabd544d37b655478471934836&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5331011?excludes=&oaid=f6379fdabd544d37b655478471934836&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: goomaphy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://ar.moddroid.co/
Cookie: OAID=e69205ba6dee4adcb951312f4f44a68d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:47 GMT
content-type: application/javascript
x-trace-id: 6f8f73d0f1abe2dede78bff77a33b19a
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://ar.moddroid.co
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f6379fdabd544d37b655478471934836; expires=Fri, 15 Sep 2023 18:48:47 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
propu.sh/pfe/current/universal.min.js?v=3.1.393
139.45.197.250200 OK 0 B URL HTTP/2 propu.sh/pfe/current/universal.min.js?v=3.1.393
IP 139.45.197.250:0
Analyzer Verdict Alert fortinet Phishing
GET /pfe/current/universal.min.js?v=3.1.393 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ar.moddroid.co/
Origin: https://ar.moddroid.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 18:48:46 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 08:49:51 GMT
etag: W/"6320442f-204ff"
access-control-allow-origin: https://ar.moddroid.co
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/86638922?wmode=7&page-url=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2055%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1623260139296%3Ahid%3A319201215%3Az%3A0%3Ai%3A20220915184833%3Aet%3A1663267713%3Ac%3A1%3Arn%3A195310494%3Arqn%3A1%3Au%3A1663267713431785225%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663267709181%3Ads%3A0%2C0%2C327%2C5%2C612%2C0%2C%2C1227%2C4%2C%2C%2C%2C2211%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663267713%3At%3ASoundCloud%20v2022.09.09-release%20MOD%20APK%20(Premium%20Unlocked%2C%20AD-Free)%20Download%20for%20Android&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/86638922?wmode=7&page-url=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2055%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1623260139296%3Ahid%3A319201215%3Az%3A0%3Ai%3A20220915184833%3Aet%3A1663267713%3Ac%3A1%3Arn%3A195310494%3Arqn%3A1%3Au%3A1663267713431785225%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663267709181%3Ads%3A0%2C0%2C327%2C5%2C612%2C0%2C%2C1227%2C4%2C%2C%2C%2C2211%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663267713%3At%3ASoundCloud%20v2022.09.09-release%20MOD%20APK%20(Premium%20Unlocked%2C%20AD-Free)%20Download%20for%20Android&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
GET /watch/86638922?wmode=7&page-url=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2055%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1623260139296%3Ahid%3A319201215%3Az%3A0%3Ai%3A20220915184833%3Aet%3A1663267713%3Ac%3A1%3Arn%3A195310494%3Arqn%3A1%3Au%3A1663267713431785225%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663267709181%3Ads%3A0%2C0%2C327%2C5%2C612%2C0%2C%2C1227%2C4%2C%2C%2C%2C2211%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663267713%3At%3ASoundCloud%20v2022.09.09-release%20MOD%20APK%20(Premium%20Unlocked%2C%20AD-Free)%20Download%20for%20Android&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ar.moddroid.co
Connection: keep-alive
Referer: https://ar.moddroid.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/86638922/1?wmode=7&page-url=https%3A%2F%2Far.moddroid.co%2Fapps%2Fvideomusic%2Fsoundcloud%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2055%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1623260139296%3Ahid%3A319201215%3Az%3A0%3Ai%3A20220915184833%3Aet%3A1663267713%3Ac%3A1%3Arn%3A195310494%3Arqn%3A1%3Au%3A1663267713431785225%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663267709181%3Ads%3A0%2C0%2C327%2C5%2C612%2C0%2C%2C1227%2C4%2C%2C%2C%2C2211%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663267713%3At%3ASoundCloud%20v2022.09.09-release%20MOD%20APK%20%28Premium%20Unlocked%2C%20AD-Free%29%20Download%20for%20Android&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 15 Sep 2022 18:48:48 GMT
access-control-allow-origin: https://ar.moddroid.co
set-cookie: yandexuid=7633024111663267728; Expires=Fri, 15-Sep-2023 18:48:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7633024111663267728; Expires=Fri, 15-Sep-2023 18:48:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=520962261663267728; Path=/; SameSite=None; Secure
i=5S+oDQrVzyOuam+nhPCo0A49p/GZ28j0lNd3oIG1qPTd6cHpS74h0R7vIGTWK3XEiyhFO2OE8pCKMhO8TCJumbHH9JA=; Expires=Sun, 12-Sep-2032 18:48:45 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694803728.yrts.1663267728#1694803728.yrtsi.1663267728; Expires=Fri, 15-Sep-2023 18:48:48 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Sep-2022 18:48:48 GMT
last-modified: Thu, 15-Sep-2022 18:48:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2