r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b720c31d9c036cd2ef10e35fa29f5345
ac625d2e69284e5080bede4b37c31af62c26338b
323b76eceb5d3ad339a1c55bfa7eea4e39741258e08d5005b691f712a9e9c81c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12603
Expires: Sat, 05 Nov 2022 07:20:28 GMT
Date: Sat, 05 Nov 2022 03:50:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3912
Cache-Control: max-age=110752
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:25 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:36:17 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6238
Expires: Sat, 05 Nov 2022 05:34:23 GMT
Date: Sat, 05 Nov 2022 03:50:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7msppYyAzcArMTAnkJGnytS56BzEvnMi3Je0veNz3Ackt2sQISxfWpmhF6/B/rtDNGS2599794U=
x-amz-request-id: E8MVE59KPSJXPHPW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 03:47:02 GMT
age: 203
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
64.235.54.28301 Moved Permanently 162 B URL HTTP/1.1 www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
IP 64.235.54.28:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /roms/psp/grand_theft_auto_-_liberty_city_stories.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 05 Nov 2022 03:50:25 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.netsolssl.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 09b6b8a6cecc6cc1143e1db7dd5e3327
01b17811fdc21eb0b1cd4995c7f8c0ffcdcbecec
f8487f7d528278f52bf8759f5f79b76b4bd6f7bc58646df0382c7b1273660896
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 03:50:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 18:55:44 GMT
Expires: Wed, 09 Nov 2022 18:55:43 GMT
Etag: "01b17811fdc21eb0b1cd4995c7f8c0ffcdcbecec"
Cache-Control: max-age=399316,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7652a00cb8d2b509-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 42a0adacced30df52cf7cad3e200036d
f7b4114defc61f806dbb74fd228bca155d52362a
e4928481739a2a75dce86c03b355c6dff507426e8d851cba5ca8537b1be87c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5779
Cache-Control: max-age=107560
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:26 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 09:43:06 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cciDKVmNQmDjhcpMWqPXRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kZv3e7jbPVZPLHF+Ux+YJyGyMoM=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e5c8e23e2db4c93f118d2a3a198dddf9
eb848a5c44cca9bc73c093f1d4f20f7f5c86ea26
51fff402c4db9425eee4f3777134c4724107130ff324a0c8aeb93ef07e14b360
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160446
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:26 GMT
Etag: "6365ad40-117"
Expires: Mon, 07 Nov 2022 00:24:32 GMT
Last-Modified: Sat, 05 Nov 2022 00:24:32 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d65c94a3bfe8605059e5e626ea0fa57e
b0fbc3577331b82efc8e320095b8d8705a6360d3
0878edd256a972f526d7053cdebceb28241db5662cc7660a10f1b4c3430c43c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-FH0L8EV0R0
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-FH0L8EV0R0
IP 142.250.74.168:0
File type ASCII text, with very long lines (21373)
Hash bc32a272e821945a0c396c4d256d61d5
57e099943b29cd715c26790b7d81b960c03683b5
b6fe34cde57d55c2d191fe345f573205ce36d6bb3a08a80ddcd120d18b4040d0
GET /gtag/js?id=G-FH0L8EV0R0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 03:50:26 GMT
expires: Sat, 05 Nov 2022 03:50:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76544
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d65c94a3bfe8605059e5e626ea0fa57e
b0fbc3577331b82efc8e320095b8d8705a6360d3
0878edd256a972f526d7053cdebceb28241db5662cc7660a10f1b4c3430c43c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freeroms.com/js/front-script.js
64.235.54.28200 OK 295 B URL HTTP/2 www.freeroms.com/js/front-script.js
IP 64.235.54.28:0
Hash a174c795cabe8885e66e5dd9b4cfc1d8
eb1b7d6a2f298c3245b3b2d4f399a85b09e4797b
35484d5bbcbe3298d6c046bf77a34aa128a4311d7c82c5566a8f0dbfc53c409b
GET /js/front-script.js HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:26 GMT
content-type: application/javascript
content-length: 295
x-accel-version: 0.01
last-modified: Mon, 09 Jan 2017 06:39:35 GMT
etag: "223-545a3a17f17c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/logo.png
64.235.54.28200 OK 9.8 kB URL HTTP/2 www.freeroms.com/images/logo.png
IP 64.235.54.28:0
File type PNG image data, 215 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 14cd0a179797ca4b75eafccd97c8bb29
3b28b50481b500440e2d20df8acfba80d752a090
e94da94c103e98f78880e5458d6cd022cc20d1d6412b985ef8c0b3eeafd40f5c
GET /images/logo.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:26 GMT
content-type: image/png
content-length: 9831
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-2667"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8468c2d69095efa3d3afaf02256d942
804f15b874ac07f1a6b31216aeb2b8ae67ce4538
01d1cdaca84e4d765780cf6ce7330ebe20d6e2f7f280d6d9c0ed0aa48bea4560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01D1CDACA84E4D765780CF6CE7330EBE20D6E2F7F280D6D9C0ED0AA48BEA4560"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19784
Expires: Sat, 05 Nov 2022 09:20:11 GMT
Date: Sat, 05 Nov 2022 03:50:27 GMT
Connection: keep-alive
bindingguessingconfessed.com/c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js
173.233.137.36403 Forbidden 0 B URL HTTP/1.1 bindingguessingconfessed.com/c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js HTTP/1.1
Host: bindingguessingconfessed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 05 Nov 2022 03:50:27 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d620756d8f6b3c0984d7eebabc7b1519
b9318b3744bbdeea9320b0f26f9d4e767178a3b9
a5af87e13e8f105de1544f045cb3f13efe1ada1bbeac57092cf145e2641df600
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=137810
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:27 GMT
Etag: "636554d5-116"
Expires: Sun, 06 Nov 2022 18:07:17 GMT
Last-Modified: Fri, 04 Nov 2022 18:07:17 GMT
Server: nginx
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8729
Expires: Sat, 05 Nov 2022 06:15:56 GMT
Date: Sat, 05 Nov 2022 03:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8729
Expires: Sat, 05 Nov 2022 06:15:56 GMT
Date: Sat, 05 Nov 2022 03:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8729
Expires: Sat, 05 Nov 2022 06:15:56 GMT
Date: Sat, 05 Nov 2022 03:50:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f483454-b074-4576-b487-76a14ccb2059.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f483454-b074-4576-b487-76a14ccb2059.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd006407a4ea0fbeec2f1351a71f30bc
d1625420cdc79643e759247b0e9ac89dadfbe956
fd461665ee463fad26300630684a11e3c520485e3b001c2f08439d50589ddbb7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f483454-b074-4576-b487-76a14ccb2059.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10527
x-amzn-requestid: 1b709c25-8424-49d8-bc0e-dac3fbc154ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apNEzH5ZoAMFWdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359f551-3fb0703f27b571cf7f85e59e;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 03:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oydDPaJM_v--nPj7HwKXMRcNNlvrioVljAbFPCTZ6XRNrQS6pqKmNw==
via: 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 01:36:20 GMT
age: 8047
etag: "d1625420cdc79643e759247b0e9ac89dadfbe956"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 308da46611df43543d31ca502986bea2
0bf4de356c3a64785fe116161cb931b3b2476f5d
63996962e2763dcf2e0ae5e43aa12dfd8f8677082bb1cdf63528dfd00404f3e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f29b126-c6e5-4528-8307-e3c7fe12e225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7619
x-amzn-requestid: 67308248-e660-4294-aafe-5f178970f822
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHlcHHfIAMFyGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658622-5b1ee875554a05eb1e8a6f16;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _-RekVvWiPI4MHy0Up2j6D6a_NcPywYvDeydP3QlbCceU7NfWk00jQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:52:21 GMT
age: 21486
etag: "0bf4de356c3a64785fe116161cb931b3b2476f5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adshrink.it/adshytics.js?c=7615.970968867136
172.67.146.40200 OK 3.9 kB URL HTTP/2 adshrink.it/adshytics.js?c=7615.970968867136
IP 172.67.146.40:0
File type C++ source text\012- C source, ASCII text
Hash 66ea51a635f543e500a6fdfdd0c293aa
0bb6868885e6a0f1a2865ab627bcf7f5f18d3c8d
e4c34ff637e5397332bbeac1e813551f070817d507518f0fd7ba31879b785355
GET /adshytics.js?c=7615.970968867136 HTTP/1.1
Host: adshrink.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: application/javascript
content-length: 3857
last-modified: Wed, 26 Oct 2022 10:44:31 GMT
etag: "318c-5ebedb5ae1dbf-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 749701047
via: 1.1 webcache1 (Varnish/trunk)
cache-control: max-age=3600
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLHD4hGVT%2BkyOYAgCwYaPkCNtMlFimx4FpXl4c%2FI25316BriQsKj7O%2Fq25sDU8UyZ5nQ2eV3h1XY9BE6iBw5RyDES4en2gBuSvARKSyYRGZn8ula%2FQ9vxK8QBV2nRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7652a016dbd1b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9d0595-2606-4462-8dd8-11c0a267de65.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9d0595-2606-4462-8dd8-11c0a267de65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df11af332512d94d34a88a4671b2fbe1
0db58fda3dec787d0d979f8398d90b2b8d7e2c2f
7c561aed53b57db2039031c79453fc3f7cead944c60dd087487a9998c2df5a30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe9d0595-2606-4462-8dd8-11c0a267de65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4413
x-amzn-requestid: b6f0aa99-437e-4e3d-b300-0a0ab1563c42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHm_HhVIAMFdUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365862c-3eacf2f4114f5ae22a140480;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HkjdrVlGIvdxjRpvuAooiJjYBfUbjWaWdbTHmpBWRc-rGZjTCyt0sw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:12:00 GMT
age: 20307
etag: "0db58fda3dec787d0d979f8398d90b2b8d7e2c2f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 683264508686ad18ae519baac54d3b05
1897c9fcad301764736ab867491beb18526af153
e8beb5d336ca424e36725ab87b98b4dedcf32a5b01c43b9c06363a7be25522fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5754
x-amzn-requestid: df2c5b88-0444-44b1-81ef-04e565d25b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bAS--GiUoAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636331f9-0ec90f4d5f0c6fcf2d6e4a8b;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 03:14:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: D1Fxwhu3EVm8Rd_6URh3mRUlUK0xSgOuLCWdbnUy1bsmDjyG-K3Jmg==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 03:40:23 GMT
age: 604
etag: "1897c9fcad301764736ab867491beb18526af153"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bfe915-baee-403a-9240-12d17207ec94.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bfe915-baee-403a-9240-12d17207ec94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d12961439cd33c86c7b8041ed9d42321
ddb7b18fae0082ce22d8ffa537c7367e1da404a5
d2cc0f7735f04a07c681eb2eae7c52e9f4c75b6d475b3ad4de587899089850a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52bfe915-baee-403a-9240-12d17207ec94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4662
x-amzn-requestid: 32199e11-d856-4403-ad55-65076eac83ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: amd5UFJQIAMFf-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dd08-1761126e37ed504e46896b4d;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Nu2uC3we8aHv4ERvh7QcmiErm4Ax-NNmdWFovpdU9Or9DguzrIcn5g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 07:26:20 GMT
age: 73447
etag: "ddb7b18fae0082ce22d8ffa537c7367e1da404a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a3b1551512640bb8f5e7deb80c32272
75805b9f03aef14cfad025259936ae5f217d25ca
5baa90853202e78cf9b59e9ab597e16ccfbf143d7e124583e64dc1ad1ee2c2df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7783
x-amzn-requestid: ab7cc6ee-976d-41a4-b5da-0aefd5cb6246
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEJnzH15oAMFlwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bc98-68f910b60bd5ecaf2947c59a;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:17:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JnvKcym5f71Ra_ZHzkTXnU7Fa3D5zBFK9JFKXA_A3G98jN9r3Jikyw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 10:36:52 GMT
age: 62015
etag: "75805b9f03aef14cfad025259936ae5f217d25ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d620756d8f6b3c0984d7eebabc7b1519
b9318b3744bbdeea9320b0f26f9d4e767178a3b9
a5af87e13e8f105de1544f045cb3f13efe1ada1bbeac57092cf145e2641df600
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=137810
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:27 GMT
Etag: "636554d5-116"
Expires: Sun, 06 Nov 2022 18:07:17 GMT
Last-Modified: Fri, 04 Nov 2022 18:07:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/script.js/2.0.2/script.min.js
104.17.25.14200 OK 684 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/script.js/2.0.2/script.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (1233)
Hash 71e542f19c88c7035168c192f80ac5f9
fca7af2259b0c1d760f8081025936b28e4b8416e
8835322bb49ad057837ff076cf1baaae6e5ac71a6faf96b50555ddcc5de721d4
GET /ajax/libs/script.js/2.0.2/script.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 684
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fcb-594"
last-modified: Mon, 04 May 2020 16:16:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13068835
expires: Thu, 26 Oct 2023 03:50:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyj%2FUV7H6EvxZzBvqMDXw7wb4oiojYbkWzrV4chKq6go94PQIInPFLeEk50UkPIEYu%2B0NxaKtKgDv82qmAV%2BTIA%2BcoN%2BgSivNOLqBTjakqrUxVe69W7dvTJPyRVYUrLt1t88QHXX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7652a0175bb80b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
webjscontent.com/dl.min.js
104.26.10.220200 OK 8.3 kB URL HTTP/2 webjscontent.com/dl.min.js
IP 104.26.10.220:0
File type ASCII text, with very long lines (18369)
Hash e1f4bdcd7aff595379c94c4a4ccc9a5b
2711ff9b7728b019fabb07048655b8aa607538c2
74338b9aadc6a78495474b64382daae65b5fcf96043de4dbbe2c8a671a84ffcb
GET /dl.min.js HTTP/1.1
Host: webjscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOHbmU%2F5R5uNyBkudSrbcnjp4d7tmOYYeflbJ1di3qufbze3Rm4jaf6IqN%2FK7NESY96%2F%2BL3Ex2vrOeqWm4V1aldwK7SVFP5vt%2Fg8zVcuBNhXlbpaAkGz25wisyKEh1Tc00w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7652a011bea9b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_left.gif
64.235.54.28200 OK 3.0 kB URL HTTP/2 www.freeroms.com/images/circuit_left.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 12 x 320\012- data
Hash f84caa56ec89113941ed4823aecea88a
dd608663197ad5cf505e06c8a16fbd42f3001153
7925efc9e31cb712e156e1b0663846dea73debe1200b125ed73dfea95efc06f6
GET /images/circuit_left.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/gif
content-length: 3029
last-modified: Tue, 14 Jul 2015 01:10:52 GMT
etag: "55a4619c-bd5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/black.png
64.235.54.28200 OK 927 B URL HTTP/2 www.freeroms.com/images/black.png
IP 64.235.54.28:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f78a7c9048c4843d819c2ab39b33b6c
99e314e4b9325f41d0d42512cbf8a4a636871ac4
486e08b2d63e05464d757f1fbf3952a74bff6ff29f9ccace92c478fe8b4e4119
GET /images/black.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/png
content-length: 927
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "39f-51acb82299600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/nav-strip.png
64.235.54.28200 OK 1.1 kB URL HTTP/2 www.freeroms.com/images/nav-strip.png
IP 64.235.54.28:0
File type PNG image data, 7 x 56, 8-bit/color RGB, non-interlaced\012- data
Hash 92f72da7215127fddf06584d40f1f67c
506dec643852f00b64b0a247d5ff68b1c3fe5c7e
d61ce2fb10db1c5814deedb8c6ca63ee220abba2ba29359cd053e28e84f22172
GET /images/nav-strip.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/png
content-length: 1094
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-446"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
64.235.54.28200 OK 0 B URL HTTP/2 www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
IP 64.235.54.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /roms/psp/grand_theft_auto_-_liberty_city_stories.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: text/html
x-accel-version: 0.01
last-modified: Fri, 04 Nov 2022 23:02:00 GMT
etag: "29096-5ecad0fb4532e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/rom.png
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/rom.png
IP 64.235.54.28:0
File type PNG image data, 28 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 213bc22990ce0324b563a2714b22749d
514c1c91577fd3fa56b081a73b419015fcb2baf9
0465cb562ac7a714e9e90eb55764b1bc210b3378c5c01a465f8cdaa386f65349
GET /images/rom.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/png
content-length: 1365
last-modified: Tue, 14 Jul 2015 01:10:46 GMT
etag: "55a46196-555"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/border.png
64.235.54.28200 OK 938 B URL HTTP/2 www.freeroms.com/images/border.png
IP 64.235.54.28:0
File type PNG image data, 2 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash a4de791940d86ff21226a978b905950e
bba1cc2559c7b67cb577f48118604b169a212239
c1ff6bcf530cc998882a66b1a1dafcff6869533caf5a6fea4e137497f0555269
GET /images/border.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/png
content-length: 938
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "3aa-51acb82299600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/default-arr.png
64.235.54.28200 OK 978 B URL HTTP/2 www.freeroms.com/images/default-arr.png
IP 64.235.54.28:0
File type PNG image data, 3 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash 0edc018ca2c25a655a9eeed4b31eab51
dba5918c2b540f28d9365ad1db47d658c2dd8f66
d82b013cdd3a3efcde2e7403046e96555f5f7446efef3f2a6879af699f868218
GET /images/default-arr.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/png
content-length: 978
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "3d2-51acb829465c0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
64.235.54.28200 OK 87 kB URL HTTP/2 www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
IP 64.235.54.28:0
Hash 3cfcabe6d63ba7a3fdae03cc6606ec31
e71b4c0ca6d5f14c1027ae9bb09031d30bdc0cad
f6773402a747493f079872daf24fca1688ddaa03ec06b5269660cf593bef2249
GET /roms/psp/grand_theft_auto_-_liberty_city_stories.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:26 GMT
content-type: text/html
last-modified: Fri, 04 Nov 2022 23:02:00 GMT
etag: W/"636599e8-29096"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.freeroms.com/css/style.css
64.235.54.28200 OK 5.2 kB URL HTTP/2 www.freeroms.com/css/style.css
IP 64.235.54.28:0
Hash 4adf996380f312e7073fd8e69e4493bb
851733fb202a6f93b40e6cdd99a9ac4e4e428ec8
b6c95aad19cba9089b75a01f2cb32e86aa380f3585a6cb001a1efb9b5cf38ee4
GET /css/style.css HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:26 GMT
content-type: text/css
last-modified: Mon, 28 Mar 2022 13:57:56 GMT
etag: W/"6241bee4-6b2f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba8308c179143c8be2d6ad70822bd709
702ccd4989aec6f86f12a0aada2d9a3adbfc1f17
69cc30d3535008a63fd4ac7d651c69875fc982f8daa3e840444716228a98ac7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69CC30D3535008A63FD4AC7D651C69875FC982F8DAA3E840444716228A98AC7B"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6477
Expires: Sat, 05 Nov 2022 05:38:24 GMT
Date: Sat, 05 Nov 2022 03:50:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ba8308c179143c8be2d6ad70822bd709
702ccd4989aec6f86f12a0aada2d9a3adbfc1f17
69cc30d3535008a63fd4ac7d651c69875fc982f8daa3e840444716228a98ac7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69CC30D3535008A63FD4AC7D651C69875FC982F8DAA3E840444716228A98AC7B"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15025
Expires: Sat, 05 Nov 2022 08:00:52 GMT
Date: Sat, 05 Nov 2022 03:50:27 GMT
Connection: keep-alive
code.jquery.com/jquery-3.3.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:27 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667620227.dop221.sk1.t,1667620227.cds225.sk1.hn,1667620227.cds217.sk1.c
X-Firefox-Spdy: h2
dacmaiss.com/tag.min.js
139.45.197.237200 OK 23 kB IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ea188740f0270617889697edb78276bc
5080530e34a03009aaaa822eb55690d4ca9475ca
1a4089a19b833f5c690e5c2264b727b74b5e1df183c174cfa5e5a50e0bd555b1
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 23234
content-encoding: br
x-trace-id: 37c37cbd48925e54dc8ad133e973e992
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 03 Nov 2022 15:03:02 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
bindingguessingconfessed.com/ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json
173.233.137.36403 Forbidden 0 B URL HTTP/1.1 bindingguessingconfessed.com/ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json HTTP/1.1
Host: bindingguessingconfessed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 05 Nov 2022 03:50:27 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
www.freeroms.com/images/circuit_main_right.gif
64.235.54.28200 OK 1.8 kB URL HTTP/2 www.freeroms.com/images/circuit_main_right.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 12 x 415\012- data
Hash ca8a951bdcdf29ca49cf66f5e2a963d1
514cdcb098f3e0716f94c53a33cf2fc9f41d40bf
089c688ad07d47949987f81f182752199bb7329fd5d443fa084342f6f9dc2953
GET /images/circuit_main_right.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/gif
content-length: 1849
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "55a4619f-739"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/download-ar.png
64.235.54.28200 OK 1.1 kB URL HTTP/2 www.freeroms.com/images/download-ar.png
IP 64.235.54.28:0
File type PNG image data, 11 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f11769dabff5c8bab9b24e4aaf89b78
bbfa2c4db3bdc8efd7fd5f388e349d9de296f2df
4e4d8ee70a3d33d4d0d9e32dc90244f1b0f54b30f414e7a588adf9a7381e4c66
GET /images/download-ar.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/png
content-length: 1110
last-modified: Tue, 14 Jul 2015 01:10:56 GMT
etag: "55a461a0-456"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/cart.png
64.235.54.28200 OK 2.3 kB URL HTTP/2 www.freeroms.com/images/cart.png
IP 64.235.54.28:0
File type PNG image data, 30 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash ac6530f6d006d66152cd747ff83bd3c6
8c061d59551994caa61bb65e4bc640b6c6a2cf1c
53493e7170c444e398dea7abdcbfb0a842e9129bcbce4254c17ad3e3f6caa363
GET /images/cart.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/png
content-length: 2278
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "55a46198-8e6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_main_bottom.gif
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/circuit_main_bottom.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 334 x 40\012- data
Hash 660833b77d6e64a7347b2536658f65d4
7ef5949aa50558090c53c9084bf4e01c8984f5c7
280a43318bfd40a4cf90a00f47e944e7c6ae6221aaed1e7fe23a1b39b79c3635
GET /images/circuit_main_bottom.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: image/gif
content-length: 1352
last-modified: Tue, 14 Jul 2015 01:10:54 GMT
etag: "55a4619e-548"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
dacmaiss.com/5/2881944/?oo=1&aab=1
139.45.197.237200 OK 1.7 kB URL HTTP/2 dacmaiss.com/5/2881944/?oo=1&aab=1
IP 139.45.197.237:0
Hash 27fec65f991da5c3e35393d27a362951
49184d09ae2068f7d5cb69a285291e826f09c734
63812f0a6b0e4ba82d4fe14a3536f6eb2160b3a87d0c1a883e6719dd6a4e782e
Analyzer Verdict Alert quad9 Sinkholed
GET /5/2881944/?oo=1&aab=1 HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: application/json
x-trace-id: bde3a126aaf480056bf6cf62592ba986
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.freeroms.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0e320a727cf74b1d9c8836ef4f313ed9; expires=Sun, 05 Nov 2023 03:50:27 GMT; path=/; secure; SameSite=None
oaidts=1667620227; expires=Sun, 05 Nov 2023 03:50:27 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63534)
Hash 135de3a7690ccba03272944e141336a3
3b4856fdd53c5e8dba828d31418690424b6af0f9
a7a4d091d0316b9f84181fb908056c111c72adbb8ee245931c7c8efeaa82cd26
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adshrink.it
Connection: keep-alive
Referer: https://adshrink.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:27 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667620227.dop226.sk1.t,1667620227.cds225.sk1.hn,1667620227.cds217.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e74933b5633490b30b4d018f74901278
56eeb261b7e393da1e0b08f1b96ae8352917c0b9
88363724a2807dbab219e6efbb4b5daca1d67b96a7b6edf23779cd07d208f920
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88363724A2807DBAB219E6EFBB4B5DACA1D67B96A7B6EDF23779CD07D208F920"
Last-Modified: Fri, 04 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6935
Expires: Sat, 05 Nov 2022 05:46:03 GMT
Date: Sat, 05 Nov 2022 03:50:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff2d13196ddbb76c57deb27962ebb328
f91f4035040f4c2970ae5e739970f0096dc52aa4
3de96b715dba995dd48f48a0ca27b4f9b995a66a48d4579cda9bc35b659f9ddb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DE96B715DBA995DD48F48A0CA27B4F9B995A66A48D4579CDA9BC35B659F9DDB"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5688
Expires: Sat, 05 Nov 2022 05:25:16 GMT
Date: Sat, 05 Nov 2022 03:50:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d38d4c8dff0f4bf4bbbc09646e9a9646
c713ca7a9d8663288a4d855f29ce637d3356ec15
7593ae4f10bad5b4c61a28eeef4900d1a57f4574dcd2be3d20d3757d19e9c7eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6139
Cache-Control: max-age=105041
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:28 GMT
Etag: "6364bcda-117"
Expires: Sun, 06 Nov 2022 09:01:09 GMT
Last-Modified: Fri, 04 Nov 2022 07:18:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4410e0283900e769c122cfbcbdbed143
c5588f7f402a41c39405d7459367eadb893fafaf
c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 03:50:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT
Expires: Thu, 10 Nov 2022 18:25:19 GMT
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf"
Cache-Control: max-age=483890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7652a0194f0c0b4d-OSL
tzegilo.com/stattag.js
104.21.84.149200 OK 5.5 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (13017), with no line terminators
Hash d251c06400134fb74b9a8f4597ea939a
ac1e58e278c2048065b07cf3466067c18a1748e1
d4ac3ee0dd114540e459f611250f7adb1ed0f366ac647d2fdc25aac8d3c91488
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1671
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xv4nOFcYv4qbctf6qqC6ZBSdQdIG3yF7VSncSaXub9wlNdsz3Pd4hxPJOwBxbsXYHWLwCIrTn%2FDUd8kxvc87SV%2FDAzZp2rVa9sBr%2FcRXTHcQb0RW9VGtSTIj0zlB9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7652a01a6a6cb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 110cc794ade3fc44194ff1c220564253
a14b519a5be62f619da1f6f77c6f89df0a916f63
fb9677ab6e9b9d3179444308459122ec44e0bcd2dc55262f62f7c2bac9d5fa68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB9677AB6E9B9D3179444308459122EC44E0BCD2DC55262F62F7C2BAC9D5FA68"
Last-Modified: Thu, 03 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16361
Expires: Sat, 05 Nov 2022 08:23:09 GMT
Date: Sat, 05 Nov 2022 03:50:28 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=0e320a727cf74b1d9c8836ef4f313ed9
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=0e320a727cf74b1d9c8836ef4f313ed9
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ccc834c00b2a118bddffb93b8c55dbd2
f0b4e9abb15d3a989a336523e0b6eed7d8803531
a32ebb8fcdba7981cddbae74fdb5c31d36437fd1040d533f5239e16b245ca900
GET /gid.js?userId=0e320a727cf74b1d9c8836ef4f313ed9 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0e320a727cf74b1d9c8836ef4f313ed9; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56d2a2bb982501cb8e8ae673ef67050d
da40d1a0e95f4cd83020859bf8c580344d7baf31
ab8f96d5f8e67b5fe64119bd1dd529a450740d2a8b33259ade949a78e723a926
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB8F96D5F8E67B5FE64119BD1DD529A450740D2A8B33259ADE949A78E723A926"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11867
Expires: Sat, 05 Nov 2022 07:08:15 GMT
Date: Sat, 05 Nov 2022 03:50:28 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-FH0L8EV0R0>m=2oeb20&_p=881092774&cid=409699147.1667620226&ul=en-us&sr=1280x1024&_s=1&sid=1667620226&sct=1&seg=0&dl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&dt=Grand%20Theft%20Auto%20-%20Liberty%20City%20Stories%20ISO%20ROM%20Download%20for%20PSP&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FH0L8EV0R0>m=2oeb20&_p=881092774&cid=409699147.1667620226&ul=en-us&sr=1280x1024&_s=1&sid=1667620226&sct=1&seg=0&dl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&dt=Grand%20Theft%20Auto%20-%20Liberty%20City%20Stories%20ISO%20ROM%20Download%20for%20PSP&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FH0L8EV0R0>m=2oeb20&_p=881092774&cid=409699147.1667620226&ul=en-us&sr=1280x1024&_s=1&sid=1667620226&sct=1&seg=0&dl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&dt=Grand%20Theft%20Auto%20-%20Liberty%20City%20Stories%20ISO%20ROM%20Download%20for%20PSP&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.freeroms.com
date: Sat, 05 Nov 2022 03:50:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 135482de9775c80b90b27552b7dc9f64
5e85ae035ac3e610a99e324ab1de0264241468e5
bd84c6a8271d7d9f21788b888e4078f743866d4ef03a3672495ad7fea1380b63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD84C6A8271D7D9F21788B888E4078F743866D4EF03A3672495AD7FEA1380B63"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14517
Expires: Sat, 05 Nov 2022 07:52:25 GMT
Date: Sat, 05 Nov 2022 03:50:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c80d9edb5cf9ebea3ea222819f07a9f
adafb48b4b3a37ecaedc49025ff01df7bb328de2
15440b9c6f2d4a7822602e0b9aa320d2416a43313e948b7118e27bd041b6c664
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15440B9C6F2D4A7822602E0B9AA320D2416A43313E948B7118E27BD041B6C664"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17461
Expires: Sat, 05 Nov 2022 08:41:29 GMT
Date: Sat, 05 Nov 2022 03:50:28 GMT
Connection: keep-alive
upgulpinon.com/1?z=5030886
139.45.197.242200 OK 4.0 kB URL HTTP/2 upgulpinon.com/1?z=5030886
IP 139.45.197.242:0
Hash a6e9f1ba538bbc852e1bdcccd198e157
f152ed8ae513ece2e21e9ae5f5b6b2d825de8cbf
00feba460ed14fd67188d29c994e7d63e8eb53e7081451ffe52febbdbfb22e94
Analyzer Verdict Alert fortinet Malware
GET /1?z=5030886 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f9cb7fdba05914536d5b6ca0da539f38
access-control-expose-headers: X-Sc
x-sc: udPAC63o9dmeuaER9mDlNmlJ-fbMJiExTBsTcthu_dcHQAsmWFyXdHlP1luFd9Kbh6B84uV7jrUHirOVEOsyyhj4UuE=
set-cookie: scm=1; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
OAID=58ced73b03534f5b9823877bd76eafa9; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
oaidts=1667620228; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/27/b10314e887d309db18535b2593bd9514
139.45.197.242200 OK 123 kB URL HTTP/2 nanouwho.com/27/b10314e887d309db18535b2593bd9514
IP 139.45.197.242:0
Size 123 kB (122918 bytes)
Hash b80618961c8d0fb10e5ca04bb3618fbc
2382cd8733ecd14df5586feb2d15ba1107577fb1
65082bf9d92c16b8bf3721a4780cfdad9e91b45e7c18f5006b356331778a8adf
Analyzer Verdict Alert quad9 Sinkholed
GET /27/b10314e887d309db18535b2593bd9514 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=a3772840f9ec40b5bff31f8e20a7f0ec; oaidts=1667620228
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 20 Oct 2022 04:50:21 GMT
expires: Thu, 19 Nov 2082 04:50:21 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
mightylottrembling.com/pixel/pure
173.233.137.36204 No Content 0 B URL HTTP/1.1 mightylottrembling.com/pixel/pure
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /pixel/pure HTTP/1.1
Host: mightylottrembling.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sat, 05 Nov 2022 03:50:28 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
nanouwho.com/9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=0e320a727cf74b1d9c8836ef4f313ed9
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=0e320a727cf74b1d9c8836ef4f313ed9
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=0e320a727cf74b1d9c8836ef4f313ed9 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
upgulpinon.com/27/b10314e887d309db18535b2593bd9514
139.45.197.242200 OK 123 kB URL HTTP/2 upgulpinon.com/27/b10314e887d309db18535b2593bd9514
IP 139.45.197.242:0
File type ASCII text, with very long lines (65523)
Size 123 kB (122906 bytes)
Hash 28daa34464af040b0ba2945cb5ca0713
8563fabdb2378fe55e0a3e3a591999e2cc67e0d4
92f2f67e0c9d0f5642c5eab0db20f372b6a3201fcc949add5dfecf6a15fe2206
Analyzer Verdict Alert fortinet Malware
GET /27/b10314e887d309db18535b2593bd9514 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=58ced73b03534f5b9823877bd76eafa9; oaidts=1667620228
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 20 Oct 2022 04:50:21 GMT
expires: Thu, 19 Nov 2082 04:50:21 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
clenchedyouthmatching.com/advertisers.js
142.0.197.108200 OK 0 B URL HTTP/1.1 clenchedyouthmatching.com/advertisers.js
IP 142.0.197.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /advertisers.js HTTP/1.1
Host: clenchedyouthmatching.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 05 Nov 2022 03:50:28 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
dacmaiss.com/?rb=ndwgoF6QE0I2OqD1M6P4kPrJ544jkW1GkYjgLxpxJ693rcyQZaGvugBN3jkt6PB63fLeYKPuLljB5lXwxS83gVJ8NpESzERR5TA3Fut5vhS3_2NtBbp0wu3YTZ9kt0QKjwG61GTiBe2fNfQYfdWQau6LzexVpONXQM0U5jgN6xtKwrMMKgz_iTXKGPRSPo17inWsL7prT_TURsvS_vst03_uf8SPaDFx9JDf5HSxb-A%3D&request_ab2=0&zoneid=2881944&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=640cac25-20f4-4cfd-b71a-bb7ecf4dbe79&userId=0e320a727cf74b1d9c8836ef4f313ed9&m=link
139.45.197.237200 OK 4.6 kB URL HTTP/2 dacmaiss.com/?rb=ndwgoF6QE0I2OqD1M6P4kPrJ544jkW1GkYjgLxpxJ693rcyQZaGvugBN3jkt6PB63fLeYKPuLljB5lXwxS83gVJ8NpESzERR5TA3Fut5vhS3_2NtBbp0wu3YTZ9kt0QKjwG61GTiBe2fNfQYfdWQau6LzexVpONXQM0U5jgN6xtKwrMMKgz_iTXKGPRSPo17inWsL7prT_TURsvS_vst03_uf8SPaDFx9JDf5HSxb-A%3D&request_ab2=0&zoneid=2881944&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=640cac25-20f4-4cfd-b71a-bb7ecf4dbe79&userId=0e320a727cf74b1d9c8836ef4f313ed9&m=link
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with very long lines (8938), with no line terminators
Hash 08ab59dd9916d1a23ac8a9b947e6496e
ffba0e84bded4e8a925c09ca8053b7ccdd117b82
f6fd6a0d9bda0a96152864e1b3dd756a3fcdf79be217203c649be68c39c9d5e0
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=ndwgoF6QE0I2OqD1M6P4kPrJ544jkW1GkYjgLxpxJ693rcyQZaGvugBN3jkt6PB63fLeYKPuLljB5lXwxS83gVJ8NpESzERR5TA3Fut5vhS3_2NtBbp0wu3YTZ9kt0QKjwG61GTiBe2fNfQYfdWQau6LzexVpONXQM0U5jgN6xtKwrMMKgz_iTXKGPRSPo17inWsL7prT_TURsvS_vst03_uf8SPaDFx9JDf5HSxb-A%3D&request_ab2=0&zoneid=2881944&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=640cac25-20f4-4cfd-b71a-bb7ecf4dbe79&userId=0e320a727cf74b1d9c8836ef4f313ed9&m=link HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Cookie: OAID=0e320a727cf74b1d9c8836ef4f313ed9; oaidts=1667620227
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: application/json
x-trace-id: d494adbc7afdc8d2c7b681d27e97345d
access-control-allow-origin: https://www.freeroms.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0e320a727cf74b1d9c8836ef4f313ed9; expires=Sun, 05 Nov 2023 03:50:28 GMT; path=/; secure; SameSite=None
oaidts=1667620228; expires=Sun, 05 Nov 2023 03:50:28 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 12 Nov 2022 03:50:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/3601099?excludes=&oaid=0e320a727cf74b1d9c8836ef4f313ed9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/3601099?excludes=&oaid=0e320a727cf74b1d9c8836ef4f313ed9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/3601099?excludes=&oaid=0e320a727cf74b1d9c8836ef4f313ed9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=2731850841&z=3056520&b=15499046&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=EY41nh0k8AW9r9w_IdlOtmoY0Iqtg3AZ0rS80iN63Zm19HNhN-b75jeaFkZ6yOEpZek1rI0kpSDKgO9GC4-yuFs0-T7A5f5zL0CKS5xxRc3kq1GqhlwhXQxZQ_JAPZbLuBlloZz7kwYgNMqNNnEWJ7bR5jNYmTEt-brkV9BAmfR8S5QVlGPEcBkxfBOOJdozBbyYuHOFuWzG2ZGhsQdcXQqVcKDBZ-dN_1AaLYSjJukt-RVlpBHtAT4vAdzbynPYX40R8a3b5dpv3XkzNZoX3exY7AJqSFxrLA3bpMpffW9c5gSnhAmySqFXxHK9iTxwbqhYGXGsIpPst6Y7qMRXmk5jaiusZB7epiClta8DNj1eb9olD8cxnPhXJn0QUWgbt9aVZgV4wi8g1AsOPzlAoW79s91QzTG5XciQ9pmTFJC72qIIIVfnwqlRxL-Ng_uD_qR2CfSTIk3h11BzOX-guIkms1KXlV9CSbyZ6h2JWBmUpKYFLnm3G0CRcesvZ6NvfxhVWPQKcUnSTlqK36lQfOZmXWBYTLd1RPUHP4l5eeatkKyDpHDwoGCurlgbSo0eD0E9QRx1PZPBvHszeEOp77V6F7z-i6rH72TChAv5lEO8F9A9H28u1qK_MrKV689o1HZ19EdBh1ijJa5p&ruid=360ffc8c-6da0-462a-b35a-620d866d7048&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=159
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=2731850841&z=3056520&b=15499046&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=EY41nh0k8AW9r9w_IdlOtmoY0Iqtg3AZ0rS80iN63Zm19HNhN-b75jeaFkZ6yOEpZek1rI0kpSDKgO9GC4-yuFs0-T7A5f5zL0CKS5xxRc3kq1GqhlwhXQxZQ_JAPZbLuBlloZz7kwYgNMqNNnEWJ7bR5jNYmTEt-brkV9BAmfR8S5QVlGPEcBkxfBOOJdozBbyYuHOFuWzG2ZGhsQdcXQqVcKDBZ-dN_1AaLYSjJukt-RVlpBHtAT4vAdzbynPYX40R8a3b5dpv3XkzNZoX3exY7AJqSFxrLA3bpMpffW9c5gSnhAmySqFXxHK9iTxwbqhYGXGsIpPst6Y7qMRXmk5jaiusZB7epiClta8DNj1eb9olD8cxnPhXJn0QUWgbt9aVZgV4wi8g1AsOPzlAoW79s91QzTG5XciQ9pmTFJC72qIIIVfnwqlRxL-Ng_uD_qR2CfSTIk3h11BzOX-guIkms1KXlV9CSbyZ6h2JWBmUpKYFLnm3G0CRcesvZ6NvfxhVWPQKcUnSTlqK36lQfOZmXWBYTLd1RPUHP4l5eeatkKyDpHDwoGCurlgbSo0eD0E9QRx1PZPBvHszeEOp77V6F7z-i6rH72TChAv5lEO8F9A9H28u1qK_MrKV689o1HZ19EdBh1ijJa5p&ruid=360ffc8c-6da0-462a-b35a-620d866d7048&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=159
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=2731850841&z=3056520&b=15499046&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=EY41nh0k8AW9r9w_IdlOtmoY0Iqtg3AZ0rS80iN63Zm19HNhN-b75jeaFkZ6yOEpZek1rI0kpSDKgO9GC4-yuFs0-T7A5f5zL0CKS5xxRc3kq1GqhlwhXQxZQ_JAPZbLuBlloZz7kwYgNMqNNnEWJ7bR5jNYmTEt-brkV9BAmfR8S5QVlGPEcBkxfBOOJdozBbyYuHOFuWzG2ZGhsQdcXQqVcKDBZ-dN_1AaLYSjJukt-RVlpBHtAT4vAdzbynPYX40R8a3b5dpv3XkzNZoX3exY7AJqSFxrLA3bpMpffW9c5gSnhAmySqFXxHK9iTxwbqhYGXGsIpPst6Y7qMRXmk5jaiusZB7epiClta8DNj1eb9olD8cxnPhXJn0QUWgbt9aVZgV4wi8g1AsOPzlAoW79s91QzTG5XciQ9pmTFJC72qIIIVfnwqlRxL-Ng_uD_qR2CfSTIk3h11BzOX-guIkms1KXlV9CSbyZ6h2JWBmUpKYFLnm3G0CRcesvZ6NvfxhVWPQKcUnSTlqK36lQfOZmXWBYTLd1RPUHP4l5eeatkKyDpHDwoGCurlgbSo0eD0E9QRx1PZPBvHszeEOp77V6F7z-i6rH72TChAv5lEO8F9A9H28u1qK_MrKV689o1HZ19EdBh1ijJa5p&ruid=360ffc8c-6da0-462a-b35a-620d866d7048&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=159 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=0e320a727cf74b1d9c8836ef4f313ed9; oaidts=1667620228
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2a95e975bd89c99219187e996b546e51
access-control-expose-headers: X-Sc
set-cookie: OAID=0e320a727cf74b1d9c8836ef4f313ed9; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
oaidts=1667620228; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7b3f633ef7f3099d1b66a06145b0f89
d9f18795a7c0e58495151642ad76d3b6dd24d1fb
0df7ee590b103e44dd51fec7a7c62ea335a845e950dd113435df774004025fac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DF7EE590B103E44DD51FEC7A7C62EA335A845E950DD113435DF774004025FAC"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=469
Expires: Sat, 05 Nov 2022 03:58:17 GMT
Date: Sat, 05 Nov 2022 03:50:28 GMT
Connection: keep-alive
betotodilea.com/500/3601099?excludes=&oaid=0e320a727cf74b1d9c8836ef4f313ed9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 2.9 kB URL HTTP/2 betotodilea.com/500/3601099?excludes=&oaid=0e320a727cf74b1d9c8836ef4f313ed9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2417)
Hash d99e20efd92c6ebf8e7fc48345fe95a3
505b1e21cfe25ce06cee9bb3a78b16b8205543ca
8012630de8efeb361b65143cc6c55af36896c7901adef6af849476c26c9f7385
Analyzer Verdict Alert quad9 Sinkholed
GET /500/3601099?excludes=&oaid=0e320a727cf74b1d9c8836ef4f313ed9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: OAID=3a57b3d76c0448aeb28be28b46dbfd75
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: application/javascript
x-trace-id: 5f00c78f64e2412e68fa632a9da745d9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.freeroms.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=0e320a727cf74b1d9c8836ef4f313ed9; expires=Sun, 05 Nov 2023 03:50:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b3f8417b7457d0ecc5fbfe29b7a94702
1456a274619bf3e8b11c7331c0a2f610bc8ab242
4a43b09bc9f2ea86707168c8d95283272298eba15b908c345c60e75094c68a0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3339
Cache-Control: max-age=162725
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:28 GMT
Etag: "6365a91e-117"
Expires: Mon, 07 Nov 2022 01:02:33 GMT
Last-Modified: Sat, 05 Nov 2022 00:06:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/d995b3e4c37b07be75218a653fa1110a.jpeg
104.22.33.172200 OK 12 kB URL HTTP/2 offerimage.com/www/images/d995b3e4c37b07be75218a653fa1110a.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash d995b3e4c37b07be75218a653fa1110a
f65205d0ee64ca84506c9571c7f622cc9007c05d
f457644cc2d00bb9eaa0e56c33fc42a8d7fba1fcd263d9fdc33d02284b50967b
GET /www/images/d995b3e4c37b07be75218a653fa1110a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: image/jpeg
content-length: 12425
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6358a071-3089"
expires: Sat, 05 Nov 2022 05:47:44 GMT
last-modified: Wed, 26 Oct 2022 02:50:25 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 79364
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7652a01e48d909a8-ARN
X-Firefox-Spdy: h2
www.freeroms.com/favicon.ico
64.235.54.28200 OK 1.2 kB URL HTTP/2 www.freeroms.com/favicon.ico
IP 64.235.54.28:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 66ccc38a036f42cb9555a65a8f0dd96d
de96c7f3b02ca03d5ab9dd57e7249e3af0a7469f
554982b40d0c899885675b5eb48e7d32b1068623e99c6d361f190427de2387f0
GET /favicon.ico HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
Cookie: _ga_FH0L8EV0R0=GS1.1.1667620226.1.0.1667620226.0.0.0; _ga=GA1.1.409699147.1667620226; ppu_main_ea2d5d802b867cf417198fc84113161f=1; prefetchAd_2881944=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Thu, 18 Dec 2014 11:03:18 GMT
etag: "5492b476-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 112c3dfddd8ed235a7fe4ba25eb5c9eb
f3a425001b34f63633ae8d50d46b02900e5ccf72
169033c87e8a5daca30cdbc9661cbfbacb2ce8bf10c2e71ce85dc13ede49236a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5689
Cache-Control: max-age=139871
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 03:50:28 GMT
Etag: "636546aa-1d7"
Expires: Sun, 06 Nov 2022 18:41:39 GMT
Last-Modified: Fri, 04 Nov 2022 17:06:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
interstitial-07.com/contents/s/ad/7e/e4/f62d273775e4bcd573935273a6/01343090968247.jpeg
139.45.197.153200 OK 19 kB URL HTTP/2 interstitial-07.com/contents/s/ad/7e/e4/f62d273775e4bcd573935273a6/01343090968247.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash ad7ee4f62d273775e4bcd573935273a6
f8109f52540622b5180a4dabc15dc6dacd6e5b5f
f877f3e4a727e4ccb1705bc86263ce98917d2a588d307bb466f3734eebc4c501
GET /contents/s/ad/7e/e4/f62d273775e4bcd573935273a6/01343090968247.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=v1yrnJhQ6qfNcf3&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D615179896%26z%3D3056520%26b%3D15499046%26c%3D6245787%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D726%2526key%253D90c41c1505c68f3e631c7705528eb75b%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DEY41nh0k8AW9r9w_IdlOtmoY0Iqtg3AZ0rS80iN63Zm19HNhN-b75jeaFkZ6yOEpZek1rI0kpSDKgO9GC4-yuFs0-T7A5f5zL0CKS5xxRc3kq1GqhlwhXQxZQ_JAPZbLuBlloZz7kwYgNMqNNnEWJ7bR5jNYmTEt-brkV9BAmfR8S5QVlGPEcBkxfBOOJdozBbyYuHOFuWzG2ZGhsQdcXQqVcKDBZ-dN_1AaLYSjJukt-RVlpBHtAT4vAdzbynPYX40R8a3b5dpv3XkzNZoX3exY7AJqSFxrLA3bpMpffW9c5gSnhAmySqFXxHK9iTxwbqhYGXGsIpPst6Y7qMRXmk5jaiusZB7epiClta8DNj1eb9olD8cxnPhXJn0QUWgbt9aVZgV4wi8g1AsOPzlAoW79s91QzTG5XciQ9pmTFJC72qIIIVfnwqlRxL-Ng_uD_qR2CfSTIk3h11BzOX-guIkms1KXlV9CSbyZ6h2JWBmUpKYFLnm3G0CRcesvZ6NvfxhVWPQKcUnSTlqK36lQfOZmXWBYTLd1RPUHP4l5eeatkKyDpHDwoGCurlgbSo0eD0E9QRx1PZPBvHszeEOp77V6F7z-i6rH72TChAv5lEO8F9A9H28u1qK_MrKV689o1HZ19EdBh1ijJa5p%26bag%3Dk61ASqzarAVbT7gseeGtWw%3D%3D%26ruid%3D360ffc8c-6da0-462a-b35a-620d866d7048%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fpsp%252Fgrand_theft_auto_-_liberty_city_stories.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: image/jpeg
content-length: 18607
last-modified: Thu, 03 Nov 2022 08:12:18 GMT
etag: "636377e2-48af"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/d5/c3/34/2af194f41dce9d2a2f89ab1aaa/01586151085286.jpeg
139.45.197.153200 OK 30 kB URL HTTP/2 interstitial-07.com/contents/s/d5/c3/34/2af194f41dce9d2a2f89ab1aaa/01586151085286.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash d5c3342af194f41dce9d2a2f89ab1aaa
5cdc94022b482c62616e366a545a02bf45201f39
b745e23ca978940320070018b804c5909951d5fbf45a9fcb7dd2f770d842443c
GET /contents/s/d5/c3/34/2af194f41dce9d2a2f89ab1aaa/01586151085286.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=v1yrnJhQ6qfNcf3&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D615179896%26z%3D3056520%26b%3D15499046%26c%3D6245787%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D726%2526key%253D90c41c1505c68f3e631c7705528eb75b%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DEY41nh0k8AW9r9w_IdlOtmoY0Iqtg3AZ0rS80iN63Zm19HNhN-b75jeaFkZ6yOEpZek1rI0kpSDKgO9GC4-yuFs0-T7A5f5zL0CKS5xxRc3kq1GqhlwhXQxZQ_JAPZbLuBlloZz7kwYgNMqNNnEWJ7bR5jNYmTEt-brkV9BAmfR8S5QVlGPEcBkxfBOOJdozBbyYuHOFuWzG2ZGhsQdcXQqVcKDBZ-dN_1AaLYSjJukt-RVlpBHtAT4vAdzbynPYX40R8a3b5dpv3XkzNZoX3exY7AJqSFxrLA3bpMpffW9c5gSnhAmySqFXxHK9iTxwbqhYGXGsIpPst6Y7qMRXmk5jaiusZB7epiClta8DNj1eb9olD8cxnPhXJn0QUWgbt9aVZgV4wi8g1AsOPzlAoW79s91QzTG5XciQ9pmTFJC72qIIIVfnwqlRxL-Ng_uD_qR2CfSTIk3h11BzOX-guIkms1KXlV9CSbyZ6h2JWBmUpKYFLnm3G0CRcesvZ6NvfxhVWPQKcUnSTlqK36lQfOZmXWBYTLd1RPUHP4l5eeatkKyDpHDwoGCurlgbSo0eD0E9QRx1PZPBvHszeEOp77V6F7z-i6rH72TChAv5lEO8F9A9H28u1qK_MrKV689o1HZ19EdBh1ijJa5p%26bag%3Dk61ASqzarAVbT7gseeGtWw%3D%3D%26ruid%3D360ffc8c-6da0-462a-b35a-620d866d7048%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fpsp%252Fgrand_theft_auto_-_liberty_city_stories.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: image/jpeg
content-length: 30067
last-modified: Thu, 03 Nov 2022 08:12:13 GMT
etag: "636377dd-7573"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg
139.45.197.153200 OK 9.3 kB URL HTTP/2 interstitial-07.com/contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 45adfc5dac387ae41ca4a0c1b6a9ac37
d972ecfcf25c8d8c697beac01a3fa85635e564f5
a653f78b2f5c5f1dd923fb9291bb67832dad4014266ef34b6bff707a381b1bda
GET /contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=9vCbMDqanSMci0N&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2169798048%26z%3D5030886%26b%3D15446387%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DgwOqhJxkfcqtBQb8nOpnksd_GinqeXStCe-6hYyzTpZ72m7-JprxVtBCdRzjCX6VZmDj-0eISHUiQMvsF1yZMCMIlBRYy-fLLvjXrRNVYFXRH7IbpsQt8MIm7WvjzosZCA3mqDUCeDBiAh_u5SRfavtprA0F9d40dAUSL9QzZofbd0Uv2T3OS39VquXdyU6ShSuU2VicuQvGM-qSmedDPSfJ7VO4L1q8HCqKj33Cnp_jEgwO0IXIb8HlWH001Ws9IzEgX6a-0WSkbUeLDht-xakjWkA1YwzKt1E9kp7lViPV1N87IzAyCHxCCUTKfKJZbx2LVnTwfU-bTV_14SZWSlvm5siLQwtBF3QwvhawyXKMSVLwHUkNG497Lo1wzhDlYrN3LCVVabgqVeAV4rp2yyDsli-J_RTRp73sVNtKOzj3nb3RnLodTx38S38qa33VemjU9CUEvIpY06n-0EmGono0-bDnht3m22dCkwNzjjq-o-EYkffOohQU8WSOS64xFciM21Qs6Wro55RLVhAgJ9s4TeW8-T9ZBPSXtiLZyVPgsIA1TTWQSNCUmbjC0E2daxuiHuTOW976SpHp9PIZpFAsB_yht4Egcjd7-hGRGmAiBNaJcFUpGkEBW6-2smWP9HEQ-0defz7f5_k0%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3D5ad2fdb9-7f84-4c50-82ce-52e1a0d6bf5a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fpsp%252Fgrand_theft_auto_-_liberty_city_stories.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:29 GMT
content-type: image/jpeg
content-length: 9271
last-modified: Thu, 20 Oct 2022 03:21:06 GMT
etag: "6350bea2-2437"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
139.45.197.153200 OK 30 kB URL HTTP/2 interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 3213a8e6ac43e59294f402bbbe324953
3e66ba9e6978ca9fef50e07274bd9899e3fed9c3
f880d432fbedbe3a15e8fed32985860e84e8ec4425ad6ff3e6cae446be0a6714
GET /contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=9vCbMDqanSMci0N&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2169798048%26z%3D5030886%26b%3D15446387%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DgwOqhJxkfcqtBQb8nOpnksd_GinqeXStCe-6hYyzTpZ72m7-JprxVtBCdRzjCX6VZmDj-0eISHUiQMvsF1yZMCMIlBRYy-fLLvjXrRNVYFXRH7IbpsQt8MIm7WvjzosZCA3mqDUCeDBiAh_u5SRfavtprA0F9d40dAUSL9QzZofbd0Uv2T3OS39VquXdyU6ShSuU2VicuQvGM-qSmedDPSfJ7VO4L1q8HCqKj33Cnp_jEgwO0IXIb8HlWH001Ws9IzEgX6a-0WSkbUeLDht-xakjWkA1YwzKt1E9kp7lViPV1N87IzAyCHxCCUTKfKJZbx2LVnTwfU-bTV_14SZWSlvm5siLQwtBF3QwvhawyXKMSVLwHUkNG497Lo1wzhDlYrN3LCVVabgqVeAV4rp2yyDsli-J_RTRp73sVNtKOzj3nb3RnLodTx38S38qa33VemjU9CUEvIpY06n-0EmGono0-bDnht3m22dCkwNzjjq-o-EYkffOohQU8WSOS64xFciM21Qs6Wro55RLVhAgJ9s4TeW8-T9ZBPSXtiLZyVPgsIA1TTWQSNCUmbjC0E2daxuiHuTOW976SpHp9PIZpFAsB_yht4Egcjd7-hGRGmAiBNaJcFUpGkEBW6-2smWP9HEQ-0defz7f5_k0%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3D5ad2fdb9-7f84-4c50-82ce-52e1a0d6bf5a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fpsp%252Fgrand_theft_auto_-_liberty_city_stories.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:29 GMT
content-type: image/jpeg
content-length: 29997
last-modified: Thu, 20 Oct 2022 03:21:02 GMT
etag: "6350be9e-752d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e499941c7c0c618d8cde0abdea1dffe5
c97f9445e236315948d0ecfbf4102b9df4094b7f
16ff92e9946f964d20545b9b56b1fc049ca89cad8fa30f071475f35ac96b2ae2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16FF92E9946F964D20545B9B56B1FC049CA89CAD8FA30F071475F35AC96B2AE2"
Last-Modified: Fri, 04 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7103
Expires: Sat, 05 Nov 2022 05:48:52 GMT
Date: Sat, 05 Nov 2022 03:50:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e499941c7c0c618d8cde0abdea1dffe5
c97f9445e236315948d0ecfbf4102b9df4094b7f
16ff92e9946f964d20545b9b56b1fc049ca89cad8fa30f071475f35ac96b2ae2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16FF92E9946F964D20545B9B56B1FC049CA89CAD8FA30F071475F35AC96B2AE2"
Last-Modified: Fri, 04 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7103
Expires: Sat, 05 Nov 2022 05:48:52 GMT
Date: Sat, 05 Nov 2022 03:50:29 GMT
Connection: keep-alive
rules.quantcount.com/rules-p-6JvC9xkUEfXYY.js
54.230.111.4200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-6JvC9xkUEfXYY.js
IP 54.230.111.4:0
Hash f1d42e658b42f72b88abdb871d0c2a71
f3c256dc0a9ff39789b9f2ea4c75c032704149b8
35126b4d43af6b059d7ef0f56d9374e8aa794d73f8d2c1dabaf1477129142724
GET /rules-p-6JvC9xkUEfXYY.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Thu, 13 Oct 2022 15:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sat, 05 Nov 2022 03:50:29 GMT
cache-control: max-age=3600
etag: "f1d42e658b42f72b88abdb871d0c2a71"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ngLUQSjEJ5GNdjepg8qkgyDF7Tj7p_5lBT-VxWEm9EW8a0PohorBFA==
age: 3203
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 05 Nov 2022 03:50:29 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 52a0a52b5e5b16180fa1bdd4fbdfc61b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1361107186
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1361107186
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1361107186 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:29 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 161b740b02ceb9150c331b6f8964bcd2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1885592927
139.45.197.236200 OK 12 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1885592927
IP 139.45.197.236:0
Hash 0a1e7d8137da18b1d29492fc2934785d
0cdcc7090fbd6d4aac3c12083b61ec3ef6f61f29
4b4037bccaec45820a499dce049c07b9ef6a4cd057d5cb0f39fec0576eef9774
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1885592927 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:29 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: e8954598b986bb94753cfed867cf4a80
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1667620227861%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-mt29f5l469qrfkxta7jz%22%7D
18.158.76.116200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1667620227861%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-mt29f5l469qrfkxta7jz%22%7D
IP 18.158.76.116:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1667620227861%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-mt29f5l469qrfkxta7jz%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:29 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 05 Nov 2022 03:50:29 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: b024df3b9e681a6a3058661b00e9becb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 05 Nov 2022 03:50:29 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 535926ca4d9f38f9584675a4da0e5512
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=2731850841&z=3056520&b=15499046&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=EY41nh0k8AW9r9w_IdlOtmoY0Iqtg3AZ0rS80iN63Zm19HNhN-b75jeaFkZ6yOEpZek1rI0kpSDKgO9GC4-yuFs0-T7A5f5zL0CKS5xxRc3kq1GqhlwhXQxZQ_JAPZbLuBlloZz7kwYgNMqNNnEWJ7bR5jNYmTEt-brkV9BAmfR8S5QVlGPEcBkxfBOOJdozBbyYuHOFuWzG2ZGhsQdcXQqVcKDBZ-dN_1AaLYSjJukt-RVlpBHtAT4vAdzbynPYX40R8a3b5dpv3XkzNZoX3exY7AJqSFxrLA3bpMpffW9c5gSnhAmySqFXxHK9iTxwbqhYGXGsIpPst6Y7qMRXmk5jaiusZB7epiClta8DNj1eb9olD8cxnPhXJn0QUWgbt9aVZgV4wi8g1AsOPzlAoW79s91QzTG5XciQ9pmTFJC72qIIIVfnwqlRxL-Ng_uD_qR2CfSTIk3h11BzOX-guIkms1KXlV9CSbyZ6h2JWBmUpKYFLnm3G0CRcesvZ6NvfxhVWPQKcUnSTlqK36lQfOZmXWBYTLd1RPUHP4l5eeatkKyDpHDwoGCurlgbSo0eD0E9QRx1PZPBvHszeEOp77V6F7z-i6rH72TChAv5lEO8F9A9H28u1qK_MrKV689o1HZ19EdBh1ijJa5p&ruid=360ffc8c-6da0-462a-b35a-620d866d7048&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=2731850841&z=3056520&b=15499046&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=EY41nh0k8AW9r9w_IdlOtmoY0Iqtg3AZ0rS80iN63Zm19HNhN-b75jeaFkZ6yOEpZek1rI0kpSDKgO9GC4-yuFs0-T7A5f5zL0CKS5xxRc3kq1GqhlwhXQxZQ_JAPZbLuBlloZz7kwYgNMqNNnEWJ7bR5jNYmTEt-brkV9BAmfR8S5QVlGPEcBkxfBOOJdozBbyYuHOFuWzG2ZGhsQdcXQqVcKDBZ-dN_1AaLYSjJukt-RVlpBHtAT4vAdzbynPYX40R8a3b5dpv3XkzNZoX3exY7AJqSFxrLA3bpMpffW9c5gSnhAmySqFXxHK9iTxwbqhYGXGsIpPst6Y7qMRXmk5jaiusZB7epiClta8DNj1eb9olD8cxnPhXJn0QUWgbt9aVZgV4wi8g1AsOPzlAoW79s91QzTG5XciQ9pmTFJC72qIIIVfnwqlRxL-Ng_uD_qR2CfSTIk3h11BzOX-guIkms1KXlV9CSbyZ6h2JWBmUpKYFLnm3G0CRcesvZ6NvfxhVWPQKcUnSTlqK36lQfOZmXWBYTLd1RPUHP4l5eeatkKyDpHDwoGCurlgbSo0eD0E9QRx1PZPBvHszeEOp77V6F7z-i6rH72TChAv5lEO8F9A9H28u1qK_MrKV689o1HZ19EdBh1ijJa5p&ruid=360ffc8c-6da0-462a-b35a-620d866d7048&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=2731850841&z=3056520&b=15499046&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=EY41nh0k8AW9r9w_IdlOtmoY0Iqtg3AZ0rS80iN63Zm19HNhN-b75jeaFkZ6yOEpZek1rI0kpSDKgO9GC4-yuFs0-T7A5f5zL0CKS5xxRc3kq1GqhlwhXQxZQ_JAPZbLuBlloZz7kwYgNMqNNnEWJ7bR5jNYmTEt-brkV9BAmfR8S5QVlGPEcBkxfBOOJdozBbyYuHOFuWzG2ZGhsQdcXQqVcKDBZ-dN_1AaLYSjJukt-RVlpBHtAT4vAdzbynPYX40R8a3b5dpv3XkzNZoX3exY7AJqSFxrLA3bpMpffW9c5gSnhAmySqFXxHK9iTxwbqhYGXGsIpPst6Y7qMRXmk5jaiusZB7epiClta8DNj1eb9olD8cxnPhXJn0QUWgbt9aVZgV4wi8g1AsOPzlAoW79s91QzTG5XciQ9pmTFJC72qIIIVfnwqlRxL-Ng_uD_qR2CfSTIk3h11BzOX-guIkms1KXlV9CSbyZ6h2JWBmUpKYFLnm3G0CRcesvZ6NvfxhVWPQKcUnSTlqK36lQfOZmXWBYTLd1RPUHP4l5eeatkKyDpHDwoGCurlgbSo0eD0E9QRx1PZPBvHszeEOp77V6F7z-i6rH72TChAv5lEO8F9A9H28u1qK_MrKV689o1HZ19EdBh1ijJa5p&ruid=360ffc8c-6da0-462a-b35a-620d866d7048&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=0e320a727cf74b1d9c8836ef4f313ed9; oaidts=1667620228
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:33 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: aecaaf6c7b817cb15bc5791d29774bb4
access-control-expose-headers: X-Sc
set-cookie: OAID=0e320a727cf74b1d9c8836ef4f313ed9; expires=Sun, 05 Nov 2023 03:50:33 GMT; secure; SameSite=None
oaidts=1667620228; expires=Sun, 05 Nov 2023 03:50:33 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 05 Nov 2023 03:50:33 GMT; secure; SameSite=None
CNT=1_v1_Jn_sAAEAAABlS0AA; expires=Sat, 05 Nov 2022 04:50:33 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=0e320a727cf74b1d9c8836ef4f313ed9
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=0e320a727cf74b1d9c8836ef4f313ed9
IP 139.45.197.242:0
POST /9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fpsp%2Fgrand_theft_auto_-_liberty_city_stories.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=0e320a727cf74b1d9c8836ef4f313ed9 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 416
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=58ced73b03534f5b9823877bd76eafa9; oaidts=1667620228
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 35e921fc86b4772c44f6a5d64f889232
access-control-expose-headers: X-Sc
set-cookie: OAID=0e320a727cf74b1d9c8836ef4f313ed9; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
oaidts=1667620228; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.59200 OK 0 B URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.59:0
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Sat, 05 Nov 2022 03:00:34 GMT
last-modified: Mon, 31 Oct 2022 19:52:29 GMT
etag: W/"9d3edb6b0958dc8fc9d74e44b3d6c1cf"
x-amz-server-side-encryption: AES256
x-amz-version-id: mbynXBBZ.ckIcnxGDVHS07C_p1g25FCO
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jzLu6CDW68c9KVUuA2WZn9E38CQ15o6axrpT2wuLUMeB1-brhGoH_Q==
age: 2995
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
108.157.229.85200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 108.157.229.85:0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sat, 05 Nov 2022 03:00:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sat, 05 Nov 2022 03:00:26 GMT
etag: W/"5e5c32e11030f411462907ffac99a722"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: oi9RkBnPfa0pnIXTAuIqbzPfbeMslTHdJ8965IxkQ8KHVARYozDovA==
age: 3000
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adshrink.it
Connection: keep-alive
Referer: https://adshrink.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 03:50:27 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7652a018df20b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/1?z=3056520
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=3056520 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: efe17ef2861d0506fe7ee65a717ed0f8
access-control-expose-headers: X-Sc
x-sc: aS1uOwCgRxFm4hC9trlmYFEXsY23--zqsGs4CML8rIx75EVlxnt9lys5wX9iJ1-8WpcWOQnKTg4oa9NS2WWr9FRsGJE=
set-cookie: scm=1; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
OAID=a3772840f9ec40b5bff31f8e20a7f0ec; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
oaidts=1667620228; expires=Sun, 05 Nov 2023 03:50:28 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.freeroms.com/js/jquery.min.js
64.235.54.28200 OK 0 B URL HTTP/2 www.freeroms.com/js/jquery.min.js
IP 64.235.54.28:0
GET /js/jquery.min.js HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/psp/grand_theft_auto_-_liberty_city_stories.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:26 GMT
content-type: application/javascript
last-modified: Tue, 28 Jul 2015 06:50:01 GMT
etag: W/"55b72619-176d5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
betotodilea.com/400/3601099
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/3601099
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/3601099 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: application/javascript
x-trace-id: 85f2dadd4e939dea19da97c6a465ce95
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3a57b3d76c0448aeb28be28b46dbfd75; expires=Sun, 05 Nov 2023 03:50:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.freeroms.com
108.157.229.85200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.freeroms.com
IP 108.157.229.85:0
GET /tcfv2/cmp2.js?referer=www.freeroms.com HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Wed, 14 Sep 2022 18:13:49 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
date: Sat, 05 Nov 2022 03:50:12 GMT
cache-control: max-age=3600
etag: W/"6d50b90bdafc3d438c55bd915fd5301d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: krS7R-2QXd0CbKoZIB_g9vsHv6acpohvjv9rk2jO_-a4KYfkuOgIbg==
age: 34
X-Firefox-Spdy: h2
interstitial-07.com/?l=9vCbMDqanSMci0N&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2169798048%26z%3D5030886%26b%3D15446387%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DgwOqhJxkfcqtBQb8nOpnksd_GinqeXStCe-6hYyzTpZ72m7-JprxVtBCdRzjCX6VZmDj-0eISHUiQMvsF1yZMCMIlBRYy-fLLvjXrRNVYFXRH7IbpsQt8MIm7WvjzosZCA3mqDUCeDBiAh_u5SRfavtprA0F9d40dAUSL9QzZofbd0Uv2T3OS39VquXdyU6ShSuU2VicuQvGM-qSmedDPSfJ7VO4L1q8HCqKj33Cnp_jEgwO0IXIb8HlWH001Ws9IzEgX6a-0WSkbUeLDht-xakjWkA1YwzKt1E9kp7lViPV1N87IzAyCHxCCUTKfKJZbx2LVnTwfU-bTV_14SZWSlvm5siLQwtBF3QwvhawyXKMSVLwHUkNG497Lo1wzhDlYrN3LCVVabgqVeAV4rp2yyDsli-J_RTRp73sVNtKOzj3nb3RnLodTx38S38qa33VemjU9CUEvIpY06n-0EmGono0-bDnht3m22dCkwNzjjq-o-EYkffOohQU8WSOS64xFciM21Qs6Wro55RLVhAgJ9s4TeW8-T9ZBPSXtiLZyVPgsIA1TTWQSNCUmbjC0E2daxuiHuTOW976SpHp9PIZpFAsB_yht4Egcjd7-hGRGmAiBNaJcFUpGkEBW6-2smWP9HEQ-0defz7f5_k0%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3D5ad2fdb9-7f84-4c50-82ce-52e1a0d6bf5a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fpsp%252Fgrand_theft_auto_-_liberty_city_stories.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.153200 OK 0 B URL HTTP/2 interstitial-07.com/?l=9vCbMDqanSMci0N&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2169798048%26z%3D5030886%26b%3D15446387%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DgwOqhJxkfcqtBQb8nOpnksd_GinqeXStCe-6hYyzTpZ72m7-JprxVtBCdRzjCX6VZmDj-0eISHUiQMvsF1yZMCMIlBRYy-fLLvjXrRNVYFXRH7IbpsQt8MIm7WvjzosZCA3mqDUCeDBiAh_u5SRfavtprA0F9d40dAUSL9QzZofbd0Uv2T3OS39VquXdyU6ShSuU2VicuQvGM-qSmedDPSfJ7VO4L1q8HCqKj33Cnp_jEgwO0IXIb8HlWH001Ws9IzEgX6a-0WSkbUeLDht-xakjWkA1YwzKt1E9kp7lViPV1N87IzAyCHxCCUTKfKJZbx2LVnTwfU-bTV_14SZWSlvm5siLQwtBF3QwvhawyXKMSVLwHUkNG497Lo1wzhDlYrN3LCVVabgqVeAV4rp2yyDsli-J_RTRp73sVNtKOzj3nb3RnLodTx38S38qa33VemjU9CUEvIpY06n-0EmGono0-bDnht3m22dCkwNzjjq-o-EYkffOohQU8WSOS64xFciM21Qs6Wro55RLVhAgJ9s4TeW8-T9ZBPSXtiLZyVPgsIA1TTWQSNCUmbjC0E2daxuiHuTOW976SpHp9PIZpFAsB_yht4Egcjd7-hGRGmAiBNaJcFUpGkEBW6-2smWP9HEQ-0defz7f5_k0%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3D5ad2fdb9-7f84-4c50-82ce-52e1a0d6bf5a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fpsp%252Fgrand_theft_auto_-_liberty_city_stories.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.153:0
GET /?l=9vCbMDqanSMci0N&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2169798048%26z%3D5030886%26b%3D15446387%26c%3D6255583%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DgwOqhJxkfcqtBQb8nOpnksd_GinqeXStCe-6hYyzTpZ72m7-JprxVtBCdRzjCX6VZmDj-0eISHUiQMvsF1yZMCMIlBRYy-fLLvjXrRNVYFXRH7IbpsQt8MIm7WvjzosZCA3mqDUCeDBiAh_u5SRfavtprA0F9d40dAUSL9QzZofbd0Uv2T3OS39VquXdyU6ShSuU2VicuQvGM-qSmedDPSfJ7VO4L1q8HCqKj33Cnp_jEgwO0IXIb8HlWH001Ws9IzEgX6a-0WSkbUeLDht-xakjWkA1YwzKt1E9kp7lViPV1N87IzAyCHxCCUTKfKJZbx2LVnTwfU-bTV_14SZWSlvm5siLQwtBF3QwvhawyXKMSVLwHUkNG497Lo1wzhDlYrN3LCVVabgqVeAV4rp2yyDsli-J_RTRp73sVNtKOzj3nb3RnLodTx38S38qa33VemjU9CUEvIpY06n-0EmGono0-bDnht3m22dCkwNzjjq-o-EYkffOohQU8WSOS64xFciM21Qs6Wro55RLVhAgJ9s4TeW8-T9ZBPSXtiLZyVPgsIA1TTWQSNCUmbjC0E2daxuiHuTOW976SpHp9PIZpFAsB_yht4Egcjd7-hGRGmAiBNaJcFUpGkEBW6-2smWP9HEQ-0defz7f5_k0%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3D5ad2fdb9-7f84-4c50-82ce-52e1a0d6bf5a%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fpsp%252Fgrand_theft_auto_-_liberty_city_stories.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 03:50:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=JQPsznEASsBkGCj37MaM6jii8ammC-c8TR_TbMDWuxw; expires=Sat, 05-Nov-2022 04:50:28 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
108.157.229.85200 OK 0 B URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 108.157.229.85:0
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sat, 05 Nov 2022 03:00:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sat, 05 Nov 2022 03:00:33 GMT
etag: W/"b0704acb374845886d528927d524f486"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: LyewhtYPVfvuldZY_SJIrnzexJ8l3SDDJmSmof5kboo5ScUnGX5Zzw==
age: 2994
X-Firefox-Spdy: h2