gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
185.178.208.130301 Moved Permanently 568 B URL HTTP/1.1 gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
Analyzer Verdict Alert fortinet Malware
GET /thriller/ver-daybreakers-vampiros-del-dia-2009-online/ HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Sat, 03 Sep 2022 01:59:14 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
Content-Type: text/html; charset=utf8
Content-Length: 568
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 01:42:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z1o7VLSa7szPTzbmQeVyiUkwWFKIEmf0KoioAFDk6nMjzhZ5jxMnkw==
Age: 994
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5408
Expires: Sat, 03 Sep 2022 03:29:22 GMT
Date: Sat, 03 Sep 2022 01:59:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3QXClZZvWvzHuh8UjJYEAfK2gYyd05moQVv-aDjnGaV3T4FQ6uI7PQ==
age: 2637
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 01:59:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38655489187f1a1826ce8550ddbf014a
328d3b550f32ab9c4e172e1e9c988b577e57bdbf
88f8a9e6152040fefd9d7a798b854302974d5f86c4e9554723e48ac98b960b77
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88F8A9E6152040FEFD9D7A798B854302974D5F86C4E9554723E48AC98B960B77"
Last-Modified: Thu, 01 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8856
Expires: Sat, 03 Sep 2022 04:26:50 GMT
Date: Sat, 03 Sep 2022 01:59:14 GMT
Connection: keep-alive
gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
185.178.208.130200 OK 13 kB URL HTTP/2 gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8136)
Hash 87a3eb4290a63f10942c08a7b6706c6c
f76b59baf9f1739ab2eb7e01035199a72e0280d0
17a4a6c922fd34a114bbe6c4f3446a3d1b758d408d484e1ad70bbdeafe5b3990
Analyzer Verdict Alert fortinet Malware
GET /thriller/ver-daybreakers-vampiros-del-dia-2009-online/ HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:14 GMT
date: Sat, 03 Sep 2022 01:59:14 GMT
content-type: text/html; charset=UTF-8
content-length: 13139
link: <https://gnula.nu/wp-json/>; rel="https://api.w.org/", <https://gnula.nu/wp-json/wp/v2/posts/333761>; rel="alternate"; type="application/json", <https://gnula.nu/?p=333761>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-includes/css/dist/block-library/style.min.css
185.178.208.130200 OK 9.3 kB URL HTTP/2 gnula.nu/wp-includes/css/dist/block-library/style.min.css
IP 185.178.208.130:0
File type Unicode text, UTF-8 text, with very long lines (29677)
Hash d548c4ff279c8b77bd20f53248726771
7d02c6aabeea8bd23a6a3f6fa4e413809b46e880
5b28617ee22ff8f4d563d0695cf1bf8f5ac173bccca7d300472f211d7029a9d7
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Sep 2022 16:30:57 GMT
content-type: text/css
last-modified: Wed, 14 Jul 2021 22:04:26 GMT
etag: W/"60ef5f6a-e33b"
expires: Fri, 09 Sep 2022 16:30:57 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 34098
ddg-cache-status: HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b311d921d0057fca059d079032648e6a
57c0a4f6dc48f1fbaf8d42c62233fc41ac607cd0
e1856b14ead6018415abfdd868b1f556692cf8cc0db6ca4dc8f5bec29633ba09
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/plusone.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash 202067c443611dc148225b75c0e3d556
9e6be316508f5c2a2e4b8cecc561b0e7415bd38c
5d9db864eb7c211f62d61436846b80db003b0102c903dda9bc15af29e5eefa39
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Sat, 03 Sep 2022 01:59:15 GMT
expires: Sat, 03 Sep 2022 01:59:15 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4e7ea00abe8fbd80"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144276616-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144276616-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 001b13f5e6728dcd4032b6fe60bb2f9d
32abcd957ac58d49e7c69372a361a3b0a18f0543
b65a5813a544b227a547d8ead3183bb8d13efa731dbc46f9504b93571f43b86a
GET /gtag/js?id=UA-144276616-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 01:59:15 GMT
expires: Sat, 03 Sep 2022 01:59:15 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Sniper.-The_White_Raven3.gif
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Sniper.-The_White_Raven3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 4ba2dfbcd06a505c91be290d42e10dfd
997445ed2e0ffef59b6b53861879375bd5af3bc9
b98c860c29e162f6c4e3a60cd934a9f65852e9e157984ecc8f673a2c19c9c8dd
GET /wp-content/uploads/2022/08/Sniper.-The_White_Raven3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 5876
last-modified: Fri, 19 Aug 2022 17:43:42 GMT
etag: "62ffcbce-16f4"
expires: Thu, 08 Sep 2022 18:44:03 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 112512
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Jazz_Fest_A_New_Orleans-Story3.gif
185.178.208.130200 OK 5.8 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Jazz_Fest_A_New_Orleans-Story3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 88159f4eb2b6165ec9c7ae8d1701413b
b10ed326e555d15c6f9ab258b511966d3ce9f57f
3e7db403c1f6ae084fbc8f3015a4a5b349463803fda84aae294092e6d130bcd1
GET /wp-content/uploads/2022/09/Jazz_Fest_A_New_Orleans-Story3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 18:43:16 GMT
content-type: image/gif
content-length: 5792
last-modified: Thu, 01 Sep 2022 18:41:35 GMT
etag: "6310fcdf-16a0"
expires: Thu, 08 Sep 2022 18:43:16 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 112559
ddg-cache-status: HIT
X-Firefox-Spdy: h2
www.google.es/cse/brand?form=cse-search-box&lang=es
142.250.74.163301 Moved Permanently 237 B URL HTTP/2 www.google.es/cse/brand?form=cse-search-box&lang=es
IP 142.250.74.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd
GET /cse/brand?form=cse-search-box&lang=es HTTP/1.1
Host: www.google.es
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/prose/brandjs.js
x-content-type-options: nosniff
server: sffe
content-length: 237
x-xss-protection: 0
date: Sat, 03 Sep 2022 01:40:02 GMT
expires: Sat, 03 Sep 2022 02:10:02 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnula.nu/wp-content/plugins/akismet/_inc/form.js
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/plugins/akismet/_inc/form.js
IP 185.178.208.130:0
Hash aa447430edb0412f38f7143fd2741d7a
ff6622fcf0d4ddfd510471a0dd1846f94e5789b7
3133d1c93a4d643f1d26b4c717bae2ed0fa4e395ffabeaffaca463bc80aea18a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/akismet/_inc/form.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 31 Aug 2022 03:41:22 GMT
content-type: application/javascript
last-modified: Wed, 14 Jul 2021 20:59:01 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: W/"60ef5015-2bc"
expires: Wed, 07 Sep 2022 03:41:22 GMT
age: 253073
ddg-cache-status: HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Top_Gun_Maverick5.gif
185.178.208.130200 OK 43 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Top_Gun_Maverick5.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 9ac6837b0cbcf5da37eba2d80b9a5c7c
9893e3c1ef2879df89b443a5bdf11138bff16798
aacec8af30d30331f084a03433c36c02b62fe99adfdd8a0df39939da9f9635e5
GET /wp-content/uploads/2022/08/Top_Gun_Maverick5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 19:45:18 GMT
content-type: image/gif
content-length: 42800
last-modified: Tue, 23 Aug 2022 00:28:24 GMT
etag: "63041f28-a730"
expires: Tue, 06 Sep 2022 19:45:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 281637
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/The_Figo_Affair_The_Transfer_that_Changed_Football3.gif
185.178.208.130200 OK 5.5 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/The_Figo_Affair_The_Transfer_that_Changed_Football3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash e05c2bde692177907bceb2f03c4092f1
8bff1cfd834d7cdeec9874b6f44a4cf8777413a2
3b19f70524ce76200fe64812a8a651ef59119b9c0d64887851e399c1dde68104
GET /wp-content/uploads/2022/08/The_Figo_Affair_The_Transfer_that_Changed_Football3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Aug 2022 11:37:29 GMT
content-type: image/gif
content-length: 5518
last-modified: Mon, 29 Aug 2022 11:37:29 GMT
etag: "630ca4f9-158e"
expires: Mon, 05 Sep 2022 11:37:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 397306
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/09/Butters_Final_MealButter3.gif
185.178.208.130200 OK 6.1 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/09/Butters_Final_MealButter3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash fc35778f396e4eca841db182e8d4618d
44834f53737409a377b08a60f503fda9cb37480f
5e5904a5804cf7cad3119bf54abf9f8c61b5217ab12d76b8624121f46452c3d6
GET /wp-content/uploads/2021/09/Butters_Final_MealButter3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Sep 2022 22:46:53 GMT
content-type: image/gif
content-length: 6080
last-modified: Wed, 15 Sep 2021 03:08:08 GMT
etag: "61416398-17c0"
expires: Fri, 09 Sep 2022 22:46:53 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 11542
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Elvis4.gif
185.178.208.130200 OK 40 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Elvis4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash e4d67bc82845bad0ed3b000baeef240c
f26ab718f5505f7f5494b74c428de9c107d4ced2
16f284cb1986a6dfd927a76a0c8e841ed6c08555c7744581c8af1d3f0afc6f25
GET /wp-content/uploads/2022/08/Elvis4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Aug 2022 17:46:47 GMT
content-type: image/gif
content-length: 39611
last-modified: Sun, 07 Aug 2022 17:51:50 GMT
etag: "62effbb6-9abb"
expires: Mon, 05 Sep 2022 17:46:47 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 375148
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Vizinhos3.gif
185.178.208.130200 OK 5.7 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Vizinhos3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 2601e10a3037ae30192b8c52f014ce6c
9c656ca899ce4e9baa55c6a886a1116da366948b
9130563171a6a6bfebd24bf8f607f3d965b3f8e351f9dcd0584ed4d1c878bd47
GET /wp-content/uploads/2022/09/Vizinhos3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Sep 2022 17:21:35 GMT
content-type: image/gif
content-length: 5654
last-modified: Fri, 02 Sep 2022 17:17:54 GMT
etag: "63123ac2-1616"
expires: Fri, 09 Sep 2022 17:21:35 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 31060
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Fall3.gif
185.178.208.130200 OK 4.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Fall3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 576ac2a7c7fd5446a55d2342b2aad826
6bde2653bf046a36554ff2eb4b711b8894714f67
5175d73905da9dfc08f9411a7001b2060b43c6113096c0f82de1c7fff1c5680d
GET /wp-content/uploads/2022/09/Fall3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Sep 2022 14:33:41 GMT
content-type: image/gif
content-length: 4868
last-modified: Fri, 02 Sep 2022 14:24:56 GMT
etag: "63121238-1304"
expires: Fri, 09 Sep 2022 14:33:41 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 41134
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Corro_da_te3.gif
185.178.208.130200 OK 3.7 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Corro_da_te3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash f9067efd923a7d77853e4e62449753a2
511ecf340fa52a748b217c555a20fb9a7d644692
4979dac7265e3983d2b17c666b1a48dfdb6e7ed29e17471ead4f63c60aaad482
GET /wp-content/uploads/2022/09/Corro_da_te3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 19:02:53 GMT
content-type: image/gif
content-length: 3703
last-modified: Thu, 01 Sep 2022 18:58:53 GMT
etag: "631100ed-e77"
expires: Thu, 08 Sep 2022 19:02:53 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 111382
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Love_in_the_Villa3.gif
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Love_in_the_Villa3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash f08e31dc4661f73d9448e05098bcc6ee
1c42349be46448fe01dc17ab97700ef121ff083b
6d5ba8faaf46a795e5a90d023068fad414b093205082ef1dd5f52a4c13b98106
GET /wp-content/uploads/2022/09/Love_in_the_Villa3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Sep 2022 22:47:18 GMT
content-type: image/gif
content-length: 5949
last-modified: Fri, 02 Sep 2022 19:58:45 GMT
etag: "63126075-173d"
expires: Fri, 09 Sep 2022 22:47:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 11517
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/08/Kaamelott_Premier_volet3.gif
185.178.208.130200 OK 5.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/08/Kaamelott_Premier_volet3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash b7f0ea9d7774b61d95fcfffa156abe6b
885c4be29fdb4498172580f3145d694c5f984c94
6e881c353754774d338223064adf1ee848e1a923f9f64a10393f835b73577a0a
GET /wp-content/uploads/2021/08/Kaamelott_Premier_volet3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 23:01:00 GMT
content-type: image/gif
content-length: 5331
last-modified: Mon, 09 Aug 2021 03:10:42 GMT
etag: "61109cb2-14d3"
expires: Tue, 06 Sep 2022 23:01:00 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 269895
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Loving_Adults3.gif
185.178.208.130200 OK 6.0 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Loving_Adults3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 54117f7a5fb1174197bcf01a704fdd2e
04659dac4ab5f7f0c891c8edae90f732f8b0a3d7
fb088cba4c25f12268f6a22be1aaf53dbe09274dfbeead357477303548d4d00d
GET /wp-content/uploads/2022/08/Loving_Adults3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 23:04:37 GMT
content-type: image/gif
content-length: 5980
last-modified: Tue, 30 Aug 2022 23:04:36 GMT
etag: "630e9784-175c"
expires: Tue, 06 Sep 2022 23:04:37 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 269678
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/scroller.js
185.178.208.130200 OK 5.7 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/scroller.js
IP 185.178.208.130:0
Hash dc0948ac7103d481ee0a58d7afa6831c
de36ce4678fd732880840eb664f49c6f0e80096f
1c6a600e9b88ed13d75fae7b032f23fe6f9359ea64a4e30257843953c2bcf458
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/charcoal2/scroller.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 31 Aug 2022 14:57:25 GMT
content-type: application/javascript
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: W/"5ec470b1-400"
expires: Wed, 07 Sep 2022 14:57:25 GMT
age: 212510
ddg-cache-status: HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Le_dernier_voyage_de_Paul_W3.gif
185.178.208.130200 OK 6.0 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Le_dernier_voyage_de_Paul_W3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 202870cc08b43e62a7ccbaf3da7bf972
d09d1ab647ce0cc4f1504cdfff2bb2b69f405640
42b37d2218872327efa98b18fb868938ccfbc68af5fbd84547cfcff946b2455b
GET /wp-content/uploads/2022/08/Le_dernier_voyage_de_Paul_W3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 22:50:49 GMT
content-type: image/gif
content-length: 6037
last-modified: Tue, 30 Aug 2022 22:50:49 GMT
etag: "630e9449-1795"
expires: Tue, 06 Sep 2022 22:50:49 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 270506
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Me_Time3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Me_Time3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/Me_Time3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=T86YkIhcLiJuUMBT; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=C50fIpd3rUyyaUcu; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=RVGzdnRmMbVglUyo; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Fall4.gif
185.178.208.130200 OK 32 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Fall4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash fae85af679de952643446d83b7d18b5b
15dd4cfd1603f4dcfe9fc2d8c99c854323c3ca9b
433203c68f283d089fa86e8968c22ac5460b727935b7e16c07f9fca3f84f882c
GET /wp-content/uploads/2022/09/Fall4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Sep 2022 14:33:41 GMT
content-type: image/gif
content-length: 31905
last-modified: Fri, 02 Sep 2022 14:24:57 GMT
etag: "63121239-7ca1"
expires: Fri, 09 Sep 2022 14:33:41 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 41134
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Seoul_Daejakjeon3.gif
185.178.208.130200 OK 6.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Seoul_Daejakjeon3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash fff5aca1965188b0efcadaab8cb3e430
78b5d48d9a84b15045eb05ea98f61880f3aeb421
58e9d1eb38251a34caa5a117f78010c22dc59673988b4bf3411cb1078b980eae
GET /wp-content/uploads/2022/08/Seoul_Daejakjeon3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Aug 2022 12:22:44 GMT
content-type: image/gif
content-length: 6290
last-modified: Mon, 29 Aug 2022 12:22:44 GMT
etag: "630caf94-1892"
expires: Mon, 05 Sep 2022 12:22:44 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 394591
ddg-cache-status: HIT
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 0ccf02d52b75b85c65aa5460aa24aebf
50d1a19cb9ebbd6d42173ce2d963ea4df29e8e5a
d13778acf057777bad23fd020088463d65d2b7baff042cd4529d27faa46daf38
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 950
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 03 Sep 2022 01:59:15 GMT
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F707)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29220
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93ffe2e91027edd9b0ed97ec916bef52
15107f080553ed8d1a49ab09259d461e1ed7b65e
b70a7bf6a74507be6d0d49326d1a113cb1bed78b6c405d9655a265073923ae20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B70A7BF6A74507BE6D0D49326D1A113CB1BED78B6C405D9655A265073923AE20"
Last-Modified: Fri, 02 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6109
Expires: Sat, 03 Sep 2022 03:41:04 GMT
Date: Sat, 03 Sep 2022 01:59:15 GMT
Connection: keep-alive
gnula.nu/wp-content/uploads/2022/05/La_jefa3.gif
185.178.208.130200 OK 5.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/05/La_jefa3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 09a1686d3e0b407bdecf4d69af51020b
5f53cb455d0852b3827c77ead0413baf569a2d70
7e0c5faf35858fdbd45f2538a9bce4f035c8750f1da694874e78e49aaaa3560a
GET /wp-content/uploads/2022/05/La_jefa3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 22:46:51 GMT
content-type: image/gif
content-length: 5322
last-modified: Mon, 02 May 2022 20:51:33 GMT
etag: "62704455-14ca"
expires: Tue, 06 Sep 2022 22:46:51 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 270744
ddg-cache-status: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ea402bc2bd723c3726a7fa29f0724c2
a8a232de74b725dd0fcff0410239654c9a33407d
a3aae8413ac876f7e522cee46d5139cb1bc0f916ec737e5d4083f4c7af36da88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3AAE8413AC876F7E522CEE46D5139CB1BC0F916EC737E5D4083F4C7AF36DA88"
Last-Modified: Sat, 03 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17754
Expires: Sat, 03 Sep 2022 06:55:09 GMT
Date: Sat, 03 Sep 2022 01:59:15 GMT
Connection: keep-alive
gnula.nu/wp-content/uploads/2022/08/Too_Close_for_Christmas3.gif
185.178.208.130200 OK 4.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Too_Close_for_Christmas3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 1ace2a9f7f13e2da39a96ede1cee2806
172b2a581e2de7a677832aff1cd27ecf1c4ad83f
8fbc03cff6be1ee1fdd89603343cca93e2ea381fc839985be49a7fc58c53ab22
GET /wp-content/uploads/2022/08/Too_Close_for_Christmas3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Aug 2022 11:49:44 GMT
content-type: image/gif
content-length: 4943
last-modified: Mon, 29 Aug 2022 11:49:43 GMT
etag: "630ca7d7-134f"
expires: Mon, 05 Sep 2022 11:49:44 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 396571
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/05/Black_Site3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/05/Black_Site3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/05/Black_Site3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=xiDaEuURmto1QYNf; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=6nTaBcZmcIyb74Dt; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=ZGHcyZrbHVRXrc3k; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/My_Sweet_Monster3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/My_Sweet_Monster3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/My_Sweet_Monster3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=DM9EmVqCdddZUhGu; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=nMKaj22qKIEzk5Zn; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=EVpqqTtJwKgHrkzT; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Fantasia3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Fantasia3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/09/Fantasia3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=dfWM3RA0T98U061v; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=1d8w9SRzFrtRMILn; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=nfyfwyeFubXsXMdL; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/Murder_at_Yellowstone_City3.gif
185.178.208.130200 OK 6.0 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Murder_at_Yellowstone_City3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 399c93b95cb753f04e2d67582050f6ef
78857d094b2adf5473bc80f553c0d4241db100eb
8b27960e52286556b896ed22240aaeba583b57417a9176d568e87af7d490690e
GET /wp-content/uploads/2022/07/Murder_at_Yellowstone_City3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 15:01:26 GMT
content-type: image/gif
content-length: 5968
last-modified: Wed, 20 Jul 2022 17:00:55 GMT
etag: "62d834c7-1750"
expires: Tue, 06 Sep 2022 15:01:26 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 298669
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/03/Codigo_Emperador3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/03/Codigo_Emperador3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/03/Codigo_Emperador3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=Y8lrPYu5H0EPKr1q; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=dVaQyeANzqiBIuog; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=pNL3l6wt417Dixr0; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/Elvis3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Elvis3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/07/Elvis3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=GGP3kOEZ5mbCUDhA; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=Rs13onjfdei0PO8V; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=UMM3aQRV1qVLs3J0; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/01/Luzzu3.gif
185.178.208.130200 OK 5.4 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/01/Luzzu3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash bc9841045651997fb2e82708d30d86e6
6415a49fb5278d088fd2e07572a926e5268bd537
213378118cb0566366f896dc69be962005421caadee53e35a1477ecb79362dfa
GET /wp-content/uploads/2022/01/Luzzu3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Sep 2022 17:43:09 GMT
content-type: image/gif
content-length: 5373
last-modified: Mon, 17 Jan 2022 18:33:21 GMT
etag: "61e5b671-14fd"
expires: Fri, 09 Sep 2022 17:43:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 29766
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Samaritan3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Samaritan3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/Samaritan3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=l0zNkXsC2O0Ga7Zu; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=Jlkj233qgO2OE9Lp; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=601gWiiLxhPLco7l; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2020/05/La_gallina_Turuleca3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2020/05/La_gallina_Turuleca3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2020/05/La_gallina_Turuleca3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=OeIDUBt2NiDPgN6c; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=Mv7gSepD05ObgIAu; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=nJw8IfwTE1iiBb9N; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Panash3.gif
185.178.208.130200 OK 5.4 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Panash3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash f614b3297bac02219f4b8a8b44dbf2d3
d68b69d764ab5e1023c45536967209d845e65c41
6c9b14b7c8e78919edb9ed51b7c89348d3faefd353521f473b344b84f2347d21
GET /wp-content/uploads/2022/08/Panash3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Aug 2022 12:31:09 GMT
content-type: image/gif
content-length: 5427
last-modified: Mon, 29 Aug 2022 12:31:08 GMT
etag: "630cb18c-1533"
expires: Mon, 05 Sep 2022 12:31:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 394086
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=b8AKfs5kC3emO4Tc; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=2N2U88p0zZbl0vHY; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=qHgLyat1QOaeHr57; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Nope4.gif
185.178.208.130200 OK 41 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Nope4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 3938804975796ef88f10bfdc13098f7c
6c228c84d8867f44d5b61ce39dcdf7e5ae520aa8
385a0d28d4855873ad6f61d07464f23613249bad88579d60123392deb6bf3364
GET /wp-content/uploads/2022/08/Nope4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 18:04:32 GMT
content-type: image/gif
content-length: 40845
last-modified: Thu, 25 Aug 2022 17:12:40 GMT
etag: "6307ad88-9f8d"
expires: Thu, 08 Sep 2022 18:04:32 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 114883
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/My_Next_Challenge3.gif
185.178.208.130200 OK 6.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/My_Next_Challenge3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 56315b2f88710629122234bb0e51d8af
93564cbd322510ed915817fc850d95e343e5f112
65c0fef5dd7b696c0a925036f01e46eab8d46b4f9e35abe943cd561ca0de223f
GET /wp-content/uploads/2022/08/My_Next_Challenge3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 14:52:42 GMT
content-type: image/gif
content-length: 6295
last-modified: Tue, 30 Aug 2022 14:52:42 GMT
etag: "630e243a-1897"
expires: Tue, 06 Sep 2022 14:52:42 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 299193
ddg-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b311d921d0057fca059d079032648e6a
57c0a4f6dc48f1fbaf8d42c62233fc41ac607cd0
e1856b14ead6018415abfdd868b1f556692cf8cc0db6ca4dc8f5bec29633ba09
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2022/08/Orphan_First_Kill4.gif
185.178.208.130200 OK 35 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Orphan_First_Kill4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash e8c75c527fef1f924d4e5e4ea0210d57
17a120a31f35a35c91e6135331637ecbad8ed46f
0025ee879ec424942294d83bcf71baed5836e026234047f4a18766803ce00ad5
GET /wp-content/uploads/2022/08/Orphan_First_Kill4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 27 Aug 2022 07:13:10 GMT
content-type: image/gif
content-length: 34678
last-modified: Fri, 19 Aug 2022 11:35:34 GMT
etag: "62ff7586-8776"
expires: Sat, 03 Sep 2022 07:13:10 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 585965
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/Jurassic_World_Dominion4.gif
185.178.208.130200 OK 46 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Jurassic_World_Dominion4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash d95c11a874351233466e3035438db041
4a23339aa1af0bbed5176d8ae9cb0e40d108ca97
07df598a5b0f68972dc4e2b1141659cf7b1b5d3c1ff5e0a015ee49bc48969317
GET /wp-content/uploads/2022/07/Jurassic_World_Dominion4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 27 Aug 2022 19:34:01 GMT
content-type: image/gif
content-length: 46393
last-modified: Wed, 06 Jul 2022 18:19:32 GMT
etag: "62c5d234-b539"
expires: Sat, 03 Sep 2022 19:34:01 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 541514
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/04/X3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/04/X3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/04/X3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=FwKb9S2SdsHnB1T7; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=61CXSdKzIotQG9OJ; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=tYlroc0HKFvK6CE1; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js
142.250.74.138200 OK 32 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769)
Hash beb03c9ee6d13748648309584590d515
a491b316cdd4df32dabb7a3a1d85919681911dda
acec62a91cdd6d2b03731fcc7e988094b3c38c9269276f09f9a842e6433ee008
GET /ajax/libs/jquery/1.6/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32222
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 28 Aug 2022 15:05:55 GMT
expires: Mon, 28 Aug 2023 15:05:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 471200
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/04/Contando_ovejas3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/04/Contando_ovejas3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/04/Contando_ovejas3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=srsdgDqgHVClVQsC; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=pAeow3yFT6cEb9tI; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=pblJcPoilqH55x7j; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/05/Death_Valley3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/05/Death_Valley3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/05/Death_Valley3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=MiOAlh6DlUBTcpuB; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=wLRat1Fyu0lpjXDv; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=6StgxmhX7hoZKWY7; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Fall5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Fall5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/09/Fall5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=57u7dpY3Vd5DApcL; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=uQ9yQ0hLMFWCEWk9; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=RS5s7TkRueUuHu5z; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/06/The_Unbearable_Weight_of_Massive_Talent4.gif
185.178.208.130200 OK 42 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/06/The_Unbearable_Weight_of_Massive_Talent4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 6d13c6a2e8d516daf80fcd5fa3a0874a
761ee8cad2f50fc097fc225eee915cd7664e478e
b138bc3997e8524f2eb2b4c2bc3530ee9dc66dc017ba89c73c42558d74d2fa9f
GET /wp-content/uploads/2022/06/The_Unbearable_Weight_of_Massive_Talent4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Sep 2022 17:32:20 GMT
content-type: image/gif
content-length: 41807
last-modified: Tue, 07 Jun 2022 21:52:19 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "629fc893-a34f"
expires: Fri, 09 Sep 2022 17:32:20 GMT
age: 30415
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/DC_League_of_Super_Pets3.gif
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/DC_League_of_Super_Pets3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash baf3289fe575ceeabc671471871df8d8
4705f4179c912c2a0e49d4b8cbcc41a5c8d09794
d94c135a5308768e20f83b061da81225a53c2e53e82e9ca31ecb967eb0ced556
GET /wp-content/uploads/2022/07/DC_League_of_Super_Pets3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 18:14:21 GMT
content-type: image/gif
content-length: 5861
last-modified: Fri, 29 Jul 2022 22:58:56 GMT
etag: "62e46630-16e5"
expires: Tue, 06 Sep 2022 18:14:21 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 287094
ddg-cache-status: HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/Jurassic_World_Dominion5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Jurassic_World_Dominion5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/07/Jurassic_World_Dominion5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=CRa2ZZtmwBsutuvB; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=SocNIZojBKlTNapN; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=rDDHawrNvX8cFqbX; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
cw.osmoticanansi.com/f62ffc3188dc5f62ffc3188dc62/27199
172.255.6.33200 OK 26 B URL HTTP/1.1 cw.osmoticanansi.com/f62ffc3188dc5f62ffc3188dc62/27199
IP 172.255.6.33:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /f62ffc3188dc5f62ffc3188dc62/27199 HTTP/1.1
Host: cw.osmoticanansi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Sep 2022 01:59:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 04-Sep-2022 01:59:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 04-Sep-2022 01:59:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
murkilyergots.com/gcgLKdwzr0hh/33424
23.109.82.251200 OK 26 B URL HTTP/1.1 murkilyergots.com/gcgLKdwzr0hh/33424
IP 23.109.82.251:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gcgLKdwzr0hh/33424 HTTP/1.1
Host: murkilyergots.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Sep 2022 01:59:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 04-Sep-2022 01:59:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 04-Sep-2022 01:59:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2022/07/Lightyear4.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Lightyear4.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/07/Lightyear4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=vvxkER0MpmFEfnIR; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=3x1fJPZymcGlMCf7; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=vRg1ieANEFRjsZ1i; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/09/Free_Guy5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/09/Free_Guy5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/09/Free_Guy5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=7sZF8yBk6QokmhYN; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=IHT9e656zOo5RHVL; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=1uQvhQVag89JeUUm; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1425
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Last-Modified: Sat, 03 Sep 2022 01:35:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
gnula.nu/wp-content/uploads/2021/05/Chaos_Walking5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/05/Chaos_Walking5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/05/Chaos_Walking5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=nl7gdzWrcQ9jlHXU; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=WJzmcNGYLN3gfd8G; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=E2nhr8MJNJqxQCFm; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/01/Promising_Young_Woman6.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/01/Promising_Young_Woman6.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/01/Promising_Young_Woman6.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=XB8NpJZN94FtliMU; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=xETCvzlcSdc6REvm; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=GqzvxN7tGBaphm0U; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=CmWxTYDYAsPiRllp; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=IxlEypoaunJ8GIYI; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=su4BJ7aHnnp5OQjW; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2020/02/Jumanji_The_Next_Level5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2020/02/Jumanji_The_Next_Level5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2020/02/Jumanji_The_Next_Level5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=l91OVGhrt921kPH8; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=IBlCKp96Agjf5qKf; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=m9r9EOnxLeotstp1; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/09/Malignant5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/09/Malignant5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/09/Malignant5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=JPDDJ5TOm75I6JS7; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=ag2P8F9OfWLCsrC1; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=5G4CAMQmGKsASA5s; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2015/06/Daybreakers_poster_espa%C3%B1ol.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2015/06/Daybreakers_poster_espa%C3%B1ol.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2015/06/Daybreakers_poster_espa%C3%B1ol.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=0ED2pJvV4vKRs7gK; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=xDeDcSawAVrWYcsV; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=hwMM67hwppEXlihY; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-includes/js/wp-embed.min.js
185.178.208.130200 OK 8.9 kB URL HTTP/2 gnula.nu/wp-includes/js/wp-embed.min.js
IP 185.178.208.130:0
File type ASCII text, with very long lines (1391)
Hash abeb361fc42dbe1eedc994e0f2278582
1d2124543c95ca2389094b8db78aa5d3f839efb1
7d2e618268883232708dcc0546987330b030b517919d540fadf9c622b050fa3d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 28 Aug 2022 18:23:47 GMT
content-type: application/javascript
last-modified: Mon, 15 Feb 2021 03:38:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: W/"6029ecaa-592"
expires: Sun, 04 Sep 2022 18:23:47 GMT
age: 459328
ddg-cache-status: HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/12/Wolf3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/12/Wolf3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/12/Wolf3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=RxHvj0uu9raf1D5P; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=rUdsJ9u8KeFMcSeu; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=DlfmiPXe5v0sw56e; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=4EDE1ZHteAYhzzDI; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=c5va18BWBCpWP34I; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=77LuTSdyS2TIpUQF; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 03 Sep 2022 01:38:16 GMT
Cache-Control: max-age=3600
Expires: Sat, 03 Sep 2022 02:20:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UeR2JaHu6cxRvJ007V-_s0mugUzb9jHs2pQLaXs6mxXgPdJdrvAEjQ==
Age: 1258
www.gstatic.com/prose/brandjs.js
142.250.74.163200 OK 5.8 kB URL HTTP/2 www.gstatic.com/prose/brandjs.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (1352)
Hash 10aa07ab4f7de5535f4cafe167ca4fa7
6c804574a29f9d8a77ed2823a7879e56dbc42c22
d111484a9bceee10b129b20ebd4ead4639b5d7dd78117522249195fb84db3cf0
GET /prose/brandjs.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gnula.nu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 5807
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 18:45:14 GMT
expires: Sat, 03 Sep 2022 18:45:14 GMT
cache-control: public, max-age=86400
age: 26041
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/08/Fast_and_Furious_9m5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/08/Fast_and_Furious_9m5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/08/Fast_and_Furious_9m5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=3PwY6a4y2XKGgXdB; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=gw2qjpxh65iYgEOt; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=zmpPfdE3lKW9lYPH; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/The_Black_Phone4.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/The_Black_Phone4.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/07/The_Black_Phone4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=gSETV29U9TkDHObf; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=rX73VKq7mqePq5aM; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=NcfgUd2QubT3nsVU; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Doragon_boru_supa_supa_hiro_new.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Doragon_boru_supa_supa_hiro_new.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/Doragon_boru_supa_supa_hiro_new.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=rgSOlEhGninGvTBQ; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=r8xHxev5SQoUlkOS; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=EheqjCwNkXTToSjV; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2020/03/The_Jack_in_the_Box3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2020/03/The_Jack_in_the_Box3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2020/03/The_Jack_in_the_Box3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=WcAzO6HchZBFmTJH; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=wxqyh4W6LnjdL4rf; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=VrUhkZAFxBIZTSgF; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/06/La_piel_en_llamas2.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/06/La_piel_en_llamas2.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/06/La_piel_en_llamas2.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=pWjUwBr0ns3xuPmN; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=wK35eSANPRfqgucK; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=GBe1AMzl3qYn60yp; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2022/03/The_Last_Mark3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/03/The_Last_Mark3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/03/The_Last_Mark3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
set-cookie: __ddgid_=1ILYDF1AHIAaPRIX; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:15 GMT
__ddgmark_=2YbUTIGwBa1oz8zp; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Sun, 04-Sep-2022 01:59:15 GMT
__ddg5_=DBDGE2EM0CmNUukL; Domain=.gnula.nu; Path=/; Expires=Sat, 03-Sep-2022 04:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/images/li2.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/li2.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/themes/charcoal2/images/li2.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=JPDDJ5TOm75I6JS7; __ddgmark_=ag2P8F9OfWLCsrC1; __ddg5_=5G4CAMQmGKsASA5s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2014/04/headb.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/04/headb.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2014/04/headb.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2014/04/heada.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/04/heada.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2014/04/heada.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b2fac4858ba1580ea75a5d0a0ee5130c
84779746ed304afe4b5ac32f8fb5d2bfc669f889
bf6df9802c3a9e3ca63cde27961a024dfccd459edaffb4cac1f2baaa59c8ea04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF6DF9802C3A9E3CA63CDE27961A024DFCCD459EDAFFB4CAC1F2BAAA59C8EA04"
Last-Modified: Thu, 01 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6893
Expires: Sat, 03 Sep 2022 03:54:08 GMT
Date: Sat, 03 Sep 2022 01:59:15 GMT
Connection: keep-alive
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gR8QkGKicC2QrPI5Gc+69w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qFjhC5nC93InYaKdigew4ENKYio=
travelingturtleharmonious.com/a3/d5/c2/a3d5c2b0b16ae43acd553d5fcb3e0113.js
192.243.59.13200 OK 20 kB URL HTTP/1.1 travelingturtleharmonious.com/a3/d5/c2/a3d5c2b0b16ae43acd553d5fcb3e0113.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59427), with no line terminators
Hash f01ec0581e67eb1d4f4d83ea3e89793c
74fc46df7329aa557eba9c32ff984873016030c9
e9c5cee14b2cc45ba8ac7e663c7cc7c684d5e82291692183f92b43a28f52bccd
GET /a3/d5/c2/a3d5c2b0b16ae43acd553d5fcb3e0113.js HTTP/1.1
Host: travelingturtleharmonious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Sep 2022 01:59:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 828ffb926fc027bda54419f946c5b21e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
murkilyergots.com/gcgLKdwzr0hh/33424
23.109.82.251200 OK 26 B URL HTTP/1.1 murkilyergots.com/gcgLKdwzr0hh/33424
IP 23.109.82.251:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gcgLKdwzr0hh/33424 HTTP/1.1
Host: murkilyergots.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Sep 2022 01:59:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
cw.osmoticanansi.com/f62ffc3188dc5f62ffc3188dc62/27199
172.255.6.33200 OK 26 B URL HTTP/1.1 cw.osmoticanansi.com/f62ffc3188dc5f62ffc3188dc62/27199
IP 172.255.6.33:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /f62ffc3188dc5f62ffc3188dc62/27199 HTTP/1.1
Host: cw.osmoticanansi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Sep 2022 01:59:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 797848c645dcc323aa01a1cc28a1376c
df8dfbb74c047699a37ac0d12d307ede104bbf72
6943eb9fbf099441d20214c206365026c24380abb84c633eca2a78fd8a9f3d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6943EB9FBF099441D20214C206365026C24380ABB84C633ECA2A78FD8A9F3D25"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3022
Expires: Sat, 03 Sep 2022 02:49:38 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
gnula.nu/wp-content/themes/charcoal2/images/title2.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/title2.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/themes/charcoal2/images/title2.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/images/cover.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/cover.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/themes/charcoal2/images/cover.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/images/meta2.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/meta2.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/themes/charcoal2/images/meta2.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fgnula.nu
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fgnula.nu
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash aa228863765c3263e12f1d7c71015518
619739a12e0f16eab26a43a913b35779edea57a6
cf9a241903646ee9b88b76da2bb3e11d16f36246f7bbc53bbe2c98466e5ea12a
GET /widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fgnula.nu HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 191765
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Sep 2022 01:59:16 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
gnula.nu/wp-content/themes/charcoal2/images/footer.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/footer.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/themes/charcoal2/images/footer.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Me_Time3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Me_Time3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/Me_Time3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2020/05/La_gallina_Turuleca3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2020/05/La_gallina_Turuleca3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2020/05/La_gallina_Turuleca3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/My_Sweet_Monster3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/My_Sweet_Monster3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/My_Sweet_Monster3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Samaritan3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Samaritan3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/Samaritan3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a00f52fc466a37b16026028800de6ed1
9b05ba36474ee2a3ea8ae6ff50bc0b0391a68f65
cc6cab7855a15bf8127e92fad261c017a1bafacf0cdc042ee587181b74b373d0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 01:59:16 GMT
Last-Modified: Sat, 03 Sep 2022 01:32:50 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: izv7_0-ZhPo9Snx_vKLRH3UUVpmX6sT6Ixq5Rruz8leVsIzUBVGh5A==
Age: 1586
gnula.nu/wp-content/uploads/2022/09/Pijamas_espaciales3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Pijamas_espaciales3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/09/Pijamas_espaciales3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/12/Wolf3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/12/Wolf3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/12/Wolf3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Fantasia3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Fantasia3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/09/Fantasia3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/The_Black_Phone4.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/The_Black_Phone4.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/07/The_Black_Phone4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Doragon_boru_supa_supa_hiro_new.jpg
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Doragon_boru_supa_supa_hiro_new.jpg
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/08/Doragon_boru_supa_supa_hiro_new.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/Elvis3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Elvis3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/07/Elvis3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Fall5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Fall5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/09/Fall5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/Jurassic_World_Dominion5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Jurassic_World_Dominion5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/07/Jurassic_World_Dominion5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6668615413d694340a8acd92122e928f
4ba5dd491a363c3c5a465fc5c2c7a65de7c25f87
97480e5327ec96c4e002137ffc942ea647f4bf1dba29035fca75a60a297a7e74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97480E5327EC96C4E002137FFC942EA647F4BF1DBA29035FCA75A60A297A7E74"
Last-Modified: Fri, 02 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20729
Expires: Sat, 03 Sep 2022 07:44:45 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
gnula.nu/wp-content/uploads/2022/07/Lightyear4.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Lightyear4.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2022/07/Lightyear4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:16 GMT
Last-Modified: Sat, 03 Sep 2022 00:12:55 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6668615413d694340a8acd92122e928f
4ba5dd491a363c3c5a465fc5c2c7a65de7c25f87
97480e5327ec96c4e002137ffc942ea647f4bf1dba29035fca75a60a297a7e74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97480E5327EC96C4E002137FFC942EA647F4BF1DBA29035FCA75A60A297A7E74"
Last-Modified: Fri, 02 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6649
Expires: Sat, 03 Sep 2022 03:50:05 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
gnula.nu/wp-content/uploads/2021/05/Chaos_Walking5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/05/Chaos_Walking5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/05/Chaos_Walking5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.162.188200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.192.162.188:0
File type ASCII text, with no line terminators
Hash fe8a00b29b80225c9befac30c2d8f69d
183d89803e892921eb8feb5c675dd90a135c5683
1a2346eb838eac6643a050f3457aed2513d9033917a8e7a0922dcb2dc08402a8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gnula.nu
access-control-allow-credentials: true
set-cookie: uid_id2=6171148c-4f2f-4c24-814f-0850a89fe35f:3:1; expires=Tue, 31 Aug 2032 01:59:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6668615413d694340a8acd92122e928f
4ba5dd491a363c3c5a465fc5c2c7a65de7c25f87
97480e5327ec96c4e002137ffc942ea647f4bf1dba29035fca75a60a297a7e74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97480E5327EC96C4E002137FFC942EA647F4BF1DBA29035FCA75A60A297A7E74"
Last-Modified: Fri, 02 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6613
Expires: Sat, 03 Sep 2022 03:49:29 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
gnula.nu/wp-content/uploads/2021/01/Promising_Young_Woman6.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/01/Promising_Young_Woman6.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/01/Promising_Young_Woman6.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2020/03/The_Jack_in_the_Box3.gif
185.178.208.130403 Forbidden 8.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2020/03/The_Jack_in_the_Box3.gif
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8028), with no line terminators
Hash a6bb0b43f2e655951abce70028b1267e
eeef150cf4ff03842c3ba839a7b12500dbcaa3ef
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
GET /wp-content/uploads/2020/03/The_Jack_in_the_Box3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0; __ddgid_=1ILYDF1AHIAaPRIX; __ddgmark_=2YbUTIGwBa1oz8zp; __ddg5_=DBDGE2EM0CmNUukL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
server: ddos-guard
date: Sat, 03 Sep 2022 01:59:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
content-length: 8176
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c23119d60d2005ba2d3b80115642b2e
c5bfbd0a05af367c9ce133a20f7f3e62bf4474b6
200adf2103b610a30b62dd04620a503d14087df42851d9a2340897cbb1323708
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "200ADF2103B610A30B62DD04620A503D14087DF42851D9A2340897CBB1323708"
Last-Modified: Fri, 02 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=938
Expires: Sat, 03 Sep 2022 02:14:54 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cbf7edaa1058345bd2cea3d0a7b0984f
3245c5f82f34a113d0d9f999faff9e150cff72a6
e8b42d4636ca72b2ce66ebb2512f08286771f8ca2476a2d6dd90e7befa228841
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8B42D4636CA72B2CE66EBB2512F08286771F8CA2476A2D6DD90E7BEFA228841"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=127
Expires: Sat, 03 Sep 2022 02:01:23 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cbf7edaa1058345bd2cea3d0a7b0984f
3245c5f82f34a113d0d9f999faff9e150cff72a6
e8b42d4636ca72b2ce66ebb2512f08286771f8ca2476a2d6dd90e7befa228841
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8B42D4636CA72B2CE66EBB2512F08286771F8CA2476A2D6DD90E7BEFA228841"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=127
Expires: Sat, 03 Sep 2022 02:01:23 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
uploadmp4.com/embed/8c37b4f0e11291ba
185.107.56.194200 OK 492 B URL HTTP/2 uploadmp4.com/embed/8c37b4f0e11291ba
IP 185.107.56.194:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (492), with no line terminators
Hash 1cf013a75403f39bd4e3f008120017ab
4c884197f76955571d06369757a31ea0c8866137
1806b0e86137ef2c57d07a76cfdb4ac4962aa0900a6a437d6848d7b96a75e0ff
GET /embed/8c37b4f0e11291ba HTTP/1.1
Host: uploadmp4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, private, must-revalidate
content-length: 492
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 01:59:15 GMT
server: Cowboy
set-cookie: sid=03f7b95a-2b2c-11ed-971e-ff4c8d2e9d38; path=/; domain=.uploadmp4.com; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
uploadmp4.com/embed/3766e0732fc1e7cd
185.107.56.194200 OK 492 B URL HTTP/2 uploadmp4.com/embed/3766e0732fc1e7cd
IP 185.107.56.194:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (492), with no line terminators
Hash de6b44a81c78549b798c24211249819d
21e9b6025c4d9de2001e4a4ad26210a7cf79d581
f94dd1779c70142fb2f86b0cbb77fc7d91474874dcef78f6e5271aef62f0aad6
GET /embed/3766e0732fc1e7cd HTTP/1.1
Host: uploadmp4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, private, must-revalidate
content-length: 492
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 01:59:15 GMT
server: Cowboy
set-cookie: sid=03f82eda-2b2c-11ed-b141-ff4c503c9da5; path=/; domain=.uploadmp4.com; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cbf7edaa1058345bd2cea3d0a7b0984f
3245c5f82f34a113d0d9f999faff9e150cff72a6
e8b42d4636ca72b2ce66ebb2512f08286771f8ca2476a2d6dd90e7befa228841
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8B42D4636CA72B2CE66EBB2512F08286771F8CA2476A2D6DD90E7BEFA228841"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19182
Expires: Sat, 03 Sep 2022 07:18:58 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
wh.shantihskats.com/style.css?cb=1143350
23.109.82.220200 OK 89 B URL HTTP/1.1 wh.shantihskats.com/style.css?cb=1143350
IP 23.109.82.220:0
File type ASCII text, with no line terminators
Hash 86abc54ef4db509f67f1265708a8ca59
ab08d9a5c77cf6564874343f1ad67dbd874033a3
dd72b6d1244113eae727ab7012932cf99153f6195abc4938f782b47f3790736e
GET /style.css?cb=1143350 HTTP/1.1
Host: wh.shantihskats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Sep 2022 01:59:16 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, megageocheckolololo
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 04-Sep-2022 01:59:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 04-Sep-2022 01:59:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fthriller%2Fver-daybreakers-vampiros-del-dia-2009-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fthriller%2Fver-daybreakers-vampiros-del-dia-2009-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fthriller%2Fver-daybreakers-vampiros-del-dia-2009-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: m6iYOKugJ7pIvlUgYkBR26RHACWlu3jXCBUmKscyIRcvwa4kIh28/NMWyRemFNACLRh3dZDAH2hGZP401C6naA==
content-length: 0
date: Sat, 03 Sep 2022 01:59:16 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b58d12316d2671bdb51acd6f258bf6fe
e68a8cb68c38302c66704a1925274c9bda8ee013
4185409552b5356673b8037781e84094eb06a1622bf73f771071e1128a4d1419
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 731
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:16 GMT
Last-Modified: Sat, 03 Sep 2022 01:47:05 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b58d12316d2671bdb51acd6f258bf6fe
e68a8cb68c38302c66704a1925274c9bda8ee013
4185409552b5356673b8037781e84094eb06a1622bf73f771071e1128a4d1419
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 731
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:16 GMT
Last-Modified: Sat, 03 Sep 2022 01:47:05 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e9e74d6525e96f3f2afedd2c6a2dbd1
fe79f35617bec7a22c433050fdc5cf791cbfb260
440f029b8c392ed3c3e2b1e8243e7f78b76723176e27e261e24ab8d405f889f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "440F029B8C392ED3C3E2B1E8243E7F78B76723176E27E261E24AB8D405F889F3"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6606
Expires: Sat, 03 Sep 2022 03:49:22 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 797848c645dcc323aa01a1cc28a1376c
df8dfbb74c047699a37ac0d12d307ede104bbf72
6943eb9fbf099441d20214c206365026c24380abb84c633eca2a78fd8a9f3d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6943EB9FBF099441D20214C206365026C24380ABB84C633ECA2A78FD8A9F3D25"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3022
Expires: Sat, 03 Sep 2022 02:49:38 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2f6b9c55581129935bf61375b4393aa0
58b9c3cef21d6e1d29f9ad1ecd35af4c82621b49
6f218951cc51c1378473df8596ec092cbd80f33895326720b3d7dd9d3f092ce4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2219
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:16 GMT
Last-Modified: Sat, 03 Sep 2022 01:22:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e9e74d6525e96f3f2afedd2c6a2dbd1
fe79f35617bec7a22c433050fdc5cf791cbfb260
440f029b8c392ed3c3e2b1e8243e7f78b76723176e27e261e24ab8d405f889f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "440F029B8C392ED3C3E2B1E8243E7F78B76723176E27E261E24AB8D405F889F3"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19834
Expires: Sat, 03 Sep 2022 07:29:50 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
byter.tv/v/5ps2559263s63
93.115.28.104200 OK 480 B IP 93.115.28.104:0
ASN #16125 UAB Cherry Servers
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480), with no line terminators
Hash 5443d3ef7ab9844a3ce5d19a9df91cc5
b9fe947208723bc950ba63cc98f5e9d625055716
3ae5c2d4ef442c77419387e82b552b82045ee22cdc4f0d30d2c31db478142372
GET /v/5ps2559263s63 HTTP/1.1
Host: byter.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, private, must-revalidate
content-length: 480
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 01:59:15 GMT
server: Cowboy
set-cookie: sid=0408833e-2b2c-11ed-bf9c-e2889caafbcb; path=/; domain=.byter.tv; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8eabfe9071d3f645c53e17b05abe300a
bd7d2d937645ea70f0a4b0b6138e3ac94e3eb302
cceb1019d33890880a628e299a29480b40adf22b5dc2c570cf5c3c0fd807d967
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCEB1019D33890880A628E299A29480B40ADF22B5DC2C570CF5C3C0FD807D967"
Last-Modified: Fri, 02 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Sat, 03 Sep 2022 02:45:57 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d1d5bd44e21d8c5aaea7a193f42064c9
9ef65efe90a57c7861e72d6057b24230460f14c6
4aa270a8bcba21f08def3bce1df0489fb9524359f71bc1f1f3e6e7707f5a8208
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AA270A8BCBA21F08DEF3BCE1DF0489FB9524359F71BC1F1F3E6E7707F5A8208"
Last-Modified: Wed, 31 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2285
Expires: Sat, 03 Sep 2022 02:37:21 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e9e74d6525e96f3f2afedd2c6a2dbd1
fe79f35617bec7a22c433050fdc5cf791cbfb260
440f029b8c392ed3c3e2b1e8243e7f78b76723176e27e261e24ab8d405f889f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "440F029B8C392ED3C3E2B1E8243E7F78B76723176E27E261E24AB8D405F889F3"
Last-Modified: Thu, 01 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19736
Expires: Sat, 03 Sep 2022 07:28:12 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
byter.tv/v/5ps255o835q27
93.115.28.104429 Too Many Requests 17 B IP 93.115.28.104:0
ASN #16125 UAB Cherry Servers
File type ASCII text, with no line terminators
Hash eeb13468b73d93fa8bcbe3ebae6df720
1f55c90d5ce61c6447e923443d496b137be35c63
802600d124464157037a2519acb3cff90b97670fd04809ea902fbb95497a12ca
GET /v/5ps255o835q27 HTTP/1.1
Host: byter.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 429 Too Many Requests
cache-control: max-age=0, private, must-revalidate
content-length: 17
date: Sat, 03 Sep 2022 01:59:15 GMT
server: Cowboy
set-cookie: sid=0410399e-2b2c-11ed-a361-e2887ab8d4ef; path=/; domain=.byter.tv; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d1d5bd44e21d8c5aaea7a193f42064c9
9ef65efe90a57c7861e72d6057b24230460f14c6
4aa270a8bcba21f08def3bce1df0489fb9524359f71bc1f1f3e6e7707f5a8208
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AA270A8BCBA21F08DEF3BCE1DF0489FB9524359F71BC1F1F3E6E7707F5A8208"
Last-Modified: Wed, 31 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2649
Expires: Sat, 03 Sep 2022 02:43:25 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:16 GMT
Last-Modified: Sat, 03 Sep 2022 00:12:55 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
hqq.tv/ad/api/popunder.js
190.115.19.71200 OK 43 B URL HTTP/2 hqq.tv/ad/api/popunder.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with no line terminators
Hash d3095778fd534c564d9d8c8560616338
b8798860ed6f9dab751ea7c7fe5301931d2eb76a
9f7343247eef60846c3ae03a18ea4865ca3e4fc55d6df27c0785f40ed199a675
GET /ad/api/popunder.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=x8TnBHCCF5RgRWIQI5Xi; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 16 Jul 2022 01:05:52 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: W/"6141fdde-15"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
age: 4236804
ddg-cache-status: HIT,MISS
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
byter.tv/v/5ps255p718p0o
93.115.28.104429 Too Many Requests 17 B IP 93.115.28.104:0
ASN #16125 UAB Cherry Servers
File type ASCII text, with no line terminators
Hash eeb13468b73d93fa8bcbe3ebae6df720
1f55c90d5ce61c6447e923443d496b137be35c63
802600d124464157037a2519acb3cff90b97670fd04809ea902fbb95497a12ca
GET /v/5ps255p718p0o HTTP/1.1
Host: byter.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 429 Too Many Requests
cache-control: max-age=0, private, must-revalidate
content-length: 17
date: Sat, 03 Sep 2022 01:59:15 GMT
server: Cowboy
set-cookie: sid=04188392-2b2c-11ed-b3f4-e2883e4b92cb; path=/; domain=.byter.tv; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d1d5bd44e21d8c5aaea7a193f42064c9
9ef65efe90a57c7861e72d6057b24230460f14c6
4aa270a8bcba21f08def3bce1df0489fb9524359f71bc1f1f3e6e7707f5a8208
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AA270A8BCBA21F08DEF3BCE1DF0489FB9524359F71BC1F1F3E6E7707F5A8208"
Last-Modified: Wed, 31 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2554
Expires: Sat, 03 Sep 2022 02:41:50 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
syndication.twitter.com/settings?session_id=f856738dd5c762346cf4835cf993ae9771ea79ad
104.244.42.136200 OK 308 B URL HTTP/2 syndication.twitter.com/settings?session_id=f856738dd5c762346cf4835cf993ae9771ea79ad
IP 104.244.42.136:0
File type JSON data\012- , ASCII text, with very long lines (709), with no line terminators
Hash d8e2887342b363c09cd19d9b36199dbe
47c62bf9e3e60b6ab0b61eae608db43c04f7bea4
c38e646e125827b7520415ecaf228031c848266838cd894fa44a41686fedc553
GET /settings?session_id=f856738dd5c762346cf4835cf993ae9771ea79ad HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:15 GMT
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sat, 03 Sep 2022 01:59:16 GMT
content-length: 308
content-encoding: gzip
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: 5b1001b06ff3ae25a1efe401918fe86dd429741c601103f5e7ae1e6ea1ff68e9
X-Firefox-Spdy: h2
ok.ru/videoembed/1473169001076
5.61.23.11200 OK 25 kB URL HTTP/2 ok.ru/videoembed/1473169001076
IP 5.61.23.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62966)
Hash d4d923ef2e3d0ac8954b62fad9453c44
3a463f9caf486847857b6a285863f973696825af
f2a0b0f1424fe27294fc2d89da6e3095efb28b3ef6c011f6561879ca9f002c94
GET /videoembed/1473169001076 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=8596389925328201846; Domain=.ok.ru; Expires=Thu, 21-Sep-2090 05:13:23 GMT; Path=/; Secure; HttpOnly
_statid=a9254d7e-aab7-450c-871e-ab12acd10e9f; Domain=.ok.ru; Expires=Thu, 21-Sep-2090 05:13:23 GMT; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
last-modified: Sun, 20 Mar 2022 14:33:03 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: br
X-Firefox-Spdy: h2
hqq.tv/player/embed_player.php?vid=cREi7lzWMFS2&autoplay=no
190.115.19.71200 OK 47 kB URL HTTP/2 hqq.tv/player/embed_player.php?vid=cREi7lzWMFS2&autoplay=no
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 09e1dc3bd46b26b8b50e7e5052cd4415
d07ac900c6f72f4e827e1364656034c76aa98362
57dc353f8c364c4991d91c6df0fef5a116142723be907922f5d39c4beabfba63
GET /player/embed_player.php?vid=cREi7lzWMFS2&autoplay=no HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=ZK7LOS7vs77QpJ57kW2T; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 03 Sep 2022 01:59:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.tv>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wws.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
duplicatepowerquay.com/pixel/purst?dl=0&th=0&sc=0&rs=1767&rd=1767&fd=936&bv=22.8.v.1&tmpl=70
192.243.59.12200 OK 0 B URL HTTP/1.1 duplicatepowerquay.com/pixel/purst?dl=0&th=0&sc=0&rs=1767&rd=1767&fd=936&bv=22.8.v.1&tmpl=70
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1767&rd=1767&fd=936&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: duplicatepowerquay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Sep 2022 01:59:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jetload.net/e/yJJWFjUaqn4d
207.244.67.172200 OK 482 B URL HTTP/2 jetload.net/e/yJJWFjUaqn4d
IP 207.244.67.172:0
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (482), with no line terminators
Hash f77a61ce02df552c2787f4da12929c06
de7a66dd4d7b613ee72ae0bab3adb9adf9a4c851
3827dd3051f74bb99afd56b143d4f63058ee8b4099ef6aaf2aa47325df018c4f
GET /e/yJJWFjUaqn4d HTTP/1.1
Host: jetload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, private, must-revalidate
content-length: 482
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 01:59:15 GMT
server: Cowboy
set-cookie: sid=042560ee-2b2c-11ed-86eb-92a18d69f67a; path=/; domain=.jetload.net; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 291b26341897d2647ce7bcc0f4a30c4d
18b4eeeedf7bc3b40cd23215b7ced9611c299adf
33bca499feab9ddbe734b2f1dcb0f2ffa7651c67e3efa4b9f7935f33ec39e11c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33BCA499FEAB9DDBE734B2F1DCB0F2FFA7651C67E3EFA4B9F7935F33EC39E11C"
Last-Modified: Fri, 02 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Sat, 03 Sep 2022 07:58:37 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
bu.pocuswagner.com/f62ffc3188dc5f62ffc3188dc62/27199
172.255.6.232200 OK 26 B URL HTTP/1.1 bu.pocuswagner.com/f62ffc3188dc5f62ffc3188dc62/27199
IP 172.255.6.232:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /f62ffc3188dc5f62ffc3188dc62/27199 HTTP/1.1
Host: bu.pocuswagner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Sep 2022 01:59:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sun, 04-Sep-2022 01:59:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sun, 04-Sep-2022 01:59:16 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
uploadmp4.com/embed/c70a6502b3e4b45c
185.107.56.194302 Found 11 B URL HTTP/2 uploadmp4.com/embed/c70a6502b3e4b45c
IP 185.107.56.194:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /embed/c70a6502b3e4b45c HTTP/1.1
Host: uploadmp4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Sat, 03 Sep 2022 01:59:15 GMT
location: http://ww1.uploadmp4.com
server: Cowboy
set-cookie: sid=03f47ef2-2b2c-11ed-9a19-ff4c53ad2e6f; path=/; domain=.uploadmp4.com; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
duplicatepowerquay.com/ab/0b/f5/ab0bf5d5deec4f57294608cacb73b88a.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 duplicatepowerquay.com/ab/0b/f5/ab0bf5d5deec4f57294608cacb73b88a.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37132), with no line terminators
Hash 88a07985d83985ab752d0ed1bd96e78a
3dbe2a93280c5f0c144ea2e971fe25254bdacf48
b86b342b05686b8abd78fb5c9417f91128bcf05e8149a44c5d0cbb028cded1b7
Analyzer Verdict Alert quad9 Sinkholed
GET /ab/0b/f5/ab0bf5d5deec4f57294608cacb73b88a.js HTTP/1.1
Host: duplicatepowerquay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Sep 2022 01:59:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07b3950f5afa54efcf8298505e5b9f48
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jetload.net/e/1ldVAetznnGo
207.244.67.172200 OK 482 B URL HTTP/2 jetload.net/e/1ldVAetznnGo
IP 207.244.67.172:0
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (482), with no line terminators
Hash cb5943c17b19c1382646a359b371fa14
857530fc5f229509fde98bd088f0722561223f10
18456322765ea1e9b80542adece3193c82fc4c8d5529cfd5d38356ddbce89ccb
GET /e/1ldVAetznnGo HTTP/1.1
Host: jetload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, private, must-revalidate
content-length: 482
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 01:59:16 GMT
server: Cowboy
set-cookie: sid=04321bb8-2b2c-11ed-8a5e-92a1988555b1; path=/; domain=.jetload.net; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 3872a4d36cbc3857bca1b8866c9cbdd4
78e37bf899a0b3e978bf9dc22a7f41e96fb3ab6d
04720f2151ec0caaf87479b229af703815448b7d3641d95660e26b59d959d79e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Sep 2022 21:53:26 GMT
ETag: "78e37bf899a0b3e978bf9dc22a7f41e96fb3ab6d"
Last-Modified: Fri, 02 Sep 2022 21:53:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1589
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744ae299fb420b45-OSL
uploadmp4.com/embed/3766e0732fc1e7cd?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThmZXF0cWwwMDVlOW8zazI4MDgiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2MzU2OTMzfQ._xNXslzkpTs3kZPTvihKeBozqqMZPUZ82iQxBHqyfd8&sid=03f82eda-2b2c-11ed-b141-ff4c503c9da5
185.107.56.194302 Found 11 B URL HTTP/2 uploadmp4.com/embed/3766e0732fc1e7cd?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThmZXF0cWwwMDVlOW8zazI4MDgiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2MzU2OTMzfQ._xNXslzkpTs3kZPTvihKeBozqqMZPUZ82iQxBHqyfd8&sid=03f82eda-2b2c-11ed-b141-ff4c503c9da5
IP 185.107.56.194:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /embed/3766e0732fc1e7cd?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThmZXF0cWwwMDVlOW8zazI4MDgiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2MzU2OTMzfQ._xNXslzkpTs3kZPTvihKeBozqqMZPUZ82iQxBHqyfd8&sid=03f82eda-2b2c-11ed-b141-ff4c503c9da5 HTTP/1.1
Host: uploadmp4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uploadmp4.com/embed/3766e0732fc1e7cd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Sat, 03 Sep 2022 01:59:15 GMT
location: http://ww1.uploadmp4.com
server: Cowboy
set-cookie: sid=03f82eda-2b2c-11ed-b141-ff4c503c9da5; path=/; domain=.uploadmp4.com; expires=Thu, 21 Sep 2090 05:13:23 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
st.mycdn.me/res/css/prod/videoembed/videoembed.28c0ee28.css
217.20.152.226200 OK 1.4 kB URL HTTP/2 st.mycdn.me/res/css/prod/videoembed/videoembed.28c0ee28.css
IP 217.20.152.226:0
File type ASCII text, with very long lines (5662), with no line terminators
Hash 01d6f6b79ac75e775bac9f6f37848d08
7a78a68f0f7aaf8e9b488309e1d6259cbdb70eef
70f6736299425d6c3fd9f817a68ac460f783eb9ec564456f31b439747628f003
GET /res/css/prod/videoembed/videoembed.28c0ee28.css HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: text/css; charset=utf-8
content-length: 1407
last-modified: Mon, 29 Aug 2022 14:36:22 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Sep 2023 01:59:16 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611a1440d2789d85045d288c3b355761
c8d29e8375e23ff8e5adc9db276ad1324edb4e7d
818267551f891f0eb37f331b5c30527b773db320671b21569c8384e71b957edd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "818267551F891F0EB37F331B5C30527B773DB320671B21569C8384E71B957EDD"
Last-Modified: Thu, 01 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3050
Expires: Sat, 03 Sep 2022 02:50:06 GMT
Date: Sat, 03 Sep 2022 01:59:16 GMT
Connection: keep-alive
developers.google.com/
142.250.74.14200 OK 16 kB IP 142.250.74.14:0
Hash 29536286ae6e2541becb9b0bb11407ce
91cc0cacdd00d10001fd0f88c775c38b68f1ce2f
eb10397cde56976420f9a008d9d4c3c997e3059db5831335e5a5bbace1a2f41d
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 13:02:46 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.3754938162.1662170356; Expires=Mon, 02 Sep 2024 01:59:16 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-+dSfEvRk69AiC+ANPyCORO80/Kmccv' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 618e36dd5902f1b5d729fbf6049bd92b
vary: Accept-Encoding
date: Sat, 03 Sep 2022 01:59:16 GMT
server: Google Frontend
content-length: 21172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uploadmp4.com/embed/8c37b4f0e11291ba?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThmZWx0azFlY2gyazQza3M4czQiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2MzU0MjgyfQ.2btUlIi6FGgC6Bv75CNgi5kfrFP7XUwxuwrU9ohfWK0&sid=03f7b95a-2b2c-11ed-971e-ff4c8d2e9d38
185.107.56.194302 Found 11 B URL HTTP/2 uploadmp4.com/embed/8c37b4f0e11291ba?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThmZWx0azFlY2gyazQza3M4czQiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2MzU0MjgyfQ.2btUlIi6FGgC6Bv75CNgi5kfrFP7XUwxuwrU9ohfWK0&sid=03f7b95a-2b2c-11ed-971e-ff4c8d2e9d38
IP 185.107.56.194:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /embed/8c37b4f0e11291ba?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThmZWx0azFlY2gyazQza3M4czQiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2MzU0MjgyfQ.2btUlIi6FGgC6Bv75CNgi5kfrFP7XUwxuwrU9ohfWK0&sid=03f7b95a-2b2c-11ed-971e-ff4c8d2e9d38 HTTP/1.1
Host: uploadmp4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uploadmp4.com/embed/8c37b4f0e11291ba
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Sat, 03 Sep 2022 01:59:16 GMT
location: http://ww1.uploadmp4.com
server: Cowboy
set-cookie: sid=03f7b95a-2b2c-11ed-971e-ff4c8d2e9d38; path=/; domain=.uploadmp4.com; expires=Thu, 21 Sep 2090 05:13:24 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
st.mycdn.me/res/i/video/stub/na_74.png
217.20.152.226200 OK 17 kB URL HTTP/2 st.mycdn.me/res/i/video/stub/na_74.png
IP 217.20.152.226:0
File type PNG image data, 74 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash e6eace150a3180b01fd0e1362fc91729
e139eab878f802a3c107c8d78e48ac6b866d4abc
d3e9f9b35b9dda7b4043b49b6ede0326536681dd301cd6ab9629b050b9aa9a6d
GET /res/i/video/stub/na_74.png HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.mycdn.me/res/css/prod/videoembed/videoembed.28c0ee28.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: image/png
content-length: 17052
last-modified: Wed, 23 Mar 2022 12:15:51 GMT
vary: Accept-Encoding
expires: Sun, 03 Sep 2023 01:59:16 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
hqq.tv/js/video.jquery_plugs/modernizr.js?12
190.115.19.71200 OK 25 kB URL HTTP/2 hqq.tv/js/video.jquery_plugs/modernizr.js?12
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1227), with no line terminators
Hash 2478703e893f93407ae4ffb243c37641
83f812a46958b22ca2dcb635299ee8733fe66bd9
4c5e1f18ac6b05ff80f9431a6ba555dd484c402b0b9133561a9a9d979c1202aa
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=lWScpqkNyvAujz5JK7EE; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 03 Sep 2022 01:59:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 717eb875018cefd029e0abe3b46fda8a
26bf662e856ca5affdc19197b09f15cb119053d6
382ebbea1e74c09b3b771c1cc365bb15ca80564bdf1ab24a762405a960dc77fc
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:17 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 06 Sep 2022 23:38:59 GMT
ETag: "26bf662e856ca5affdc19197b09f15cb119053d6"
Last-Modified: Fri, 02 Sep 2022 23:39:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 933
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744ae29bf808b527-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 717eb875018cefd029e0abe3b46fda8a
26bf662e856ca5affdc19197b09f15cb119053d6
382ebbea1e74c09b3b771c1cc365bb15ca80564bdf1ab24a762405a960dc77fc
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:17 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 06 Sep 2022 23:38:59 GMT
ETag: "26bf662e856ca5affdc19197b09f15cb119053d6"
Last-Modified: Fri, 02 Sep 2022 23:39:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 933
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744ae29c0c140b45-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12602
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 01:59:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12602
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 01:59:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12602
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 01:59:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12602
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 01:59:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12602
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 01:59:17 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
209.192.156.108200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 209.192.156.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Sep 2022 01:59:17 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81e5ea4112b4ee3548316de0a33c5d8c
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: alcmiW5Cb3Z96RJNXfz4F54HNERbyV71Q8hqVuNEOTUc48kItzlfHQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:53 GMT
age: 14964
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79118911-9148-4daf-8809-5e20fe16c9eb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79118911-9148-4daf-8809-5e20fe16c9eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21826f85e6f926272f6a770645040b4a
21aad3ec92f4e1a353601d0c5ab8b60f44ea418f
adb23b43d5f65606cfb5fc69c3d410f10df39575f69abc0d786cfbe564819cae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79118911-9148-4daf-8809-5e20fe16c9eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11650
x-amzn-requestid: 0e6f73ea-2283-4015-84f3-ac333d0c46ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt4lrGV1IAMFgGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f07bd-013631813e80395062f82834;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:03:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yuNko1mue4XRH5iOKl6T8T-2u-Cu5N5DM9y6Rr3JMel5fC7TPCnhsg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 03:41:41 GMT
age: 80256
etag: "21aad3ec92f4e1a353601d0c5ab8b60f44ea418f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc564d2b6-daa1-414e-bb63-5116a4d51382.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc564d2b6-daa1-414e-bb63-5116a4d51382.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06ffb5110d8bf50e601e91531f179e62
bb41e58777f4c3ed776a29e0e074f5fbcea5b814
59947d967e6f441c28fd42be2a834b7ba3eb52ab4a01579dab17c9e6fa5d8ed9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc564d2b6-daa1-414e-bb63-5116a4d51382.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8613
x-amzn-requestid: 4944a86f-87d8-434e-ba61-46e5029b0045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiVJ0F25IAMFh7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a68a5-64ff3e0556b9b1535084fda0;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 18:55:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y5UDLDpHFHQxmQqce_1Rqs3-qntS0wwJYDMCOUNW5or9-BizyFbnrg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 05:12:10 GMT
age: 74827
etag: "bb41e58777f4c3ed776a29e0e074f5fbcea5b814"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7032eb34-1355-4f64-91db-2c4fd70139b1.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7032eb34-1355-4f64-91db-2c4fd70139b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85bb0a09818a7c5f9e92e5b0faa057a4
ceb9a1d4efc578ad2bbcd8f99e8bf69e7dbe7aa3
d7e1901bdae487d1c4f4d0c8fdfd090f8f0baff719f319666395f91dc147d250
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7032eb34-1355-4f64-91db-2c4fd70139b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12612
x-amzn-requestid: c89164ee-6194-4a96-9a7f-b8c03478ef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xihm-GiPIAMFglA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a7c92-7def0f7964f7f0d336810aae;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 20:20:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fEeJ_Zw9Egt6gQYinki1fMzvqdQgixv0iBio2G4KsMppWkYhEB_SCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 04:34:06 GMT
age: 77111
etag: "ceb9a1d4efc578ad2bbcd8f99e8bf69e7dbe7aa3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash 034d4604beaddff5783b9878fadfaee6
64d5e1e0dbbbd62d6a64349dd964763b7ab4cbea
f8a957ee3468693f465da61d899438a2b674369b80c9d5c9ffff1111a7091290
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 71985
date: Sat, 03 Sep 2022 01:59:17 GMT
access-control-allow-origin: *
etag: "6312122a-11931"
expires: Sat, 03 Sep 2022 02:59:17 GMT
last-modified: Fri, 02 Sep 2022 17:24:42 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ok.ru/res/js/app/OKVideo_9f38afc9.js
5.61.23.11200 OK 5.3 kB URL HTTP/2 ok.ru/res/js/app/OKVideo_9f38afc9.js
IP 5.61.23.11:0
File type ASCII text, with very long lines (16125)
Hash 54223ea20004c4262cf87fc58bc4e0cd
360a4d893dd6d117cf1a6c447e906bc7f5a941c0
55bd30ceefad8a796f7c125a899d21faa1926676c5bf20592052a14c89f3713d
GET /res/js/app/OKVideo_9f38afc9.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/1473169001076
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:17 GMT
content-type: application/javascript
content-length: 5337
last-modified: Wed, 31 Aug 2022 10:33:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Sep 2023 01:59:17 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
jetload.net/e/29Ozb8X6Qlaj
207.244.67.172302 Found 11 B URL HTTP/2 jetload.net/e/29Ozb8X6Qlaj
IP 207.244.67.172:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /e/29Ozb8X6Qlaj HTTP/1.1
Host: jetload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Sat, 03 Sep 2022 01:59:16 GMT
location: http://ww1.jetload.net
server: Cowboy
set-cookie: sid=041c75c4-2b2c-11ed-8954-92a130600079; path=/; domain=.jetload.net; expires=Thu, 21 Sep 2090 05:13:24 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
ok.ru/res/js/lib/jquery-1.8.3_9a61997f.js
5.61.23.11200 OK 30 kB URL HTTP/2 ok.ru/res/js/lib/jquery-1.8.3_9a61997f.js
IP 5.61.23.11:0
File type Unicode text, UTF-8 text, with very long lines (36291)
Hash 7aedd74b68ecc9d1e0a05f8dc85ae204
5aa9bd99a0a4f0684ec3b4091e3cc94b61bf9c15
41f0972d71143cd8ac56c88ccb32b7abc23b1d30456770bae693147bbd1d6216
GET /res/js/lib/jquery-1.8.3_9a61997f.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/1473169001076
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:17 GMT
content-type: application/javascript
content-length: 29956
last-modified: Wed, 31 Aug 2022 10:33:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Sep 2023 01:59:17 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
ok.ru/res/js/b/primary_eacd98b2.js
5.61.23.11200 OK 24 kB URL HTTP/2 ok.ru/res/js/b/primary_eacd98b2.js
IP 5.61.23.11:0
File type ASCII text, with very long lines (55101)
Hash 98422caddb4edfb0430b8aa13ed103a8
d84aaf578ccc459a370f028f72715fe3202fc02c
94c9df9a469133a5aa66d69c2f378c983f5d76db6612b1a3695ea37261ac8575
GET /res/js/b/primary_eacd98b2.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/1473169001076
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:17 GMT
content-type: application/javascript
content-length: 24427
last-modified: Wed, 31 Aug 2022 10:33:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 03 Sep 2023 01:59:17 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
jetload.net/e/yJJWFjUaqn4d?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThnMGJlMG1ycmJicjAwdjFnODEiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2NjUwNzc3fQ.k16SDB1InG59xcvANx7iu4QiEn_23GvpyjGWRqLsr5E&sid=042560ee-2b2c-11ed-86eb-92a18d69f67a
207.244.67.172302 Found 11 B URL HTTP/2 jetload.net/e/yJJWFjUaqn4d?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThnMGJlMG1ycmJicjAwdjFnODEiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2NjUwNzc3fQ.k16SDB1InG59xcvANx7iu4QiEn_23GvpyjGWRqLsr5E&sid=042560ee-2b2c-11ed-86eb-92a18d69f67a
IP 207.244.67.172:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /e/yJJWFjUaqn4d?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjE3NzU1NiwiaWF0IjoxNjYyMTcwMzU2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczhqZThnMGJlMG1ycmJicjAwdjFnODEiLCJuYmYiOjE2NjIxNzAzNTYsInRzIjoxNjYyMTcwMzU2NjUwNzc3fQ.k16SDB1InG59xcvANx7iu4QiEn_23GvpyjGWRqLsr5E&sid=042560ee-2b2c-11ed-86eb-92a18d69f67a HTTP/1.1
Host: jetload.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetload.net/e/yJJWFjUaqn4d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Sat, 03 Sep 2022 01:59:16 GMT
location: http://ww1.jetload.net
server: Cowboy
set-cookie: sid=042560ee-2b2c-11ed-86eb-92a18d69f67a; path=/; domain=.jetload.net; expires=Thu, 21 Sep 2090 05:13:24 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
unpkg.com/jquery@2.2.4/dist/jquery.min.js
104.16.125.175200 OK 31 kB URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP 104.16.125.175:0
File type ASCII text, with very long lines (32065)
Hash abed6f1e8061fa138dd85da61af35246
5d17e2b8dda8cd305bfadf5d94d014a5a5672f51
900d497923b299bbc299f6e27bd0d4bc3260f7b57b807f98b7491f84da1ec4b2
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 5213857
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 744ae2995e01b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
st.mycdn.me/static/MegaPlayer/10-11-67/flashDetect.swf
217.20.152.226200 OK 424 B URL HTTP/2 st.mycdn.me/static/MegaPlayer/10-11-67/flashDetect.swf
IP 217.20.152.226:0
File type Macromedia Flash data (compressed), version 10\012- data
Hash 06c338f8a657bf5c6419ba4ab5964032
e4aa29797303e264067dc302a51d02f48b22ef2c
e94bf27d60e9ba64f079e8dcc296a1e12bcdf0bf8d189a7b1bceadcae979695a
GET /static/MegaPlayer/10-11-67/flashDetect.swf HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:17 GMT
content-type: application/x-shockwave-flash
content-length: 424
last-modified: Mon, 14 Mar 2022 16:04:14 GMT
vary: Accept-Encoding
expires: Sun, 03 Sep 2023 01:59:17 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662170356%3At%3AOK&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662170356%3At%3AOK&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash c79eadcfe48a772b044b84be09a0f1de
30bcde42b272fad3a0c6aa6a7fdd6797a6273713
582bfd6e40e4d67d3f4a0e2f89ed069cfdbcb64e538901c05af8b66f708fa034
GET /watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662170356%3At%3AOK&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ok.ru
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662170356%3At%3AOK&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 03 Sep 2022 01:59:17 GMT
access-control-allow-origin: https://ok.ru
set-cookie: yandexuid=8157792691662170357; Expires=Sun, 03-Sep-2023 01:59:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8157792691662170357; Expires=Sun, 03-Sep-2023 01:59:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1945644971662170357; Path=/; SameSite=None; Secure
i=rpFxxI2qbLaVvl1JsDXga/D3XddyPyIziWZls9oUVNmdDeur9lCfEbcM7DOsYhdk8NMMdq1m8stLK2RIbBVFQOZl6xQ=; Expires=Tue, 31-Aug-2032 01:59:17 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1693706357.yrts.1662170357#1693706357.yrtsi.1662170357; Expires=Sun, 03-Sep-2023 01:59:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 01:59:17 GMT
last-modified: Sat, 03-Sep-2022 01:59:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473168870004&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A908372236%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A179228293%3Arqn%3A3%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354084%3Ads%3A0%2C0%2C0%2C%2C160%2C0%2C%2C363%2C0%2C%2C%2C%2C999%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662170356%3At%3AOK&t=gdpr%2814%29clc%280-0-0%29re%281%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473168870004&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A908372236%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A179228293%3Arqn%3A3%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354084%3Ads%3A0%2C0%2C0%2C%2C160%2C0%2C%2C363%2C0%2C%2C%2C%2C999%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662170356%3At%3AOK&t=gdpr%2814%29clc%280-0-0%29re%281%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 4c7b2b94815ecd40255f1b466b502728
ccfbcf3fc2fc4e1d5a0b75697e6b4eb3361aa46e
bf9955d9def5b57f0e694df67d8d330069994e004996f699cfdaa92b45c01648
GET /watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473168870004&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A908372236%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A179228293%3Arqn%3A3%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354084%3Ads%3A0%2C0%2C0%2C%2C160%2C0%2C%2C363%2C0%2C%2C%2C%2C999%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662170356%3At%3AOK&t=gdpr%2814%29clc%280-0-0%29re%281%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ok.ru
Referer: https://ok.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sat, 03 Sep 2022 01:59:17 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://ok.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 01:59:17 GMT
last-modified: Sat, 03-Sep-2022 01:59:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F284d1308-98de-4954-a408-a2c074e0e7ea.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F284d1308-98de-4954-a408-a2c074e0e7ea.jpeg
IP 34.120.237.76:0
Hash 4c9ed353058018486af2bde957ae2e45
7a789ad42f9bf4e013bb7843dd2d2665ae4e8b2d
640ad36332b91252d244e2e33b848543ef1ad85d9c083244da8b64cc67beaeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F284d1308-98de-4954-a408-a2c074e0e7ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 2faea4f9-2bc2-4f09-98ff-753202d8a4e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMHHfpIAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-00ba3cea36308cea4a092141;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9qJg8ABexAQhpVPxIuH1gRIE9m62F5jPWWnaiMcF0RD9N-Wt30JTEw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:44 GMT
age: 14973
etag: "a74869b1d9551896ba6f911d167e192b2d9fd45e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 03 Sep 2022 01:59:18 GMT
access-control-allow-origin: *
etag: "6312122a-2b"
expires: Sat, 03 Sep 2022 02:59:18 GMT
accept-ranges: bytes
last-modified: Fri, 02 Sep 2022 17:24:42 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash b24031da478e9bdac9b1567b73cf8265
8baf5ad0f0694013cc35bff42db949e3dd70104f
0b04432ff36cf9e90c73ca5b3193e40aba4b45a13ce7668c653599e303607449
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:18 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 13:05:16 GMT
Expires: Fri, 09 Sep 2022 13:05:15 GMT
Etag: "8baf5ad0f0694013cc35bff42db949e3dd70104f"
Cache-Control: max-age=557756,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744ae2a4c961fac4-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash b24031da478e9bdac9b1567b73cf8265
8baf5ad0f0694013cc35bff42db949e3dd70104f
0b04432ff36cf9e90c73ca5b3193e40aba4b45a13ce7668c653599e303607449
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:18 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 13:05:16 GMT
Expires: Fri, 09 Sep 2022 13:05:15 GMT
Etag: "8baf5ad0f0694013cc35bff42db949e3dd70104f"
Cache-Control: max-age=557756,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744ae2a4cdb0b50f-OSL
hqq.tv/js/script-2.12.5.js
190.115.19.71200 OK 7.6 kB URL HTTP/2 hqq.tv/js/script-2.12.5.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1242)
Hash 543f95a313b970cb6ab0eb8540e5866c
bc6c1395224e65399bcdc4fc56a471f7644c8b3c
ec0833cdbc918c707b628784432c9eb879572843f22909ef3610ef8ad3a2290c
GET /js/script-2.12.5.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
Cookie: uid=zBIKiWV_DKMyGKOmPEq2fhsxc_K1v2JJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=KJYRozLE0y8U5ZaaMGIs; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:18 GMT
date: Sat, 03 Sep 2022 01:59:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
h4ahsm.cfeucdn.com/video_short.mp4
84.16.243.193206 Partial Content 3.1 kB URL HTTP/1.1 h4ahsm.cfeucdn.com/video_short.mp4
IP 84.16.243.193:0
ASN #28753 Leaseweb Deutschland GmbH
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 639ec085afd48ff720cb1716bb09c075
04789db6677b1e59ae5b2c8c3b565f7ad8bf5c52
7e3c990c8c3e6ad1a07710e7032c1ff22975d6322937e80b0446a07de1b227cb
GET /video_short.mp4 HTTP/1.1
Host: h4ahsm.cfeucdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://hqq.tv
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sat, 03 Sep 2022 01:59:17 GMT
Content-Type: video/mp4
Content-Length: 3078
Last-Modified: Sat, 03 Apr 2021 21:17:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6068db6e-c06"
server: YouTube Frontend Proxy
Expires: Mon, 03 Oct 2022 01:59:17 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Origin,Range
Access-Control-Expose-Headers: Content-Range,Content-Length,ETag
Content-Range: bytes 0-3077/3078
mc.yandex.ru/watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29
93.158.134.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 649a19f529367e063d3acef2622eec5b
a6ff887dec83c7d1019f9364dc3f12fe05cc1cfd
bc636d3e1e44be13438e68eae9e506460c3c838ac3015f047392ee53bdc2aee0
GET /watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ok.ru
Referer: https://ok.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sat, 03 Sep 2022 01:59:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://ok.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 01:59:18 GMT
last-modified: Sat, 03-Sep-2022 01:59:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169132148&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1023%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A548901482%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A860264062%3Arqn%3A2%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354089%3Ads%3A0%2C0%2C0%2C%2C176%2C0%2C%2C321%2C0%2C%2C%2C%2C994%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29
93.158.134.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169132148&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1023%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A548901482%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A860264062%3Arqn%3A2%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354089%3Ads%3A0%2C0%2C0%2C%2C176%2C0%2C%2C321%2C0%2C%2C%2C%2C994%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash f2a0c018e873d4df404f03e3d18a55ab
409e456dc1f286b30ef4c0e68a815f1272defe76
adefd234d1a8c21bc48267bc7d1aef1a2daf74eac652c89f0f2696eabf92cc86
GET /watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169132148&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1023%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A548901482%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A860264062%3Arqn%3A2%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354089%3Ads%3A0%2C0%2C0%2C%2C176%2C0%2C%2C321%2C0%2C%2C%2C%2C994%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ok.ru
Referer: https://ok.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sat, 03 Sep 2022 01:59:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://ok.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 01:59:18 GMT
last-modified: Sat, 03-Sep-2022 01:59:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29
93.158.134.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash a2bb5167cdbd81563a61cd5f26a1a9b8
ff01a39e8056f241287d09c428af39e9c8c0ea47
1d8e53a16091bc29c570c6c884e2e9f71b625bdcadc62a3309cc4489d7f52e01
GET /watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ok.ru
Referer: https://ok.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sat, 03 Sep 2022 01:59:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://ok.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 01:59:18 GMT
last-modified: Sat, 03-Sep-2022 01:59:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash b24031da478e9bdac9b1567b73cf8265
8baf5ad0f0694013cc35bff42db949e3dd70104f
0b04432ff36cf9e90c73ca5b3193e40aba4b45a13ce7668c653599e303607449
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:18 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 13:05:16 GMT
Expires: Fri, 09 Sep 2022 13:05:15 GMT
Etag: "8baf5ad0f0694013cc35bff42db949e3dd70104f"
Cache-Control: max-age=557756,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744ae2a4de280af6-OSL
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
104.16.125.175200 OK 4.5 kB URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP 104.16.125.175:0
Hash e9aaa367deac280eeec09c6b04bddaf9
7f6fe24451848a94c48d70be88ae534ba141d1dd
a61656ffe599ed5fef95b5010fe8891731f5186a74c281ea4b97bd86276bb272
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:18 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01GC0H5PX826R9EE2KR3KKP9K6-ams
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 744ae298edb6b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=88764947
190.115.19.71200 OK 300 B URL HTTP/2 hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=88764947
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 8d925588a55b87145dadf264f68a4e61
1b6e55bcb3bcae39fb5f88b3ca407c434bebb54b
7bccce323eadf2d13287df2eb1aa9b98e79a083266c522413814d138efe8a33e
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=88764947 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=cREi7lzWMFS2&autoplay=no
Cookie: uid=zBIKiWV_DKMyGKOmPEq2fhsxc_K1v2JJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=TINBWFmT48RIBXvrNGHm; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:18 GMT
date: Sat, 03 Sep 2022 01:59:18 GMT
content-type: application/json
access-control-allow-origin: *
x-inferno-location: banner
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fa31ad6448aa975881da540dbdd4c652
7f1fd7525d8ec24e50c056ec9949070cfbb003a1
d378e168059b652f543c762b0ba9d239725334b8cbd98df7089bbd459146386b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:19 GMT
Last-Modified: Sat, 03 Sep 2022 00:52:36 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fa31ad6448aa975881da540dbdd4c652
7f1fd7525d8ec24e50c056ec9949070cfbb003a1
d378e168059b652f543c762b0ba9d239725334b8cbd98df7089bbd459146386b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:19 GMT
Last-Modified: Sat, 03 Sep 2022 00:52:36 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fa31ad6448aa975881da540dbdd4c652
7f1fd7525d8ec24e50c056ec9949070cfbb003a1
d378e168059b652f543c762b0ba9d239725334b8cbd98df7089bbd459146386b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4003
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:19 GMT
Last-Modified: Sat, 03 Sep 2022 00:52:36 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5c8f737cd8716f974b3fe7b1641e99d6
34768317bd638e0a5f86ebf960beae98818d1f0e
185137b4c53c778859dbcb2740657aa4f0994a056b85a87460986a55a144eed9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:50:03 GMT
Expires: Sat, 10 Sep 2022 01:50:02 GMT
Etag: "34768317bd638e0a5f86ebf960beae98818d1f0e"
Cache-Control: max-age=603642,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744ae2ac4a00b50f-OSL
platform.twitter.com/js/button.c6c95b9789db97ea1e9742d215fff751.js
93.184.220.66200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.c6c95b9789db97ea1e9742d215fff751.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7017), with no line terminators
Hash 4f1f60563bf717e97c0a9d0ea41656bd
e81bc1de4809ad69c612311ef322d10920f565c9
76b3c3593522fdfb24ca4b06087d457bad98ae873958f032deea5151ad8762ca
GET /js/button.c6c95b9789db97ea1e9742d215fff751.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 191765
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sat, 03 Sep 2022 01:59:19 GMT
Etag: "3b5d132d3d3780b86a6d19d169faef45+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F707)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2361
platform.twitter.com/widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.es.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.es.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32033)
Hash 1f59c116c4ce8e7b7173b36e9523f168
e7f457bd32b19eaad4fe59140a7bbf398b6b65c9
0cdad50f72a8045533679ca9b7e6fb1a76e3e47afca18534585d0f32e0072c22
GET /widgets/tweet_button.c4bdc17e77719578b594d5555bee90db.es.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 191235
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Sep 2022 01:59:19 GMT
Etag: "684c057cb53a02e670a7f9df691fca10+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F707)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13989
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6b6b5ffecd53193507458fbe6e66d3f0
c96009132e435078cd79e19b19eeb0dbcf9abef3
229806893f073d6d725880c375c2f72ab09221a46095e1203d7379c1a29b8bef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/cse/static/images/1x/es/branding.png
142.250.74.164200 OK 1.4 kB URL HTTP/2 www.google.com/cse/static/images/1x/es/branding.png
IP 142.250.74.164:0
File type PNG image data, 132 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 5cde6b1e2022536bb6bad42206b592e6
d5f8b090cdf01d307543e4adc439c5b450725ef6
6034e5ee0510f90b538cb59205702151396dda15fc431432b7fc95e4ecde8886
GET /cse/static/images/1x/es/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 16:52:02 GMT
expires: Fri, 01 Sep 2023 16:52:02 GMT
cache-control: public, max-age=31536000
age: 119237
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5c8f737cd8716f974b3fe7b1641e99d6
34768317bd638e0a5f86ebf960beae98818d1f0e
185137b4c53c778859dbcb2740657aa4f0994a056b85a87460986a55a144eed9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:50:03 GMT
Expires: Sat, 10 Sep 2022 01:50:02 GMT
Etag: "34768317bd638e0a5f86ebf960beae98818d1f0e"
Cache-Control: max-age=603642,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744ae2ac3b50fac4-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5c8f737cd8716f974b3fe7b1641e99d6
34768317bd638e0a5f86ebf960beae98818d1f0e
185137b4c53c778859dbcb2740657aa4f0994a056b85a87460986a55a144eed9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:50:03 GMT
Expires: Sat, 10 Sep 2022 01:50:02 GMT
Etag: "34768317bd638e0a5f86ebf960beae98818d1f0e"
Cache-Control: max-age=603642,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744ae2ac8a500af6-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4d6c49cdfc9ba8e2c35c0864cdd02a9a
ea1b2234ca6f8e87594c1cd3329d61ccf1e6c8a2
662b1013ed12b05bebf54a1cb3040105777d022f0768b3e3fe532b1d8239bfbe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgnula.nu&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
216.58.207.237200 OK 5.9 kB URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgnula.nu&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2046)
Hash abb7c8b2488e172ada01ecec623b24d7
52c6c6787d1fd8668fadd39dbbec92dcfa91cdbc
bdecd8649a9384fdb290738b6a5a4a565c8f5c7363d68893edb7997b4e4945e4
GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgnula.nu&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Sep 2022 01:59:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-d0DYeFkqhIP9_wZ1W7ryIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
142.250.74.99200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 08:39:19 GMT
expires: Thu, 31 Aug 2023 08:39:19 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 27 Aug 2022 00:09:20 GMT
content-type: text/javascript
age: 235201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 1.7 kB IP 104.18.32.68:0
Hash 610723a5419c8815bf04b14a70aab0b3
61d0005db45224d56b48fdb8345b4f6a61f19a1f
f21669ff0daebda3ba09dc6c6668f62fa93d9d2a4f7190487ad1a917132a9a01
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 16:42:37 GMT
Expires: Tue, 06 Sep 2022 16:42:36 GMT
Etag: "72964eb15feb247143c902db3a3c611262437231"
Cache-Control: max-age=311594,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744ae2b9199ab50f-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 716fa73c5976de2c5259d94b0b7a4b41
b536e9681b1366ebdb8950d92e83e3b4ea08e706
df71a74053de80195aa0da33412a0bfa7bc0cfe0a639fad9178291981d18c18c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 06 Sep 2022 23:01:38 GMT
ETag: "b536e9681b1366ebdb8950d92e83e3b4ea08e706"
Last-Modified: Fri, 02 Sep 2022 23:01:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744ae2b9b998b4eb-OSL
click-v4.junmediadirect1.com/click?i=uc3tZuWsR-0_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.junmediadirect1.com/click?i=uc3tZuWsR-0_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=uc3tZuWsR-0_0 HTTP/1.1
Host: click-v4.junmediadirect1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://p.jwalf.com/ad/ad?p=198473&w=646286&d=229dd153ac5b5e5561f0-1643366430646286&s=242854.400387_456510
Pragma: no-cache
zap.buzz/vqlWwD8
172.67.213.33302 Found 282 B IP 172.67.213.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a9fedc2292c31e197ec31ed93bf19631
ea786a272d24c9ca85c1b15bb67a6779219d878d
3ff951913e28baeff10ef6a0a796aec8c5e6e9767e35e76dcc2768646c1b1dc7
GET /vqlWwD8 HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:19 GMT
content-type: text/html; charset=utf-8
location: https://q.xmlrtb.com/r?fid=k2mHN2AHw88
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YxK09w._e8O8CGe8u1sGuPCVg2dwrYFHo4; Expires=Sat, 03 Sep 2022 02:29:19 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZE6PVE3hwj8UvvjwhN%2F42Cj%2Frz5luHjoaaTvR4BWqC7sQBgRV%2Fhg9xPI%2FIQurh%2FabUhfJnnFTqsUAb37s2meHW5CisNVwFjhYK47ltOGM5u%2F5c0GmtX6yyPIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aa5a70fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a0fa4a58f90659573008385d775804
5eacdb60f5b95e98fd7d646d88f160dfc1160e0e
a57301c8c96fa4fde8b0fb8b8b1ac4e4f6d622fa3858f1d79b0ce5decc1707e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A57301C8C96FA4FDE8B0FB8B8B1AC4E4F6D622FA3858F1D79B0CE5DECC1707E4"
Last-Modified: Fri, 02 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4675
Expires: Sat, 03 Sep 2022 03:17:17 GMT
Date: Sat, 03 Sep 2022 01:59:22 GMT
Connection: keep-alive
zap.buzz/lxAR5ZJ
172.67.213.33302 Found 294 B IP 172.67.213.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 038f738e0e0d31c62789ba53006041f6
440ec4b858992a7fcae83a063b2ba03c31c9a424
6f731759b3b3cde4307686c54f4bdc3412ce4b65b8129764dba8a1755096a1dd
GET /lxAR5ZJ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:19 GMT
content-type: text/html; charset=utf-8
location: https://q.cachegorilla.com/r?fid=B79SGewuO6N
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YxK09w._e8O8CGe8u1sGuPCVg2dwrYFHo4; Expires=Sat, 03 Sep 2022 02:29:19 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CArNpl9x4ktFZwq4FCTfdvkyxGyFnC2VmJ5sy4Byjd6UbwJpvV70ts3vyGchAklQWiPJzh38CQtI%2Bp1qmz%2B4pEyYom9ke6ea1RNAUryVHF9wDmCq1wBX1QJLkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aa5a74fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
coco.trffcsource.com/l.php?p=c:1ighcaypoihz4sqbt&d=618a66dddea5517e2059f7a6&s=456552
51.83.143.92302 Found 0 B URL HTTP/1.1 coco.trffcsource.com/l.php?p=c:1ighcaypoihz4sqbt&d=618a66dddea5517e2059f7a6&s=456552
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l.php?p=c:1ighcaypoihz4sqbt&d=618a66dddea5517e2059f7a6&s=456552 HTTP/1.1
Host: coco.trffcsource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 10utd7p54d
Raund: 25e
Location: https://www.trackmwsg.digital/?sl=5497933-f304f&data1=Track1&data2=Track2&tag=6312b4faa773df5bba687478&website=456552
click-v4.junmediadirect1.com/click?i=wmK4z3Yu7SU_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.junmediadirect1.com/click?i=wmK4z3Yu7SU_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=wmK4z3Yu7SU_0 HTTP/1.1
Host: click-v4.junmediadirect1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://mono.trffcsource.com/j.php?p=c:hzxytre65zyfglamp&d=5f9a963a44dab42654017e67&s=243033&d2=
Pragma: no-cache
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash b5d66b097f60b8acdf748df2fd026e58
357135720a9763cfde878126377743f779aedd15
c1155def83d5a86d2a006eea1d1f16fd5afe05287ec839d663acead9843c9e39
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 07 Sep 2022 00:43:14 GMT
ETag: "357135720a9763cfde878126377743f779aedd15"
Last-Modified: Sat, 03 Sep 2022 00:43:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2760
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744ae2bddb46b4eb-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0fb935f05e6aaba744f686e2bb3928f9
5b8211247e237b44ddd5bc3df47063bfcac84b0e
a998f91aa98aee49510e973a892dd630395bb1af087c7dbc77b61d29bef2bf68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144276616-1&cid=1679223729.1662170358&jid=1678085788&gjid=834160087&_gid=1051469741.1662170358&_u=YEBAAUAAAAAAAC~&z=515750151
173.194.221.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144276616-1&cid=1679223729.1662170358&jid=1678085788&gjid=834160087&_gid=1051469741.1662170358&_u=YEBAAUAAAAAAAC~&z=515750151
IP 173.194.221.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-144276616-1&cid=1679223729.1662170358&jid=1678085788&gjid=834160087&_gid=1051469741.1662170358&_u=YEBAAUAAAAAAAC~&z=515750151 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://gnula.nu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Sep 2022 01:59:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fthriller%2Fver-daybreakers-vampiros-del-dia-2009-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662170357974%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f856738dd5c762346cf4835cf993ae9771ea79ad
104.244.42.136200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fthriller%2Fver-daybreakers-vampiros-del-dia-2009-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662170357974%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f856738dd5c762346cf4835cf993ae9771ea79ad
IP 104.244.42.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fthriller%2Fver-daybreakers-vampiros-del-dia-2009-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1662170357974%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221bfeb5c3714e8%3A1661975971032%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f856738dd5c762346cf4835cf993ae9771ea79ad HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:22 GMT
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sat, 03 Sep 2022 01:59:22 GMT
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 114
x-connection-hash: 5b1001b06ff3ae25a1efe401918fe86dd429741c601103f5e7ae1e6ea1ff68e9
X-Firefox-Spdy: h2
polldaddy.com/images/ratings/nero-hand-med.png
192.0.123.249200 OK 1.2 kB URL HTTP/2 polldaddy.com/images/ratings/nero-hand-med.png
IP 192.0.123.249:0
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 620224fd31a56f8b52ede14a0173f43f
e51333fbde9c767aa21bbd1610fc26c09868670d
d45bc6234fbff20dda709b132b23aa6cf93be77e85026f0fe740bb4a93bb0851
GET /images/ratings/nero-hand-med.png HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 01:59:22 GMT
content-type: image/png
content-length: 1179
last-modified: Wed, 08 Sep 2021 04:24:16 GMT
etag: "61383af0-49b"
expires: Mon, 03 Oct 2022 01:59:22 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
polldaddy.com/images/ratings/info.png
192.0.123.249200 OK 1.2 kB URL HTTP/2 polldaddy.com/images/ratings/info.png
IP 192.0.123.249:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 242cc5efe3724c793e5fa742c3aa1315
fbba0bdf013403f3d835b54d222931d04e137167
8d1b51a6bcf97a173884161816c19b753e0088a0926148482d8a1f371706c774
GET /images/ratings/info.png HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 01:59:22 GMT
content-type: image/png
content-length: 1226
last-modified: Wed, 08 Sep 2021 02:43:27 GMT
etag: "6138234f-4ca"
expires: Mon, 03 Oct 2022 01:59:22 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0fb935f05e6aaba744f686e2bb3928f9
5b8211247e237b44ddd5bc3df47063bfcac84b0e
a998f91aa98aee49510e973a892dd630395bb1af087c7dbc77b61d29bef2bf68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 01:59:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.trackmwsg.digital/?sl=5497933-f304f&data1=Track1&data2=Track2&tag=6312b4faa773df5bba687478&website=456552
51.68.82.147200 OK 4.3 kB URL HTTP/1.1 www.trackmwsg.digital/?sl=5497933-f304f&data1=Track1&data2=Track2&tag=6312b4faa773df5bba687478&website=456552
IP 51.68.82.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3439)
Hash 8ce4e6411d38790c7e17b167bef3e9df
a776a0670232ada4db5d5149196c98ad60834b50
adfa7dc4ebed724d7480f5f2d8a7df08b6f5e6864e13f51138ea88c16a32218e
Analyzer Verdict Alert quad9 Sinkholed
GET /?sl=5497933-f304f&data1=Track1&data2=Track2&tag=6312b4faa773df5bba687478&website=456552 HTTP/1.1
Host: www.trackmwsg.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
mono.trffcsource.com/j.php?p=c:hzxytre65zyfglamp&d=5f9a963a44dab42654017e67&s=243033&d2=
51.83.143.92302 Found 0 B URL HTTP/1.1 mono.trffcsource.com/j.php?p=c:hzxytre65zyfglamp&d=5f9a963a44dab42654017e67&s=243033&d2=
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j.php?p=c:hzxytre65zyfglamp&d=5f9a963a44dab42654017e67&s=243033&d2= HTTP/1.1
Host: mono.trffcsource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 12cpfh4axt
Raund: 119ebtns3r
Location: https://popcash.net/world/go/134600/427270
www.trackmwsg.digital/?sl=5497933-f304f&data1=Track1&data2=Track2&tag=6312b4faa773df5bba687478&website=456552&eyeg=de492046cc4c40e87a10064a48be4430&eyer=0.24506001792833343&eyei=1&eyew=0&eyeh=0&eyetd=220&eyef=
51.68.82.147302 Found 0 B URL HTTP/1.1 www.trackmwsg.digital/?sl=5497933-f304f&data1=Track1&data2=Track2&tag=6312b4faa773df5bba687478&website=456552&eyeg=de492046cc4c40e87a10064a48be4430&eyer=0.24506001792833343&eyei=1&eyew=0&eyeh=0&eyetd=220&eyef=
IP 51.68.82.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /?sl=5497933-f304f&data1=Track1&data2=Track2&tag=6312b4faa773df5bba687478&website=456552&eyeg=de492046cc4c40e87a10064a48be4430&eyer=0.24506001792833343&eyei=1&eyew=0&eyeh=0&eyetd=220&eyef= HTTP/1.1
Host: www.trackmwsg.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=350004802c8357d704fc126b76f097261e3860903-202209-flb*5497933-f304f*6312b4faa773df5bba687478*sl_5497933-f304f*38a71230e6005486b767134eee89d7530ee15036*456552*
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 87bc4b303191b89c202c7b98e76ce3e8
94f7bd7b2d266eaaf1fd7e4fe5bbfe73fee5c165
0bed90fd1af08be728698de862c8334749230decf24be03814d8e90155e1d14f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 01:59:22 GMT
Last-Modified: Sat, 03 Sep 2022 00:50:05 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t84lGsvaXjSkICWQZlRgBhdmp6ISjsz3bVrEaCVz_Pl_IufGZeBDvA==
Age: 4157
click-v4.expmdiadi.com/click?i=nFvh4d5aZDI_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.expmdiadi.com/click?i=nFvh4d5aZDI_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=nFvh4d5aZDI_0 HTTP/1.1
Host: click-v4.expmdiadi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://coco.trffcsource.com/l.php?p=c:1ighcaypoihz4sqbt&d=618a66dddea5517e2059f7a6&s=456552
Pragma: no-cache
popcash.net/world/go/134600/427270
172.67.194.203301 Moved Permanently 162 B URL HTTP/2 popcash.net/world/go/134600/427270
IP 172.67.194.203:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /world/go/134600/427270 HTTP/1.1
Host: popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 03 Sep 2022 01:59:22 GMT
content-type: text/html
content-length: 162
location: http://ps.popcash.net/go/134600/427270
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYDZuQrb607D%2F7fQ%2FFnoxE40JbHi1W2%2FEq2kxXBO5oI3fL6GTk9V8hILTbp%2FaFtanRRjENKCCS3wTS%2FKO%2BOliWjVf8ILpj1u1%2FDjzznx%2FlvpNrcMQKgFee1Zp2uz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2beca510af6-OSL
X-Firefox-Spdy: h2
coco.trffcsource.com/l.php?p=c:1ighcaypoihz4sqbt&d=618a66dddea5517e2059f7a6&s=456552
51.83.143.92302 Found 0 B URL HTTP/1.1 coco.trffcsource.com/l.php?p=c:1ighcaypoihz4sqbt&d=618a66dddea5517e2059f7a6&s=456552
IP 51.83.143.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l.php?p=c:1ighcaypoihz4sqbt&d=618a66dddea5517e2059f7a6&s=456552 HTTP/1.1
Host: coco.trffcsource.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 11hx4alk7e
Raund: 25e
Location: https://miao.labtrffc.com/s.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int-456552
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 622a5c5a64b9c055d895bde78b3625af
5d50252af4c7367d43bd08204ec82d2c6438d9e1
5e05b754fc57305ca2477800c40f97e8fcdc2edbccd009acb84129b26b1d77b1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Sep 2022 23:22:08 GMT
Expires: Sat, 03 Sep 2022 23:22:08 GMT
ETag: "5d50252af4c7367d43bd08204ec82d2c6438d9e1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=350004802c8357d704fc126b76f097261e3860903-202209-flb*5497933-f304f*6312b4faa773df5bba687478*sl_5497933-f304f*38a71230e6005486b767134eee89d7530ee15036*456552*
34.91.27.112302 Found 0 B URL HTTP/2 admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=350004802c8357d704fc126b76f097261e3860903-202209-flb*5497933-f304f*6312b4faa773df5bba687478*sl_5497933-f304f*38a71230e6005486b767134eee89d7530ee15036*456552*
IP 34.91.27.112:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=350004802c8357d704fc126b76f097261e3860903-202209-flb*5497933-f304f*6312b4faa773df5bba687478*sl_5497933-f304f*38a71230e6005486b767134eee89d7530ee15036*456552* HTTP/1.1
Host: admoustache.go2affise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 03 Sep 2022 01:59:22 GMT
content-length: 0
location: https://www.jukminung.com/rc/a91581ead4?affclick=6312b4faaf91a7000111954f&pubid=503
set-cookie: afclick=6312b4faaf91a7000111954f; expires=Sun, 03 Sep 2023 01:59:22 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
174.137.133.17302 Found 0 B URL HTTP/1.1 xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
IP 174.137.133.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457657&auth=p12tC3&pubid=152420 HTTP/1.1
Host: xml.poprtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://tsyndicate.com/api/v1/direct/795440ba0b07418897d616c5a2a83add?extID=362863_416514_457657
Pragma: no-cache
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fbf58e151499163b409825b75292117d
c0f850244aed9983d411e7596dc5ffd6bba3bb23
fd9018db7938c545590cbadfdd1aa769f33a54414e5942c9c25f16dedbf4cfe3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FD9018DB7938C545590CBADFDD1AA769F33A54414E5942C9C25F16DEDBF4CFE3"
Last-Modified: Thu, 01 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8864
Expires: Sat, 03 Sep 2022 04:27:06 GMT
Date: Sat, 03 Sep 2022 01:59:22 GMT
Connection: keep-alive
xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
174.137.133.17302 Found 0 B URL HTTP/1.1 xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
IP 174.137.133.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457657&auth=p12tC3&pubid=152420 HTTP/1.1
Host: xml.poprtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Sep 2022 01:59:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://t4.goldensevenseas.net/l.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&s=416514_457657&pid=XLfBBuJpJSI_0
Pragma: no-cache
miao.labtrffc.com/s.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int-456552
51.83.143.92200 OK 494 B URL HTTP/1.1 miao.labtrffc.com/s.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int-456552
IP 51.83.143.92:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (543)
Hash 6280c52349661652583667703f6dc176
1e4b562be5f3abd74d59c033debc147e2000738a
e4bba18759e4de38710228cf5237c97a80fce791aa331ebafec52b40da765edf
GET /s.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int-456552 HTTP/1.1
Host: miao.labtrffc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Sep 2022 01:59:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=6312b4fb83c1681e134281cd; expires=Tue, 06-Sep-2022 01:59:23 GMT; Max-Age=259200; path=/; domain=miao.labtrffc.com; HttpOnly
Content-Encoding: gzip
q.cachegorilla.com/r?fid=B79SGewuO6N
104.21.51.225302 Found 359 B URL HTTP/2 q.cachegorilla.com/r?fid=B79SGewuO6N
IP 104.21.51.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9bb8132265466a0e8b9f73abd0664b2a
130b0ca7eada76832cc344ae02841000e82604aa
a9eddd5e8e028b7a47dc652c41a221b31546e904d365f1bad7f49b3c7ee2daff
GET /r?fid=B79SGewuO6N HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:21 GMT
location: http://c.cachegorilla.com/cf?id=10266555244044051862&sid=B79SGewuO6N&subid=0000&fid=19373&redir=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zKB0oNGJZn09BHPbXlOlLB%2F%2B2XOSyNj1egqmJuxHs776X8QFrCPyj6DqObG4twHxzbq49o%2F%2B2V0N2WTA8wQX97Ih7ig76X9gAKP9TWlD7cdmRfHyZiALT7bVxzcyd4laAkB2QU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aae826b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fbf58e151499163b409825b75292117d
c0f850244aed9983d411e7596dc5ffd6bba3bb23
fd9018db7938c545590cbadfdd1aa769f33a54414e5942c9c25f16dedbf4cfe3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FD9018DB7938C545590CBADFDD1AA769F33A54414E5942C9C25F16DEDBF4CFE3"
Last-Modified: Thu, 01 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8863
Expires: Sat, 03 Sep 2022 04:27:06 GMT
Date: Sat, 03 Sep 2022 01:59:23 GMT
Connection: keep-alive
tsyndicate.com/api/v1/direct/795440ba0b07418897d616c5a2a83add?extID=362863_416514_457657
136.243.46.131302 Found 0 B URL HTTP/2 tsyndicate.com/api/v1/direct/795440ba0b07418897d616c5a2a83add?extID=362863_416514_457657
IP 136.243.46.131:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/795440ba0b07418897d616c5a2a83add?extID=362863_416514_457657 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 03 Sep 2022 01:59:23 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://crengate.com/pu/?psid=ed_tsrmntt1&site=jsm&target=rttr&utm_medium=partner&utm_source=TS&category=girl&ms_notrack=1
x-request-id: 09286b64529faa18
set-cookie: ts_uid=920d9ed4-11a6-4826-9dac-085c5545073b; expires=Fri, 03 Mar 2023 01:59:23 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YYM27giJFDRhcWIsYUPPhQRJmJMWzYkCGjho0bNmZ06aMg; expires=Sun, 04 Sep 2022 01:59:23 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
ts_direct_tag=179992:1378192:7282:4093144:33056; expires=Mon, 03 Oct 2022 01:59:23 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ok.ru/videoembed/1473169132148
5.61.23.11200 OK 0 B URL HTTP/2 ok.ru/videoembed/1473169132148
IP 5.61.23.11:0
GET /videoembed/1473169132148 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=-9200054890218426279; Domain=.ok.ru; Expires=Thu, 21-Sep-2090 05:13:23 GMT; Path=/; Secure; HttpOnly
_statid=74ffa9a1-86fa-4fe4-9695-8d4a57cbf624; Domain=.ok.ru; Expires=Thu, 21-Sep-2090 05:13:23 GMT; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
last-modified: Tue, 15 Mar 2022 12:52:58 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
104.16.125.175200 OK 0 B URL HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP 104.16.125.175:0
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 11481120
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 744ae298edb8b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
hqq.tv/cdn-cgi/trace
190.115.19.71404 Not Found 0 B IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /cdn-cgi/trace HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=STdKKzzOTOzv&autoplay=no
Cookie: uid=zBIKiWV_DKMyGKOmPEq2fhsxc_K1v2JJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
set-cookie: __ddg1_=32z5wQLssKP4ahwuHWtB; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:18 GMT
date: Sat, 03 Sep 2022 01:59:18 GMT
content-type: text/html; charset=UTF-8
x-origin-location: /
x-cache-status-inferno: MISS
x-inferno-location: /
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
q.xmlrtb.com/r?fid=k2mHN2AHw88
104.21.14.245302 Found 0 B URL HTTP/2 q.xmlrtb.com/r?fid=k2mHN2AHw88
IP 104.21.14.245:0
GET /r?fid=k2mHN2AHw88 HTTP/1.1
Host: q.xmlrtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:21 GMT
location: https://popxperts.com/w3ar3w1n
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhZAFXDzw6ucr6P1aufMTsg2FFOWYNEteMACqZYteMvwS73%2BtzRO8PxUehLEGyiqAdMQe%2FOSKyBCx5p3pTnH4%2FiZfJ3c%2BRPqWgFq4lMhrqDgt9y7l5ss2bCB0Fj2y%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2b53b2ab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polldaddy.com/js/rating/rating.js
192.0.123.249200 OK 0 B URL HTTP/2 polldaddy.com/js/rating/rating.js
IP 192.0.123.249:0
GET /js/rating/rating.js HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 01:59:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Mar 2022 16:44:08 GMT
etag: W/"62433758-41b7"
expires: Mon, 03 Oct 2022 01:59:15 GMT
cache-control: max-age=2592000
content-encoding: br
X-Firefox-Spdy: h2
ok.ru/videoembed/1473168870004
5.61.23.11200 OK 0 B URL HTTP/2 ok.ru/videoembed/1473168870004
IP 5.61.23.11:0
GET /videoembed/1473168870004 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=-3149510937084364480; Domain=.ok.ru; Expires=Thu, 21-Sep-2090 05:13:23 GMT; Path=/; Secure; HttpOnly
_statid=4bd3f681-f8d3-4903-84d0-5429c544ad23; Domain=.ok.ru; Expires=Thu, 21-Sep-2090 05:13:23 GMT; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
last-modified: Wed, 09 Mar 2022 19:33:19 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: br
X-Firefox-Spdy: h2
hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=85809467
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=85809467
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=85809467 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
Cookie: uid=zBIKiWV_DKMyGKOmPEq2fhsxc_K1v2JJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=BtPPZYE0pBr21kloN98P; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:18 GMT
date: Sat, 03 Sep 2022 01:59:17 GMT
content-type: application/json
access-control-allow-origin: *
x-inferno-location: banner
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
zap.buzz/lxAR5ZJ
172.67.213.33302 Found 0 B IP 172.67.213.33:0
GET /lxAR5ZJ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:19 GMT
content-type: text/html; charset=utf-8
location: https://q.cachegorilla.com/r?fid=B79SGewuO6N
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YxK09w._e8O8CGe8u1sGuPCVg2dwrYFHo4; Expires=Sat, 03 Sep 2022 02:29:19 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XArtwMt5oTOj6SwWLPNCJSvRv%2FXWEPSJllkSYnreJccbGGkChV7%2FM%2FK6DTXxARwPODh5MpGDCkAt%2FrLqfmivQvZoJBp21kWj9vUFrDkMmvSmM2lY4Yg%2FX3%2BpcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aaaa85fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polldaddy.com/ratings/rate.php?cmd=get&id=6422202&uid=wp-post-333761&item_id=_post_333761
192.0.123.249200 OK 0 B URL HTTP/2 polldaddy.com/ratings/rate.php?cmd=get&id=6422202&uid=wp-post-333761&item_id=_post_333761
IP 192.0.123.249:0
GET /ratings/rate.php?cmd=get&id=6422202&uid=wp-post-333761&item_id=_post_333761 HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 01:59:19 GMT
content-type: application/javascript
vary: Accept-Encoding
content-language: en
content-encoding: br
X-Firefox-Spdy: h2
q.cachegorilla.com/r?fid=B79SGewuO6N
104.21.51.225302 Found 0 B URL HTTP/2 q.cachegorilla.com/r?fid=B79SGewuO6N
IP 104.21.51.225:0
GET /r?fid=B79SGewuO6N HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:22 GMT
location: http://c.cachegorilla.com/cf?id=10954471903886736002&sid=B79SGewuO6N&subid=0000&fid=19439&redir=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSNYVOtgJSAZ8dMENDsxJSJx3MpBFSACS20AAf9BtWqTk2lDvhCx8dAYTNvT%2BbClmj3ynNETjNDUXkIQ8oduzXMml1CgwOSYmTb%2F1vx8uAriKFem0fjxt3Af7wHjLC64M%2Fhx4rk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2b60e74b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.cachegorilla.com/cf?id=10266555244044051862&sid=B79SGewuO6N&subid=0000&fid=19373&redir=1
104.21.51.225302 Found 0 B URL HTTP/2 c.cachegorilla.com/cf?id=10266555244044051862&sid=B79SGewuO6N&subid=0000&fid=19373&redir=1
IP 104.21.51.225:0
GET /cf?id=10266555244044051862&sid=B79SGewuO6N&subid=0000&fid=19373&redir=1 HTTP/1.1
Host: c.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:21 GMT
location: http://click-v4.junmediadirect1.com/click?i=uc3tZuWsR-0_0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5g8NZI8gvfpcaCQLM9664BYlQdMTiLyR9YEVt1FLJhYc86auFPW6iXoUQA2DcH4yF5K%2F3Gr6e7NEuqro27Y98ImbQq2IcWsxaK1K%2FlGFggTaelYAh8uQF4w3TmuE57T2lu6ggWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2b61e7bb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/style.css
185.178.208.130200 OK 0 B URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/style.css
IP 185.178.208.130:0
GET /wp-content/themes/charcoal2/style.css HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/thriller/ver-daybreakers-vampiros-del-dia-2009-online/
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 08:03:53 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 22:32:04 GMT
etag: W/"6032df64-9af4"
expires: Thu, 08 Sep 2022 08:03:53 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 150922
ddg-cache-status: HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.234.254200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: fd0d0e240f2fdfba734087c5f3a9d81b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 03 Sep 2022 01:59:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FotfvacDLog4iEFfBrv87OBJGd4byQNMAAt9tKR%2BvMqsFXYp3UYlVbo1VOd3xYuaYSDH81yVa0s%2BXpoVWbMpXETU2m%2F4ECbsWwKDkwym%2Bt7Hf2gCFIM8Ut08eZ48UxNDS5ck0js%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 744ae2954a09e634-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.tv/styles/global/embed_player.3.css?130
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/styles/global/embed_player.3.css?130
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=euhtXMloEWZH5QwqqE50; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 03 Sep 2022 01:59:15 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
mc.yandex.ru/watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr(14)rqnl(2)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr(14)rqnl(2)ti(2)
IP 93.158.134.119:0
GET /watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr(14)rqnl(2)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ok.ru
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F1473169001076&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1026%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A521239026694%3Ahid%3A791629278%3Az%3A0%3Ai%3A20220903015915%3Aet%3A1662170356%3Arn%3A87134629%3Arqn%3A1%3Au%3A1662170356149009295%3Aw%3A640x360%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662170354087%3Ads%3A0%2C0%2C0%2C%2C168%2C0%2C%2C408%2C0%2C%2C%2C%2C995%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1662170357%3At%3AOK&t=gdpr%2814%29rqnl%282%29ti%282%29
date: Sat, 03 Sep 2022 01:59:18 GMT
access-control-allow-origin: https://ok.ru
set-cookie: yandexuid=2773053341662170358; Expires=Sun, 03-Sep-2023 01:59:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2773053341662170358; Expires=Sun, 03-Sep-2023 01:59:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=794008641662170358; Path=/; SameSite=None; Secure
i=kWSBqECA/sWcwy/arNrehNLOKUin4zns0B7KXlkHjR7c/Ev6F+PR9kFe938EvryADce55uv4VUh4fbqd2RQa4IhWlW8=; Expires=Tue, 31-Aug-2032 01:59:17 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1693706358.yrts.1662170358#1693706358.yrtsi.1662170358; Expires=Sun, 03-Sep-2023 01:59:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Sep-2022 01:59:18 GMT
last-modified: Sat, 03-Sep-2022 01:59:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=28462303
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=28462303
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=28462303 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=STdKKzzOTOzv&autoplay=no
Cookie: uid=zBIKiWV_DKMyGKOmPEq2fhsxc_K1v2JJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=b99UXcJVN95owy1o1gF8; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:18 GMT
date: Sat, 03 Sep 2022 01:59:18 GMT
content-type: application/json
access-control-allow-origin: *
x-inferno-location: banner
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
zap.buzz/vqlWwD8
172.67.213.33302 Found 0 B IP 172.67.213.33:0
GET /vqlWwD8 HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:19 GMT
content-type: text/html; charset=utf-8
location: https://q.xmlrtb.com/r?fid=k2mHN2AHw88
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YxK09w._e8O8CGe8u1sGuPCVg2dwrYFHo4; Expires=Sat, 03 Sep 2022 02:29:19 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb8hKvhC7Iw%2FOJ%2FB0zr2B7VdT31aSbNo9kGRnxwiCeGTSsTECReo54xXhikgixCqc7zhUY8axMSapODJZ4BVPR1ytMn2nkBTTxPaGdA%2FeBUoChdlHEOd%2FhaULg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aaaa8bfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.tv/js/d_check.js?34
190.115.19.71200 OK 0 B IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/d_check.js?34 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=lbZ4ViliKLDvfVLKCuVy; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 03 Sep 2022 01:59:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
q.cachegorilla.com/r?fid=B79SGewuO6N
104.21.51.225302 Found 0 B URL HTTP/2 q.cachegorilla.com/r?fid=B79SGewuO6N
IP 104.21.51.225:0
GET /r?fid=B79SGewuO6N HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:21 GMT
location: http://c.cachegorilla.com/cf?id=11933895136386367261&sid=B79SGewuO6N&subid=0000&fid=19372&redir=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWVisWHjXf2XQ9QBwDzFC%2BfiZgi6F4c8wfoK32iOx1qpgQK9h%2F7gMGBziQ5Aq%2BKzFkLw0YZ1yj6%2FHxbtNn39Xft8p7ioGlP7goLgyfDJbOc0bORNgt7OnKDrmsigijZdyWNp1Ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2b60e76b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.jukminung.com/rc/a91581ead4?affclick=6312b4faaf91a7000111954f&pubid=503
104.21.28.174200 OK 0 B URL HTTP/2 www.jukminung.com/rc/a91581ead4?affclick=6312b4faaf91a7000111954f&pubid=503
IP 104.21.28.174:0
GET /rc/a91581ead4?affclick=6312b4faaf91a7000111954f&pubid=503 HTTP/1.1
Host: www.jukminung.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:23 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=vtqL3dSopSyilXm1PAq6ROc7tDaAPKiOiqhHInsFn4Nz4mpStDZgsbicJuYfuF91/sqSBPiuV7jRU9S0UM17L+wxjEfAJ95+s3szgepTh6YUdqnMkS+sAZpR5c0a; Expires=Sat, 10 Sep 2022 01:59:23 GMT; Path=/
AWSALBCORS=vtqL3dSopSyilXm1PAq6ROc7tDaAPKiOiqhHInsFn4Nz4mpStDZgsbicJuYfuF91/sqSBPiuV7jRU9S0UM17L+wxjEfAJ95+s3szgepTh6YUdqnMkS+sAZpR5c0a; Expires=Sat, 10 Sep 2022 01:59:23 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymj2WVWisHgp6IDb3S8IHZ%2BIZVVg7CfyIcOwHmEsNdXf72MHSEgXujruLDeMZaSBxiCaNVaJSY6pqNYBHT4vwSuMKdaqw%2BZDbiwko6tzPUjcjoPSsi5bjRDl%2Ftl0xymNqwbbVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2c06a530b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.addlnk.com/redirect.css
172.67.191.221200 OK 0 B URL HTTP/2 cdn.addlnk.com/redirect.css
IP 172.67.191.221:0
GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jukminung.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 01:59:23 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: BUW6rlWHZvzQnvJHp4gBkVRIGc8DfdhWdOpgruWqMqu7ownlHIapox/IYSueiBqz+QseNtzP+2A=
x-amz-request-id: KYXF7EGSHW20KRRM
cf-cache-status: HIT
age: 6059
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8TXpy7Zag4mKLWMGU2FwTD8ckdamCgqigvn88mqQ7O08r6g7QelbQZ3mg1ef3NOpL7FET4IRM2A7NkkLwSffEuwl8qkklZ%2B5yrOB99G288KDHOHDqj7bOPzrG37mGnoiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 744ae2c2ad08b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/DC_League_of_Super_Pets4.gif
185.178.208.130200 OK 0 B URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/DC_League_of_Super_Pets4.gif
IP 185.178.208.130:0
GET /wp-content/uploads/2022/08/DC_League_of_Super_Pets4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=mZKbjEQMHMzLuj4DsHy0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 30 Aug 2022 16:38:29 GMT
content-type: image/gif
content-length: 19173
last-modified: Tue, 23 Aug 2022 16:24:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "6304ff44-4ae5"
expires: Tue, 06 Sep 2022 16:38:29 GMT
age: 292846
ddg-cache-status: HIT
X-Firefox-Spdy: h2
hqq.tv/player/embed_player.php?vid=STdKKzzOTOzv&autoplay=no
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/player/embed_player.php?vid=STdKKzzOTOzv&autoplay=no
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /player/embed_player.php?vid=STdKKzzOTOzv&autoplay=no HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=fxZIl7xABzm7R9a173bl; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 03 Sep 2022 01:59:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.tv>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wws.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2
q.xmlrtb.com/r?fid=k2mHN2AHw88
104.21.14.245302 Found 0 B URL HTTP/2 q.xmlrtb.com/r?fid=k2mHN2AHw88
IP 104.21.14.245:0
GET /r?fid=k2mHN2AHw88 HTTP/1.1
Host: q.xmlrtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:21 GMT
location: https://popxperts.com/w3ar3w1n
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZ0I8JiGK1bfROgfUEMDYdXd9uRhAXaIgEOMfC6WzFpJwUNj0u9G7PNboL4LEgp8Nxpua60O4bl4YBDeih%2FDCtAWqN537ltBrLZQWRtklMYSpHsE9ncGKRYAtsUyEjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aaecc5b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zap.buzz/lxAR5ZJ
172.67.213.33302 Found 0 B IP 172.67.213.33:0
GET /lxAR5ZJ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:19 GMT
content-type: text/html; charset=utf-8
location: https://q.cachegorilla.com/r?fid=B79SGewuO6N
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YxK09w._e8O8CGe8u1sGuPCVg2dwrYFHo4; Expires=Sat, 03 Sep 2022 02:29:19 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reNRmdhF0%2FTP38hXY7veD7tgTCaZE1PXwE6XP1JX1ebvyLQyyfNwQ36S5LiUrATcXCTevZ%2Ff6989CkBP%2B3zCagJTzlQdsmClnhAm81qac4o7%2B1NS3kmgRojpiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aaaa88fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zap.buzz/Jr1zAzZ
172.67.213.33302 Found 0 B IP 172.67.213.33:0
GET /Jr1zAzZ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:19 GMT
content-type: text/html; charset=utf-8
location: https://xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YxK09w._e8O8CGe8u1sGuPCVg2dwrYFHo4; Expires=Sat, 03 Sep 2022 02:29:19 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5nrw75PXqBVVbvsovkoycGiGS1YAYKIV4dXMu1Nam90RFWBUBqIuuKSE0izCysFYiSjA0Mb0HT3HUdp7f8a5VtxkgRPt8bpEXSFnhqOAHVA7ZGS7M3nj1aYhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aaba8dfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.tv/js/embed.205.js?736
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/js/embed.205.js?736
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/embed.205.js?736 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=NwPOR6vEHR0r7KnzpgVz; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 03 Sep 2022 01:59:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
etag: W/"62ec0ae6-298ce"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=MWVpHNCNaSopwgSlZ2B8; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 03 Sep 2022 01:59:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.tv>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wws.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
hqq.tv/js/adv/fuckadblock.js?2
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/js/adv/fuckadblock.js?2
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UaPkgHBFrwew&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=96Ze48zy17Ol2iO3nP3s; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Sep-2023 01:59:16 GMT
date: Sat, 03 Sep 2022 01:59:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
zap.buzz/Jr1zAzZ
172.67.213.33302 Found 0 B IP 172.67.213.33:0
GET /Jr1zAzZ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 03 Sep 2022 01:59:19 GMT
content-type: text/html; charset=utf-8
location: https://xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YxK09w._e8O8CGe8u1sGuPCVg2dwrYFHo4; Expires=Sat, 03 Sep 2022 02:29:19 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6Hqj9kzCzOm8tFPV78Vv5LT8pQcr8eNYenDqyeChM%2FBCYNlZwNZpwtEjwFxBaA89vHAYUBcvvla4PhdKHAZVNngo8LOs1Wlr2YDTW6FYRwxft8y1IugJ13fCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744ae2aaba8ffabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2