r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3758
Expires: Sat, 07 Jan 2023 21:45:55 GMT
Date: Sat, 07 Jan 2023 20:43:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9717
Expires: Sat, 07 Jan 2023 23:25:14 GMT
Date: Sat, 07 Jan 2023 20:43:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 20:41:25 GMT
content-type: application/json
age: 112
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3970
Expires: Sat, 07 Jan 2023 21:49:27 GMT
Date: Sat, 07 Jan 2023 20:43:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: V+Q0ykHm5fnzIEkyttiPwr8oooiT6oh9yShAeS3wDvOeJR3wb4eTgUz2qm9MMZ4D2BSruTNpy2A=
x-amz-request-id: V1BZ2KRKMDJ9N43A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 20:00:32 GMT
age: 2565
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
instrumentalsmp3.com/
104.21.19.90301 Moved Permanently 707 B IP 104.21.19.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET / HTTP/1.1
Host: instrumentalsmp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 07 Jan 2023 20:43:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://instrumentalsmp3.com/
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZXJ5%2BwNCsWOhXzUTgl%2FdyMIK13a%2BqvaDIu2aO6Wn0wtqXu4xb4taO9KpMZ4E8o068q8%2FaIPDzQT5Rw4B1oG1rw%2FXZPXSy%2BedBX%2BiAOJLXOBiNrOIVI6ZxQYv9yLL%2Bt2klnoqZ27qg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 785f865a2a4db511-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 20:43:17 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3fe7ce46f2a1e909aab7d4ca7bbd449b
ac18a433cecfcb55ae868fb5bac17c98c8604c97
26eb5c43791854d136d529dd6315a625cfd0a2c5e73e97df82fd1aa728a5e737
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145799
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:17 GMT
Etag: "63b96fec-116"
Expires: Mon, 09 Jan 2023 13:13:16 GMT
Last-Modified: Sat, 07 Jan 2023 13:13:16 GMT
Server: nginx
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 20:17:20 GMT
age: 1558
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:18 GMT
Last-Modified: Sat, 07 Jan 2023 20:04:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3fe7ce46f2a1e909aab7d4ca7bbd449b
ac18a433cecfcb55ae868fb5bac17c98c8604c97
26eb5c43791854d136d529dd6315a625cfd0a2c5e73e97df82fd1aa728a5e737
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=145799
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:18 GMT
Etag: "63b96fec-116"
Expires: Mon, 09 Jan 2023 13:13:17 GMT
Last-Modified: Sat, 07 Jan 2023 13:13:16 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CGqM0itObZO3qy+0pQ3bvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 73XmwgNkQnkaVKio1+r+rCpS8/A=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 17cf9dce587a0172ed5024014092613a
c4d54d41bb2065c443b71ce4cb0765afcf25ff5d
c9e7f02104dba48ac14728545d4e4fbc2393ab6c2cb4b36504aad9626f8d10b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 32 kB IP 142.250.74.131:0
Hash 4d8186a192225e07729344df0a6f6dc5
443bc06d081eeed24b323d9f4466f993948957a7
6fbd968461551e21675036d082085003619cac504056440dda59e22315a4ef87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-135505757-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135505757-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 8373e495160594027473a434f3e4b5a1
5bdb40ac09d1707d8f365685d0b5edd207a7f278
03a354649473f4e977fa5c6b8eef3a6119fa838d51c59ff6bccd1083662e007b
GET /gtag/js?id=UA-135505757-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jan 2023 20:43:19 GMT
expires: Sat, 07 Jan 2023 20:43:19 GMT
cache-control: private, max-age=900
last-modified: Sat, 07 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 14 kB IP 142.250.74.131:0
Hash 367df919c6513167a03cdc25108c7ecb
c1cba07a55700c1a61fd72386cedf37ee86210e0
a639dc6b5a569ab7d4c81b1011f9e6699b99b1a1a455d2da715836a6e80756c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
142.250.74.74200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP 142.250.74.74:0
Hash 2b21cf372f06752910c5d0036279237c
242941a52ab1c5ecb633320dbfc79a9914dbd9f9
b0474b31fe2c91aed4a8a14d2b6dd7f9a76f23459daa315e252e06134de08ae0
GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jan 2023 20:43:19 GMT
date: Sat, 07 Jan 2023 20:43:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ee7d714f6e72ff0d1bcf593846b91a05
b0f6e5f1b8f6ba89912bd0d3599259a76fb48e4d
be22343c428fe21a7285d9ea1c26f5195a78ec0464c159c4372db2a02145ece4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE22343C428FE21A7285D9EA1C26F5195A78EC0464C159C4372DB2A02145ECE4"
Last-Modified: Fri, 06 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Sun, 08 Jan 2023 02:43:01 GMT
Date: Sat, 07 Jan 2023 20:43:19 GMT
Connection: keep-alive
instrumentalsmp3.com/
172.67.185.180200 OK 44 kB IP 172.67.185.180:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15993), with CRLF line terminators
Hash d5dc64271bd01ab0ac79bd808ef41cbf
7bc032874993b2e1d44ff4766769a2a7869a1226
7cf24a0cd65f5ea558f32571de003423bb1a393414777740c93244aeb6c8e83d
GET / HTTP/1.1
Host: instrumentalsmp3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:18 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=09422a13a669dab5082a58a3f16f13f7; path=/; secure
lang=english; expires=Tue, 04-Jan-2033 20:43:18 GMT; Max-Age=315360000; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLtN2XtIxLOS3cbwUFM08Tc3uFt7OihfarwmKbN4TqqEIIOkVq%2BwQZi%2BPhLnSOmjnPrjcud68z8zUqzCYiIoSHioFy2VWSV00li9S%2FKF5NjO50pVlgco87s05V0I0DoBFUj%2F5%2F4aew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 785f865dea710b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sunrisesharply.com/e5/9c/ff/e59cff092a6247d43bac9fc15ccc4bfa.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 sunrisesharply.com/e5/9c/ff/e59cff092a6247d43bac9fc15ccc4bfa.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37161), with no line terminators
Hash e467ee5ed0244188fe1dee08b04e0ef3
f699883e6ad297224b8039d60b78f7f1c244c08c
00cd96ba14968b3036322174eec413e2baf0ac15cb839db283bcefd344385cbe
GET /e5/9c/ff/e59cff092a6247d43bac9fc15ccc4bfa.js HTTP/1.1
Host: sunrisesharply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a897d77901dbf5fd92571f8c588de541
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9943
Expires: Sat, 07 Jan 2023 23:29:03 GMT
Date: Sat, 07 Jan 2023 20:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9943
Expires: Sat, 07 Jan 2023 23:29:03 GMT
Date: Sat, 07 Jan 2023 20:43:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ea2a04001ae6e92e56682f186ffbc2
dea01d8485f04aba4dcae63eb073a76d242a0095
c71e983f9d53f96de3553eb78da4f6da141d3dd381b1a1d55061f9141d3a54b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5657
x-amzn-requestid: 4bb9764d-0119-4201-b4e1-f3193d436022
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxL5G-VoAMFblQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8957f-65d303390f3426bc006f23f3;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:41:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: x2J2pA3SunX-oqNpW1qO9rRvN4oylDoaKvx1WaQx_-BgHEo2YvvkZg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:47:27 GMT
age: 82553
etag: "dea01d8485f04aba4dcae63eb073a76d242a0095"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3356bee662c2ea20cbebff5293e73340
625cfd3806740998c859fef8c1153efea72f5342
cd973426a15b28fa2c141e927ebf4e12faa05665780a3cd5010f874769b336e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13620
x-amzn-requestid: 0858cbd0-5965-477b-9d5f-015243f86e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePk56F4JoAMF5Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b61b72-705a9ad403bb7795397926fd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 00:36:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DoKiNkOKV6r5zqczq2ckoyb9UJyMABXfyn6WE1NerYovg8yg-AeePQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 10:11:59 GMT
age: 37881
etag: "625cfd3806740998c859fef8c1153efea72f5342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d67a310-d244-479a-9ebb-bf5b5c75e519.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d67a310-d244-479a-9ebb-bf5b5c75e519.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 569ab3d1c95ef110fc80a984d71bffa6
15594d74ec26cc2407277f852a2b6722851967e0
b174c4e156716b22d36fe6205d5fa8d4fa56d8aa72fa0e18f1d939bfdc3bf6ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d67a310-d244-479a-9ebb-bf5b5c75e519.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10203
x-amzn-requestid: 7829bd25-6479-4294-9e72-b26e55ca30ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNLJNHr-IAMFVEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5256d-3741d67261b41cde2aa36efb;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:06:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eKE0LNhazQOCxUaAsJA_3VO20Veg-zv9Qk3lgD3KY_DwFQe4YS0Rjg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 08:14:54 GMT
age: 44906
etag: "15594d74ec26cc2407277f852a2b6722851967e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 610b93024012ad58ba5d9c7aa45a243e
a5a0bdd6f2fe6a926130fd3099f908f9ef962691
6b6cfc69ad433f05ff9300d664bbad150b30eb85e02bbd7133ce88de44053809
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6B6CFC69AD433F05FF9300D664BBAD150B30EB85E02BBD7133CE88DE44053809"
Last-Modified: Thu, 05 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2373
Expires: Sat, 07 Jan 2023 21:22:53 GMT
Date: Sat, 07 Jan 2023 20:43:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65a13b7b11843a364e80dbc2d54345ff
5b24f4bf17da840e61d96b0ed7452911539dbf67
8dea14e05eb2a0c850fe9441b605f50ec6206baf57da4293f2297cab0a82fe37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10064
x-amzn-requestid: 7b970f82-e9fa-43e8-8757-60ae808a2cff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6kCEsSIAMFVBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63e19-4884229c1545eef72380e7d2;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:03:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wWDCvYZY8VpfF4a5AWmjrZZx3vzUv7qWCz_g9vNlkMz5Sy3NaaWMVQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 03:33:10 GMT
age: 61810
etag: "5b24f4bf17da840e61d96b0ed7452911539dbf67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 08:42:42 GMT
age: 43238
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0fd17757d97ed3b4570387623f465f
889b2e3d0db6f9bc03393ff59a5eb7bee816cac3
1035a9d3c973762adfc08529b59642c3839ef95a7e8cfcced63e61ec154ad092
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10695
x-amzn-requestid: ae69c1c3-22f6-49de-91ec-8e7a854e4b27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNWFo5IAMFUKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-75032a3e7ab3eb897382cad4;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kkpb41RwNIWi4GQrpRiCAGUGsFyv9v-lpjPdStHiI1KxfkRi4tFCOQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:59:50 GMT
age: 81810
etag: "889b2e3d0db6f9bc03393ff59a5eb7bee816cac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://instrumentalsmp3.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 18:52:41 GMT
expires: Tue, 02 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 438639
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d7c4f67a1d04c40ef03f4168574c2885
e8ff7571a83665de981d55102546abe41318dc70
7a38d25ecb4045ac14509040772c946dbaf6e353e9b0fd2ff0b4a5d0973a5cde
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149346
Date: Sat, 07 Jan 2023 20:43:20 GMT
Etag: "63b9741c-1d7"
Expires: Mon, 09 Jan 2023 14:12:26 GMT
Last-Modified: Sat, 07 Jan 2023 13:31:08 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C_54pp3XvHdRXKdai_xd7QMdmBXrr-kOZzNLMP0yDGst78PMp8No3A==
Age: 2478
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash d4bc2fbe504d6225905d13f032662c2c
779c11ba1fda23502fb26137c66d7d4f4d247d1a
a355377cbc90ea5dac2357b661143b5787ee384b48026e9e722b100c16830d25
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instrumentalsmp3.com
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://instrumentalsmp3.com
access-control-allow-credentials: true
set-cookie: uid_id2=bb959096-3f85-4e99-a6a6-2cd72ea58c5d:2:1; expires=Tue, 04 Jan 2033 20:43:20 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b2e39488d742fc9b1cdf5baea9fd169
ed1691d32ca5667c700c2a2359e2bb35712b35ba
e4092848b65475aa79517cd471aece7507f1ca25f83cde912ae9f4c66925923c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4092848B65475AA79517CD471AECE7507F1CA25F83CDE912AE9F4C66925923C"
Last-Modified: Fri, 06 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14538
Expires: Sun, 08 Jan 2023 00:45:38 GMT
Date: Sat, 07 Jan 2023 20:43:20 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 07 Jan 2023 19:43:41 GMT
expires: Sat, 07 Jan 2023 21:43:41 GMT
cache-control: public, max-age=7200
age: 3579
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.2200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (4885)
Hash d6cc1ea093f7fe2f585c424df0415bdc
ca52c7d72669a338389c75a6b3f920f0f0f5c6c1
a252cd5e71a3811a218c832bcb145eb0936128e3902b994cc0418a0f12c79837
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 07 Jan 2023 20:43:20 GMT
expires: Sat, 07 Jan 2023 20:43:20 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14808459502544703378
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49475
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
leveragetypicalreflections.com/sbar.json?key=e59cff092a6247d43bac9fc15ccc4bfa
192.243.59.12200 OK 4.8 kB URL HTTP/1.1 leveragetypicalreflections.com/sbar.json?key=e59cff092a6247d43bac9fc15ccc4bfa
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6933), with no line terminators
Hash 8c82e9622a7f8b717b4acc0b309ac574
f01c310a4318dcde7b5c481d7a024d50252459d3
dbe927f2bfa733a6c9dae65184e0414b9ac8be636762b34783d5f4df0c7c77dc
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=e59cff092a6247d43bac9fc15ccc4bfa HTTP/1.1
Host: leveragetypicalreflections.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instrumentalsmp3.com
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:21 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://instrumentalsmp3.com
Access-Control-Allow-Origin: https://instrumentalsmp3.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17570787; expires=Sun, 08 Jan 2023 20:43:20 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 08 Jan 2023 20:43:21 GMT; secure; SameSite=None
uncs=1; expires=Sun, 08 Jan 2023 20:43:21 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 08 Jan 2023 20:43:21 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 08 Jan 2023 20:43:21 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f82cc3ac4124608399029301ba79d8f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 610b93024012ad58ba5d9c7aa45a243e
a5a0bdd6f2fe6a926130fd3099f908f9ef962691
6b6cfc69ad433f05ff9300d664bbad150b30eb85e02bbd7133ce88de44053809
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6B6CFC69AD433F05FF9300D664BBAD150B30EB85E02BBD7133CE88DE44053809"
Last-Modified: Thu, 05 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2372
Expires: Sat, 07 Jan 2023 21:22:53 GMT
Date: Sat, 07 Jan 2023 20:43:21 GMT
Connection: keep-alive
leveragetypicalreflections.com/ren.gif?sid=H4sIAAAAAAAC%2F6xTTYgcRRSujhEE9aDkoiK0NIQIMts9P9mdhLBusrtxyGZ33d0Q9BKqq6pny6muaquqp2f3FIxK8CCjJ%2FVi75skazQYAyoGFGXWg3FPGQWZg3tRyC0IkdwEmdmR6EHw4IPu%2Bh5fN%2B%2F76r33%2Bka6g3xIcX%2FxpFrnQuCxSsF3D5zmkqrMuPMrbuAX%2FMPuaS4Plg%2B7rcFLNw8FfqXgP%2B0eZ6Shxop%2B4PuBH7izXLNItcaGLPDkSjUoVP1CuVgIKmVo6X%2FmJnXAYAdocwc9Cpz27l%2B9cQ046YKMP5lmpmFV8sxMnApslYYm3TwlG1JlEuJ7MNIORHJz9DUo00PonT2g5ObIAajmhYEDCHkPOT8FEMrNkUwImxd3lYYCmISQPghZswtMdIHjLhB1Dji9iQAIhfkFkPGleaUzvLbL4gHbQ3vv3gGe9dDen%2FeBjD8%2BKnjLXVYitVxJA60oB97qAq93IUm3wK47wLMtIPYV4BSBjHPgNB%2B65rwLPOqCYG3AxoF08HAH0siBNHEgpn0XV6qR749HYVQqTZQJIaUSIZWJg7RCS%2BWJyIeUDGS1wSZtIKINRJ%2BFRJ%2BFBm%2BDTr8Bs5qDoQ4Y20PO82ehSXPIGILMIMgwgowjyCyCrJlfpMIUTX6JCpOGwegsjs5S3lG2voEvKltnEm0kO%2BiRwX04Dz3xCzRY32WVKokiv1rEB4vlcVouhZhUIxJUCCHlMMJgeA7c7BlaXec9tOfALUgGTZq7DSHeAiO2gPB9gNMnAWed8aIPeLVTnvBhXX7KpbE6jZm0WJg4KRWIioGqHBK7F%2ByasyF20GPD%2FhRvU2Bk%2B9mHf33zjZd3GkB0DonO4SX%2BLYK6ON9ZUhm6sKQyg64tJJbHfB0PerdssWXowxNsLVOa1qZN%2B%2FIUGRADeGWFGTuHJeWybtBHRzmlTM8qTRj6qmZOs3AxNatHUy3TZG7x2GwtTjQzhivZBcxvtl4Ewnvogc%2B%2BG07l41PfA9dboNP%2B9Kq1yaGxMSI4aRQSIhoFiWO2m08ahu2Rkj8xXg32Y8rpX5gfeeFU5odTTbVQqp%2FxIU63J6%2B%2FO4j3gKsukOTVDzyvdmxh3vP6S%2F9Swq6mcSgxF%2F%2B1zH4e1%2B0RTpS87HkrtZW5Gc%2F7suZSXHeZdsVao8EorjPpUi7d395%2F%2B4urnjc9s3xsqba4UhtKcZct1tY1CReCWTdm1A1833fnF064oZKpuep5c1NLx2fO1E5OHZ%2FxvP5z%2F5d4MMk2GgUYhUCLe3mYOJCleUcXw%2B3JzlNw6%2B7vX4PgPXT4%2FGsg2PbkjdaPf9z5fBZwmINhf%2FvxHt4w56GuHcD23HDJmzqHpsgBizaY9L6OTfT25A%2BlYUAonE4otHMhFFq8tTuzhg92KPIj5hdZGFXDaBz7tBqVqyGuBmw8rOAArOmR633%2BJwAAAP%2F%2FAQAA%2F%2F8GOcWuxgUAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 leveragetypicalreflections.com/ren.gif?sid=H4sIAAAAAAAC%2F6xTTYgcRRSujhEE9aDkoiK0NIQIMts9P9mdhLBusrtxyGZ33d0Q9BKqq6pny6muaquqp2f3FIxK8CCjJ%2FVi75skazQYAyoGFGXWg3FPGQWZg3tRyC0IkdwEmdmR6EHw4IPu%2Bh5fN%2B%2F76r33%2Bka6g3xIcX%2FxpFrnQuCxSsF3D5zmkqrMuPMrbuAX%2FMPuaS4Plg%2B7rcFLNw8FfqXgP%2B0eZ6Shxop%2B4PuBH7izXLNItcaGLPDkSjUoVP1CuVgIKmVo6X%2FmJnXAYAdocwc9Cpz27l%2B9cQ046YKMP5lmpmFV8sxMnApslYYm3TwlG1JlEuJ7MNIORHJz9DUo00PonT2g5ObIAajmhYEDCHkPOT8FEMrNkUwImxd3lYYCmISQPghZswtMdIHjLhB1Dji9iQAIhfkFkPGleaUzvLbL4gHbQ3vv3gGe9dDen%2FeBjD8%2BKnjLXVYitVxJA60oB97qAq93IUm3wK47wLMtIPYV4BSBjHPgNB%2B65rwLPOqCYG3AxoF08HAH0siBNHEgpn0XV6qR749HYVQqTZQJIaUSIZWJg7RCS%2BWJyIeUDGS1wSZtIKINRJ%2BFRJ%2BFBm%2BDTr8Bs5qDoQ4Y20PO82ehSXPIGILMIMgwgowjyCyCrJlfpMIUTX6JCpOGwegsjs5S3lG2voEvKltnEm0kO%2BiRwX04Dz3xCzRY32WVKokiv1rEB4vlcVouhZhUIxJUCCHlMMJgeA7c7BlaXec9tOfALUgGTZq7DSHeAiO2gPB9gNMnAWed8aIPeLVTnvBhXX7KpbE6jZm0WJg4KRWIioGqHBK7F%2ByasyF20GPD%2FhRvU2Bk%2B9mHf33zjZd3GkB0DonO4SX%2BLYK6ON9ZUhm6sKQyg64tJJbHfB0PerdssWXowxNsLVOa1qZN%2B%2FIUGRADeGWFGTuHJeWybtBHRzmlTM8qTRj6qmZOs3AxNatHUy3TZG7x2GwtTjQzhivZBcxvtl4Ewnvogc%2B%2BG07l41PfA9dboNP%2B9Kq1yaGxMSI4aRQSIhoFiWO2m08ahu2Rkj8xXg32Y8rpX5gfeeFU5odTTbVQqp%2FxIU63J6%2B%2FO4j3gKsukOTVDzyvdmxh3vP6S%2F9Swq6mcSgxF%2F%2B1zH4e1%2B0RTpS87HkrtZW5Gc%2F7suZSXHeZdsVao8EorjPpUi7d395%2F%2B4urnjc9s3xsqba4UhtKcZct1tY1CReCWTdm1A1833fnF064oZKpuep5c1NLx2fO1E5OHZ%2FxvP5z%2F5d4MMk2GgUYhUCLe3mYOJCleUcXw%2B3JzlNw6%2B7vX4PgPXT4%2FGsg2PbkjdaPf9z5fBZwmINhf%2FvxHt4w56GuHcD23HDJmzqHpsgBizaY9L6OTfT25A%2BlYUAonE4otHMhFFq8tTuzhg92KPIj5hdZGFXDaBz7tBqVqyGuBmw8rOAArOmR633%2BJwAAAP%2F%2FAQAA%2F%2F8GOcWuxgUAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F6xTTYgcRRSujhEE9aDkoiK0NIQIMts9P9mdhLBusrtxyGZ33d0Q9BKqq6pny6muaquqp2f3FIxK8CCjJ%2FVi75skazQYAyoGFGXWg3FPGQWZg3tRyC0IkdwEmdmR6EHw4IPu%2Bh5fN%2B%2F76r33%2Bka6g3xIcX%2FxpFrnQuCxSsF3D5zmkqrMuPMrbuAX%2FMPuaS4Plg%2B7rcFLNw8FfqXgP%2B0eZ6Shxop%2B4PuBH7izXLNItcaGLPDkSjUoVP1CuVgIKmVo6X%2FmJnXAYAdocwc9Cpz27l%2B9cQ046YKMP5lmpmFV8sxMnApslYYm3TwlG1JlEuJ7MNIORHJz9DUo00PonT2g5ObIAajmhYEDCHkPOT8FEMrNkUwImxd3lYYCmISQPghZswtMdIHjLhB1Dji9iQAIhfkFkPGleaUzvLbL4gHbQ3vv3gGe9dDen%2FeBjD8%2BKnjLXVYitVxJA60oB97qAq93IUm3wK47wLMtIPYV4BSBjHPgNB%2B65rwLPOqCYG3AxoF08HAH0siBNHEgpn0XV6qR749HYVQqTZQJIaUSIZWJg7RCS%2BWJyIeUDGS1wSZtIKINRJ%2BFRJ%2BFBm%2BDTr8Bs5qDoQ4Y20PO82ehSXPIGILMIMgwgowjyCyCrJlfpMIUTX6JCpOGwegsjs5S3lG2voEvKltnEm0kO%2BiRwX04Dz3xCzRY32WVKokiv1rEB4vlcVouhZhUIxJUCCHlMMJgeA7c7BlaXec9tOfALUgGTZq7DSHeAiO2gPB9gNMnAWed8aIPeLVTnvBhXX7KpbE6jZm0WJg4KRWIioGqHBK7F%2ByasyF20GPD%2FhRvU2Bk%2B9mHf33zjZd3GkB0DonO4SX%2BLYK6ON9ZUhm6sKQyg64tJJbHfB0PerdssWXowxNsLVOa1qZN%2B%2FIUGRADeGWFGTuHJeWybtBHRzmlTM8qTRj6qmZOs3AxNatHUy3TZG7x2GwtTjQzhivZBcxvtl4Ewnvogc%2B%2BG07l41PfA9dboNP%2B9Kq1yaGxMSI4aRQSIhoFiWO2m08ahu2Rkj8xXg32Y8rpX5gfeeFU5odTTbVQqp%2FxIU63J6%2B%2FO4j3gKsukOTVDzyvdmxh3vP6S%2F9Swq6mcSgxF%2F%2B1zH4e1%2B0RTpS87HkrtZW5Gc%2F7suZSXHeZdsVao8EorjPpUi7d395%2F%2B4urnjc9s3xsqba4UhtKcZct1tY1CReCWTdm1A1833fnF064oZKpuep5c1NLx2fO1E5OHZ%2FxvP5z%2F5d4MMk2GgUYhUCLe3mYOJCleUcXw%2B3JzlNw6%2B7vX4PgPXT4%2FGsg2PbkjdaPf9z5fBZwmINhf%2FvxHt4w56GuHcD23HDJmzqHpsgBizaY9L6OTfT25A%2BlYUAonE4otHMhFFq8tTuzhg92KPIj5hdZGFXDaBz7tBqVqyGuBmw8rOAArOmR633%2BJwAAAP%2F%2FAQAA%2F%2F8GOcWuxgUAAA%3D%3D HTTP/1.1
Host: leveragetypicalreflections.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Cookie: u_pl=17570787; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e62f756407148c8f3529816a963a7def
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ab309dfe13635252f13849cc7e1b0e4
af418061ecf71220f2e5095e7e2ee3149cd011c9
caee4e5c8ed705d458bb831046f4c3026180f36585b25a3d81140f38b2330e8a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CAEE4E5C8ED705D458BB831046F4C3026180F36585B25A3D81140F38B2330E8A"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2680
Expires: Sat, 07 Jan 2023 21:28:01 GMT
Date: Sat, 07 Jan 2023 20:43:21 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 992e5418271c3edaaf2bb52f9201f57c
746da53837bbefdadf063be9d7779755b2a7c9c9
df0cc5488abce16d74c0d0cda6b53c60c38425026bc3501360f70250fde6c771
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DF0CC5488ABCE16D74C0D0CDA6B53C60C38425026BC3501360F70250FDE6C771"
Last-Modified: Sat, 07 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11708
Expires: Sat, 07 Jan 2023 23:58:29 GMT
Date: Sat, 07 Jan 2023 20:43:21 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 992e5418271c3edaaf2bb52f9201f57c
746da53837bbefdadf063be9d7779755b2a7c9c9
df0cc5488abce16d74c0d0cda6b53c60c38425026bc3501360f70250fde6c771
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DF0CC5488ABCE16D74C0D0CDA6B53C60C38425026BC3501360F70250FDE6C771"
Last-Modified: Sat, 07 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11708
Expires: Sat, 07 Jan 2023 23:58:29 GMT
Date: Sat, 07 Jan 2023 20:43:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 69c3f0bdbb90c95313c7de5255c3b6e8
8edcbfcc3b87aeecc9f3ca84537512e01039ad6a
754d91c7500f67369c1ea04649eddef7e4201932f81405a0662a6d5f4b80a3da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 910d902590c4dce2c5fde148d455a94c
05617b6a2fd1a7eb4fcb098a7ce48011d3f835bc
3bfd7cff0474a36458748e4cc6dfa647fdd7bd8b4fa792079042a04c7dffe0b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
leveragetypicalreflections.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=321
192.243.59.12200 OK 0 B URL HTTP/1.1 leveragetypicalreflections.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=321
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Findex.html&l=1317&fd=321 HTTP/1.1
Host: leveragetypicalreflections.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Cookie: u_pl=17570787; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
adservice.google.com/adsid/integrator.js?domain=instrumentalsmp3.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=instrumentalsmp3.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=instrumentalsmp3.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 07 Jan 2023 20:43:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.167.29200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.167.29:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 3aac5b1eb243f8a3f66dd242aee04a50
5c2e3ea3e23c80d9111e08996e07b0523f8f4731
1eade8c7ebc43fbb52c36791b8d343190217cbd39b172b966aa2f3c8b8f9c850
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:21 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f6bb20fb68037a8e8a5af79c62a61a38
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 07 Jan 2023 20:43:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKdfZdGwp6rN%2FrVbD6ZYfRv2Yw1IMhs44%2BwNy3z7jJqmMW4EnZuh1cSvuZs%2BeS2uOAbE9fMVACL%2BztGz0jfDt2ODHwSbGzf4O9%2FA8dOLD7UNLknSfqzq%2BrdraCbjq%2BCLbyiVKvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785f866ad9d57312-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/img/close.png
172.64.167.9200 OK 49 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/img/close.png
IP 172.64.167.9:0
File type PNG image data, 2063 x 2063, 8-bit/color RGBA, non-interlaced\012- data
Hash c468e1d251e84cbbd9fd43f1bf756866
29512569a2da569797a545eb36c6176d6285a8da
b0da14eff7c6fe39d973148b55c51ee6ce3948e76e488c401eb6dca5dfbd1cd8
GET /sb/interstitial/rtb/default/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:21 GMT
content-type: image/png
content-length: 48623
last-modified: Wed, 23 Jun 2021 13:33:23 GMT
etag: "60d33823-bdef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4603765
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8zsUrPl6NSibcuLHxthWA%2BTNftH353XslK5duq5fUNFRKeky%2BhXCdJvLX90er3MAVqZTLLZRM3JJVKEtYiP2WqC2iOfw9chr0ASFYrXRgsPoMJIlNo%2BsiQIdFh5Fzzgf%2F%2BjE9eoEflX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785f86742add7324-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 69c3f0bdbb90c95313c7de5255c3b6e8
8edcbfcc3b87aeecc9f3ca84537512e01039ad6a
754d91c7500f67369c1ea04649eddef7e4201932f81405a0662a6d5f4b80a3da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 910d902590c4dce2c5fde148d455a94c
05617b6a2fd1a7eb4fcb098a7ce48011d3f835bc
3bfd7cff0474a36458748e4cc6dfa647fdd7bd8b4fa792079042a04c7dffe0b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 992e5418271c3edaaf2bb52f9201f57c
746da53837bbefdadf063be9d7779755b2a7c9c9
df0cc5488abce16d74c0d0cda6b53c60c38425026bc3501360f70250fde6c771
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DF0CC5488ABCE16D74C0D0CDA6B53C60C38425026BC3501360F70250FDE6C771"
Last-Modified: Sat, 07 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11708
Expires: Sat, 07 Jan 2023 23:58:29 GMT
Date: Sat, 07 Jan 2023 20:43:21 GMT
Connection: keep-alive
click.pclk.name/thumbnail?seat=308791&adid=308791&i=YUw0bAvoO3g_0&imgt=icon
173.239.53.24302 Found 0 B URL HTTP/1.1 click.pclk.name/thumbnail?seat=308791&adid=308791&i=YUw0bAvoO3g_0&imgt=icon
IP 173.239.53.24:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?seat=308791&adid=308791&i=YUw0bAvoO3g_0&imgt=icon HTTP/1.1
Host: click.pclk.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://us.karoon.xyz/metrics/save.img?event=impressions&bid-id=v2-1673124200910-7-7056-1178228-9177da6e-f2c6-01f4-57d1-1dea2e6f1d76&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DxdrNUCWMqFa66YYVBYR8aUeu9M26sTg459A4Pw671tiYX25Rd0oVktM0wH9y_WEnX0O-CVa8Z0WFOk66Ifhx1zGub8C6nFbi9F4ZnbV7kylKwsX9DbyZiA17CgDp694wMz8TQzqLO713N672PB4O45yzsC0vTqiKS_y5W6DgkZVyiJjDESSi3FbtZjDKBBmQFrLziAYp4HbF-NR7_oL90bSn40E3APdbxkOsJzN-2xQXsaWZJm8JrOde6AUqgToXLwJaPn7MWAtNVWfVO8p1Thezw-AzWm9fwTCkXfwKmCfGEaegOMtKggujbP4fETJUnE-Ldgjij4-IPwT7NpiKRLZzniNBCHwZu6WNd2jn9gnS_LPNbYfgbIykMUab5TyygRp-aO7GMADpj_A2GLrBDvMAnfNBwbaTPW5Zb90VvWwf7ZqM_Eq1PvGPM9mFUGTu0dBPUwH0DHo2_0EGRBDbB2VTKs9Ibnpf0G6QyPiGzQm1UfSpsQgKzLb7HQEkHuf9ppaT7k54bu6suaAWIcUneYzH2yi7NvI1AmqVWxA96XDYTVez43D92Jffw8nixoEQhxEfDAFjk_83T3EUT9YpU930KB3tdDyx8Bu7IuJKl5giXien
Pragma: no-cache
leveragetypicalreflections.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=365
192.243.59.12200 OK 0 B URL HTTP/1.1 leveragetypicalreflections.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=365
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fanimate.css&l=79249&fd=365 HTTP/1.1
Host: leveragetypicalreflections.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Cookie: u_pl=17570787; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/animate.css
172.64.167.9200 OK 5.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/animate.css
IP 172.64.167.9:0
Hash b8fcde47d5976b73bc562a61472fb499
b131635588e1f6984b916e29292cb9b54b8386d2
cfbfba3990002c4022ca2ba879d4566140bfb40df3c03bca4488ed488dc181a0
GET /sb/interstitial/rtb/default/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instrumentalsmp3.com
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:21 GMT
content-type: text/css
last-modified: Wed, 23 Jun 2021 13:33:20 GMT
etag: W/"60d33820-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGj2m0IUih6KPBmppKwL3WRVeg6lus44dxmDLHBOlNXQEmqhX%2FtnuYigljecf0pnq8Jj%2FMV15v2d%2Fi1n75NozfgQXuOxF5kwLzZrWJK6%2FtoIMdEQrjf2dQnJPnkv%2BEtVjJlmFY%2F5h%2FG%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785f8673ea7c7324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/interstitial/rtb/default/3/index.html
45.133.44.3200 OK 2.1 kB URL HTTP/2 cdn.barscreative1.com/sb/interstitial/rtb/default/3/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 58f94a96741d0e86f645c30671b07b93
1c2f777b857c0e54c6921e6b15a3ef6a63794856
290f68f48ecade73563eff830fc9f0218344a85ff12ae20bf75cd6f35a69790e
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/rtb/default/3/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instrumentalsmp3.com
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:21 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-525"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 07 Jan 2023 21:43:21 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js
172.64.167.9200 OK 37 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js
IP 172.64.167.9:0
File type ASCII text, with very long lines (745)
Hash bfd5dd3ab6c8126eff7e87afdb1f9a86
91663ef540999665c2aed75e0c527eecfcc08430
714c01a9cb74f1c67dcb0045940e9ffeefad750969ceb1695e2060afa2522871
GET /sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instrumentalsmp3.com
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:22 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 13:33:25 GMT
etag: W/"60d33825-1fa27"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyDrWbAfgCCexH%2BFBXJ4ty8lpPRjXAsm4tUAvvwj1zFGq5NpAcnMMwzlsGsBlEDyWhTolyh1bRqefkyZVjMrMpdUJvoOlh9VOH0nIi97YU%2BCNEN8tb%2FV4CVrXiLRsUGEk6uYNvni7q3S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785f8673ea857324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
leveragetypicalreflections.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fstyle.css&l=5338&fd=364
192.243.59.12200 OK 0 B URL HTTP/1.1 leveragetypicalreflections.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fstyle.css&l=5338&fd=364
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fcss%2Fstyle.css&l=5338&fd=364 HTTP/1.1
Host: leveragetypicalreflections.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Cookie: u_pl=17570787; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4d2865d6f7ea60de63ad932691f4fe5
5f1c688c4d676eb8ecdad52c5d9a23d711c5aef0
25e569ecceb0af06dd128875e54d9ea2a2c902c9fd781ad5d689ed5c205204b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us.karoon.xyz/metrics/save.img?event=impressions&bid-id=v2-1673124200910-7-7056-1178228-9177da6e-f2c6-01f4-57d1-1dea2e6f1d76&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DxdrNUCWMqFa66YYVBYR8aUeu9M26sTg459A4Pw671tiYX25Rd0oVktM0wH9y_WEnX0O-CVa8Z0WFOk66Ifhx1zGub8C6nFbi9F4ZnbV7kylKwsX9DbyZiA17CgDp694wMz8TQzqLO713N672PB4O45yzsC0vTqiKS_y5W6DgkZVyiJjDESSi3FbtZjDKBBmQFrLziAYp4HbF-NR7_oL90bSn40E3APdbxkOsJzN-2xQXsaWZJm8JrOde6AUqgToXLwJaPn7MWAtNVWfVO8p1Thezw-AzWm9fwTCkXfwKmCfGEaegOMtKggujbP4fETJUnE-Ldgjij4-IPwT7NpiKRLZzniNBCHwZu6WNd2jn9gnS_LPNbYfgbIykMUab5TyygRp-aO7GMADpj_A2GLrBDvMAnfNBwbaTPW5Zb90VvWwf7ZqM_Eq1PvGPM9mFUGTu0dBPUwH0DHo2_0EGRBDbB2VTKs9Ibnpf0G6QyPiGzQm1UfSpsQgKzLb7HQEkHuf9ppaT7k54bu6suaAWIcUneYzH2yi7NvI1AmqVWxA96XDYTVez43D92Jffw8nixoEQhxEfDAFjk_83T3EUT9YpU930KB3tdDyx8Bu7IuJKl5giXien
38.100.129.10302 Found 0 B URL HTTP/2 us.karoon.xyz/metrics/save.img?event=impressions&bid-id=v2-1673124200910-7-7056-1178228-9177da6e-f2c6-01f4-57d1-1dea2e6f1d76&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DxdrNUCWMqFa66YYVBYR8aUeu9M26sTg459A4Pw671tiYX25Rd0oVktM0wH9y_WEnX0O-CVa8Z0WFOk66Ifhx1zGub8C6nFbi9F4ZnbV7kylKwsX9DbyZiA17CgDp694wMz8TQzqLO713N672PB4O45yzsC0vTqiKS_y5W6DgkZVyiJjDESSi3FbtZjDKBBmQFrLziAYp4HbF-NR7_oL90bSn40E3APdbxkOsJzN-2xQXsaWZJm8JrOde6AUqgToXLwJaPn7MWAtNVWfVO8p1Thezw-AzWm9fwTCkXfwKmCfGEaegOMtKggujbP4fETJUnE-Ldgjij4-IPwT7NpiKRLZzniNBCHwZu6WNd2jn9gnS_LPNbYfgbIykMUab5TyygRp-aO7GMADpj_A2GLrBDvMAnfNBwbaTPW5Zb90VvWwf7ZqM_Eq1PvGPM9mFUGTu0dBPUwH0DHo2_0EGRBDbB2VTKs9Ibnpf0G6QyPiGzQm1UfSpsQgKzLb7HQEkHuf9ppaT7k54bu6suaAWIcUneYzH2yi7NvI1AmqVWxA96XDYTVez43D92Jffw8nixoEQhxEfDAFjk_83T3EUT9YpU930KB3tdDyx8Bu7IuJKl5giXien
IP 38.100.129.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrics/save.img?event=impressions&bid-id=v2-1673124200910-7-7056-1178228-9177da6e-f2c6-01f4-57d1-1dea2e6f1d76&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DxdrNUCWMqFa66YYVBYR8aUeu9M26sTg459A4Pw671tiYX25Rd0oVktM0wH9y_WEnX0O-CVa8Z0WFOk66Ifhx1zGub8C6nFbi9F4ZnbV7kylKwsX9DbyZiA17CgDp694wMz8TQzqLO713N672PB4O45yzsC0vTqiKS_y5W6DgkZVyiJjDESSi3FbtZjDKBBmQFrLziAYp4HbF-NR7_oL90bSn40E3APdbxkOsJzN-2xQXsaWZJm8JrOde6AUqgToXLwJaPn7MWAtNVWfVO8p1Thezw-AzWm9fwTCkXfwKmCfGEaegOMtKggujbP4fETJUnE-Ldgjij4-IPwT7NpiKRLZzniNBCHwZu6WNd2jn9gnS_LPNbYfgbIykMUab5TyygRp-aO7GMADpj_A2GLrBDvMAnfNBwbaTPW5Zb90VvWwf7ZqM_Eq1PvGPM9mFUGTu0dBPUwH0DHo2_0EGRBDbB2VTKs9Ibnpf0G6QyPiGzQm1UfSpsQgKzLb7HQEkHuf9ppaT7k54bu6suaAWIcUneYzH2yi7NvI1AmqVWxA96XDYTVez43D92Jffw8nixoEQhxEfDAFjk_83T3EUT9YpU930KB3tdDyx8Bu7IuJKl5giXien HTTP/1.1
Host: us.karoon.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Sat, 07 Jan 2023 20:43:22 GMT
content-length: 0
location: https://track.trackingtraffo.com/push/ic?auth=pz6u78&c=xdrNUCWMqFa66YYVBYR8aUeu9M26sTg459A4Pw671tiYX25Rd0oVktM0wH9y_WEnX0O-CVa8Z0WFOk66Ifhx1zGub8C6nFbi9F4ZnbV7kylKwsX9DbyZiA17CgDp694wMz8TQzqLO713N672PB4O45yzsC0vTqiKS_y5W6DgkZVyiJjDESSi3FbtZjDKBBmQFrLziAYp4HbF-NR7_oL90bSn40E3APdbxkOsJzN-2xQXsaWZJm8JrOde6AUqgToXLwJaPn7MWAtNVWfVO8p1Thezw-AzWm9fwTCkXfwKmCfGEaegOMtKggujbP4fETJUnE-Ldgjij4-IPwT7NpiKRLZzniNBCHwZu6WNd2jn9gnS_LPNbYfgbIykMUab5TyygRp-aO7GMADpj_A2GLrBDvMAnfNBwbaTPW5Zb90VvWwf7ZqM_Eq1PvGPM9mFUGTu0dBPUwH0DHo2_0EGRBDbB2VTKs9Ibnpf0G6QyPiGzQm1UfSpsQgKzLb7HQEkHuf9ppaT7k54bu6suaAWIcUneYzH2yi7NvI1AmqVWxA96XDYTVez43D92Jffw8nixoEQhxEfDAFjk_83T3EUT9YpU930KB3tdDyx8Bu7IuJKl5giXien
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=instrumentalsmp3.com&callback=_gfp_s_&client=ca-pub-2439901986027384&gpid_exp=1
216.58.207.226200 OK 257 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=instrumentalsmp3.com&callback=_gfp_s_&client=ca-pub-2439901986027384&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (407), with no line terminators
Hash e15e99b97b7314e0ac0fab4f2b7dc46e
15061fea091c1e13296642c65282968a1db7317a
bb19e002fd56e71e851baeefc32c4a17ff93c27cc3499321f59fa1c6df9d02d9
GET /gampad/cookie.js?domain=instrumentalsmp3.com&callback=_gfp_s_&client=ca-pub-2439901986027384&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 07 Jan 2023 20:43:22 GMT
server: cafe
cache-control: private
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4d2865d6f7ea60de63ad932691f4fe5
5f1c688c4d676eb8ecdad52c5d9a23d711c5aef0
25e569ecceb0af06dd128875e54d9ea2a2c902c9fd781ad5d689ed5c205204b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=instrumentalsmp3.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=instrumentalsmp3.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=instrumentalsmp3.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 07 Jan 2023 20:43:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
leveragetypicalreflections.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=709
192.243.59.12200 OK 0 B URL HTTP/1.1 leveragetypicalreflections.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=709
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Frtb%2Fdefault%2F3%2Fjs%2Fjquery-3.2.1.min.js&l=129575&fd=709 HTTP/1.1
Host: leveragetypicalreflections.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Cookie: u_pl=17570787; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2fc84f7daa4df6827d6d78b618547959
9323b08ef3841ed8764b82b2106672d7aff54e80
d307b3f523cfd33dc763f89cd6b270d8a3d0ad5b3edd7aabfd230775a21f8f38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2fc84f7daa4df6827d6d78b618547959
9323b08ef3841ed8764b82b2106672d7aff54e80
d307b3f523cfd33dc763f89cd6b270d8a3d0ad5b3edd7aabfd230775a21f8f38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 10 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
Hash eeeccf7b222b3528c7461761d8d98b00
5fdf080be214c464645951dddc02ee4dc5d79e9e
c5c44a0eaba4ce68e65f7cc758350bdebb87b02a268b60de20a790a57060a1ee
GET /pagead/js/r20230103/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9534
x-xss-protection: 0
date: Sat, 07 Jan 2023 04:00:51 GMT
expires: Sat, 21 Jan 2023 04:00:51 GMT
cache-control: public, max-age=1209600
age: 60151
etag: 3719958914939444779
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/interstitial_ad_frame_fy2021.js
216.58.211.1200 OK 8.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/interstitial_ad_frame_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (2232)
Hash 25ab5540fc40dfaaeddc019372735845
ff5474e55ce86681fd99259abb3932b457ca7c38
e08d812f95258b734fa89baa6dccd33fb00ad9dde21ac1a6110f7767f689c778
GET /pagead/js/r20230103/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8195
x-xss-protection: 0
date: Sat, 07 Jan 2023 04:53:14 GMT
expires: Sat, 21 Jan 2023 04:53:14 GMT
cache-control: public, max-age=1209600
age: 57008
etag: 298254208257092395
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (2208)
Hash 2f12040742115a73b6f8955d52a7bf14
758e5239017d901e02d2d83844dcb6b49e02d8ca
a56afb5eca109bd2df7e1f94e0c663691ab7f3caf0d312a9811a3e7c17a8cb4a
GET /pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7527
x-xss-protection: 0
date: Sat, 07 Jan 2023 04:06:24 GMT
expires: Sat, 21 Jan 2023 04:06:24 GMT
cache-control: public, max-age=1209600
age: 59818
etag: 8658061406568722807
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.98:0
File type ASCII text, with very long lines (3504)
Hash 819fce3c34bc8a479f4c924f5b6dfca4
9cd0d630892c498df3624f93e9cb7bef1339f81d
a8dc9568049a65aac30153a1a2f04a7c2b17325e5627f38ff4b27f3a83802046
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48907
date: Sat, 07 Jan 2023 20:43:22 GMT
expires: Sat, 07 Jan 2023 20:43:22 GMT
cache-control: private, max-age=3000
etag: "1672933789069018"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/script.js
172.64.167.9200 OK 316 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/script.js
IP 172.64.167.9:0
Hash 1277f0e5d469d328e9709e5884238c2d
339d08096b319770e367ee5d194cd304b0929721
7ced985e0d182a6ceff10861f3afdc2b15eb9dca3b214139f12ce4cfa9d74221
GET /sb/interstitial/rtb/default/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instrumentalsmp3.com
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:22 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 13:33:24 GMT
etag: W/"60d33824-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5BJeD7ikpbPuXljOWEx3rGeXO%2BbMfm9nNt6K1lZCYrPyfjeqj8BfW7v8GfY0UfNVs%2BWDvCgYYoxLSW%2BfiQRS3GP2IzreXxVI0BvFFDu3eOc53K%2BJPekHGUoT3hv7AmZjN7X9VSVX55z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785f86788a4d7324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
142.250.74.3200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP 142.250.74.3:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 14:25:54 GMT
expires: Sun, 07 Jan 2024 14:25:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 22648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
142.250.74.3200 OK 205 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP 142.250.74.3:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 06:39:49 GMT
expires: Sun, 07 Jan 2024 06:39:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 50613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 263368
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:13 GMT
expires: Sat, 06 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 112209
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 20:35:00 GMT
expires: Thu, 04 Jan 2024 20:35:00 GMT
cache-control: public, max-age=31536000
age: 259703
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
leveragetypicalreflections.com/pixel/sbs?c=1
192.243.59.12200 OK 0 B URL HTTP/1.1 leveragetypicalreflections.com/pixel/sbs?c=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: leveragetypicalreflections.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Cookie: u_pl=17570787; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
leveragetypicalreflections.com/impr.gif?sid=H4sIAAAAAAAC%2F6xTTYgcRRSujhEE9aDkoiK0NIQIMts9P9mZhLBusrtxyGZ33d0Q9BKqq6pny6muaquqp2f3FIxK8CCjJ%2FVi75skazQYAyoGFGXWg3FPGQWZg3tRyC0IkdwEmdmV6EHw4IPu9z2%2BquL76r16fT3dRj6keLBwUq1xIfBYpeC7B05zSVVm3LllN%2FAL%2FmH3NJcHy4fd9vCnW4cCv1Lwn3aPM9JUY0U%2F8P3AD9wZrlmk2mMjFnhypRYUan6hXCwElTK09T9rkzpgsAO0tY0eBU7796%2FcuAac9EDGn0wx07QqeWY6TgW2SkOLbpySTakyCfE9GGkHIrmxuxqU6SP0zh5QcmPXAajWhaEDCHkfOT8FEMqNXZkQti7uKA0FMAkhfRCyVg%2BY6AHHPSDqHHB6EwEQCnPzIONLc0pneHWHxUO2j%2FbevQM866O9P%2B8DGX98VPC2u6REarmSBtpRDrzdA97oQZJugl1zgGebQOwrwCkCGefAaT5yzXkPeNQDwTqAjQPp8OMOpJEDaeJATAcurtQi3x%2BPwqhUqpYJIaUSIZXqQVqhpXI18iElQ1kdsEkHiOgA0Wch0WehyTug02%2FArORgqAPG9pHz%2FFlo0RwyhiAzCDKMIOMIMosga%2BUXqTBFk1%2BiwqRhsJuLu7mUd5VtrOOLyjaYROvJNnpkeB%2FOQ0%2F8Ak02cFmlRqLIrxXxwWJ5nJZLISa1iAQVQkg5jDAYngM3e0ZW13gf7TlwC5Jhk2ZvQ4g3wYhNIHwf4PRJwFl3vOgDXumWqz6syU%2B5NFanMZMWCxMnpQJRMVCVQ2L3gl111sU2emzUn%2BJtCoxsPfvwr2%2B%2B8fJ2E4jOIdE5vMS%2FRdAQ57uLKkMXFlVm0LX5xPKYr%2BFh75Ystgx9eIKtZkrT%2BpTpXJ4kQ2IIrywzY2expFw2DProKKeU6RmlCUNf1c1pFi6kZuVoqmWazC4cm6nHiWbGcCV7gPnN9otAeB898Nl3o6l8fPJ74HoTdDqYWrE2OTQ2RgQnzUJCRLMgccx26gnDsD1S8qvjtWA%2Fppz%2BhfmRF05lfjjZUvOlxhkf4nRr4vq7w3gPuOoBSV697HnL9eXZac%2F7su5S3HCZdsVqs8kobjDpUi7d395%2F%2B4urnjc1vXRssb6wXJ%2Bf87yBu2Sxtq5JuBDMujGjbuD7vjs3f8INlUzNVc%2BbnVw8Pn2mfnLy%2BLTnDZ77Fwt2JY1Dibn4rzY%2B8Lz6sZGIxf%2FryP08btgjnCgJJtlCuwFGIdDiXh0mDmRp3tXFcGui%2BxTcuvv71yB4Hx0%2B%2FxoItjVxo%2F3jH3c%2BnwEc5mDY3zbew%2BvmPDS0A9ieGz3yls6hJXLAogMmva9rE7018UNpFBAKpxsK7VwIhRZv7cys4QO3EpRZNayOE0pDRmgwXixVS75fpLQ8XmNBDazpk%2BsD%2FicAAAD%2F%2FwEAAP%2F%2FxqQmHcYFAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 leveragetypicalreflections.com/impr.gif?sid=H4sIAAAAAAAC%2F6xTTYgcRRSujhEE9aDkoiK0NIQIMts9P9mZhLBusrtxyGZ33d0Q9BKqq6pny6muaquqp2f3FIxK8CCjJ%2FVi75skazQYAyoGFGXWg3FPGQWZg3tRyC0IkdwEmdmV6EHw4IPu9z2%2BquL76r16fT3dRj6keLBwUq1xIfBYpeC7B05zSVVm3LllN%2FAL%2FmH3NJcHy4fd9vCnW4cCv1Lwn3aPM9JUY0U%2F8P3AD9wZrlmk2mMjFnhypRYUan6hXCwElTK09T9rkzpgsAO0tY0eBU7796%2FcuAac9EDGn0wx07QqeWY6TgW2SkOLbpySTakyCfE9GGkHIrmxuxqU6SP0zh5QcmPXAajWhaEDCHkfOT8FEMqNXZkQti7uKA0FMAkhfRCyVg%2BY6AHHPSDqHHB6EwEQCnPzIONLc0pneHWHxUO2j%2FbevQM866O9P%2B8DGX98VPC2u6REarmSBtpRDrzdA97oQZJugl1zgGebQOwrwCkCGefAaT5yzXkPeNQDwTqAjQPp8OMOpJEDaeJATAcurtQi3x%2BPwqhUqpYJIaUSIZXqQVqhpXI18iElQ1kdsEkHiOgA0Wch0WehyTug02%2FArORgqAPG9pHz%2FFlo0RwyhiAzCDKMIOMIMosga%2BUXqTBFk1%2BiwqRhsJuLu7mUd5VtrOOLyjaYROvJNnpkeB%2FOQ0%2F8Ak02cFmlRqLIrxXxwWJ5nJZLISa1iAQVQkg5jDAYngM3e0ZW13gf7TlwC5Jhk2ZvQ4g3wYhNIHwf4PRJwFl3vOgDXumWqz6syU%2B5NFanMZMWCxMnpQJRMVCVQ2L3gl111sU2emzUn%2BJtCoxsPfvwr2%2B%2B8fJ2E4jOIdE5vMS%2FRdAQ57uLKkMXFlVm0LX5xPKYr%2BFh75Ystgx9eIKtZkrT%2BpTpXJ4kQ2IIrywzY2expFw2DProKKeU6RmlCUNf1c1pFi6kZuVoqmWazC4cm6nHiWbGcCV7gPnN9otAeB898Nl3o6l8fPJ74HoTdDqYWrE2OTQ2RgQnzUJCRLMgccx26gnDsD1S8qvjtWA%2Fppz%2BhfmRF05lfjjZUvOlxhkf4nRr4vq7w3gPuOoBSV697HnL9eXZac%2F7su5S3HCZdsVqs8kobjDpUi7d395%2F%2B4urnjc1vXRssb6wXJ%2Bf87yBu2Sxtq5JuBDMujGjbuD7vjs3f8INlUzNVc%2BbnVw8Pn2mfnLy%2BLTnDZ77Fwt2JY1Dibn4rzY%2B8Lz6sZGIxf%2FryP08btgjnCgJJtlCuwFGIdDiXh0mDmRp3tXFcGui%2BxTcuvv71yB4Hx0%2B%2FxoItjVxo%2F3jH3c%2BnwEc5mDY3zbew%2BvmPDS0A9ieGz3yls6hJXLAogMmva9rE7018UNpFBAKpxsK7VwIhRZv7cys4QO3EpRZNayOE0pDRmgwXixVS75fpLQ8XmNBDazpk%2BsD%2FicAAAD%2F%2FwEAAP%2F%2FxqQmHcYFAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F6xTTYgcRRSujhEE9aDkoiK0NIQIMts9P9mZhLBusrtxyGZ33d0Q9BKqq6pny6muaquqp2f3FIxK8CCjJ%2FVi75skazQYAyoGFGXWg3FPGQWZg3tRyC0IkdwEmdmV6EHw4IPu9z2%2BquL76r16fT3dRj6keLBwUq1xIfBYpeC7B05zSVVm3LllN%2FAL%2FmH3NJcHy4fd9vCnW4cCv1Lwn3aPM9JUY0U%2F8P3AD9wZrlmk2mMjFnhypRYUan6hXCwElTK09T9rkzpgsAO0tY0eBU7796%2FcuAac9EDGn0wx07QqeWY6TgW2SkOLbpySTakyCfE9GGkHIrmxuxqU6SP0zh5QcmPXAajWhaEDCHkfOT8FEMqNXZkQti7uKA0FMAkhfRCyVg%2BY6AHHPSDqHHB6EwEQCnPzIONLc0pneHWHxUO2j%2FbevQM866O9P%2B8DGX98VPC2u6REarmSBtpRDrzdA97oQZJugl1zgGebQOwrwCkCGefAaT5yzXkPeNQDwTqAjQPp8OMOpJEDaeJATAcurtQi3x%2BPwqhUqpYJIaUSIZXqQVqhpXI18iElQ1kdsEkHiOgA0Wch0WehyTug02%2FArORgqAPG9pHz%2FFlo0RwyhiAzCDKMIOMIMosga%2BUXqTBFk1%2BiwqRhsJuLu7mUd5VtrOOLyjaYROvJNnpkeB%2FOQ0%2F8Ak02cFmlRqLIrxXxwWJ5nJZLISa1iAQVQkg5jDAYngM3e0ZW13gf7TlwC5Jhk2ZvQ4g3wYhNIHwf4PRJwFl3vOgDXumWqz6syU%2B5NFanMZMWCxMnpQJRMVCVQ2L3gl111sU2emzUn%2BJtCoxsPfvwr2%2B%2B8fJ2E4jOIdE5vMS%2FRdAQ57uLKkMXFlVm0LX5xPKYr%2BFh75Ystgx9eIKtZkrT%2BpTpXJ4kQ2IIrywzY2expFw2DProKKeU6RmlCUNf1c1pFi6kZuVoqmWazC4cm6nHiWbGcCV7gPnN9otAeB898Nl3o6l8fPJ74HoTdDqYWrE2OTQ2RgQnzUJCRLMgccx26gnDsD1S8qvjtWA%2Fppz%2BhfmRF05lfjjZUvOlxhkf4nRr4vq7w3gPuOoBSV697HnL9eXZac%2F7su5S3HCZdsVqs8kobjDpUi7d395%2F%2B4urnjc1vXRssb6wXJ%2Bf87yBu2Sxtq5JuBDMujGjbuD7vjs3f8INlUzNVc%2BbnVw8Pn2mfnLy%2BLTnDZ77Fwt2JY1Dibn4rzY%2B8Lz6sZGIxf%2FryP08btgjnCgJJtlCuwFGIdDiXh0mDmRp3tXFcGui%2BxTcuvv71yB4Hx0%2B%2FxoItjVxo%2F3jH3c%2BnwEc5mDY3zbew%2BvmPDS0A9ieGz3yls6hJXLAogMmva9rE7018UNpFBAKpxsK7VwIhRZv7cys4QO3EpRZNayOE0pDRmgwXixVS75fpLQ8XmNBDazpk%2BsD%2FicAAAD%2F%2FwEAAP%2F%2FxqQmHcYFAAA%3D HTTP/1.1
Host: leveragetypicalreflections.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Cookie: u_pl=17570787; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:23 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66331785fb0be19f7566508cda0443f5
Strict-Transport-Security: max-age=0; includeSubdomains
track.trackingtraffo.com/push/ic?auth=pz6u78&c=xdrNUCWMqFa66YYVBYR8aUeu9M26sTg459A4Pw671tiYX25Rd0oVktM0wH9y_WEnX0O-CVa8Z0WFOk66Ifhx1zGub8C6nFbi9F4ZnbV7kylKwsX9DbyZiA17CgDp694wMz8TQzqLO713N672PB4O45yzsC0vTqiKS_y5W6DgkZVyiJjDESSi3FbtZjDKBBmQFrLziAYp4HbF-NR7_oL90bSn40E3APdbxkOsJzN-2xQXsaWZJm8JrOde6AUqgToXLwJaPn7MWAtNVWfVO8p1Thezw-AzWm9fwTCkXfwKmCfGEaegOMtKggujbP4fETJUnE-Ldgjij4-IPwT7NpiKRLZzniNBCHwZu6WNd2jn9gnS_LPNbYfgbIykMUab5TyygRp-aO7GMADpj_A2GLrBDvMAnfNBwbaTPW5Zb90VvWwf7ZqM_Eq1PvGPM9mFUGTu0dBPUwH0DHo2_0EGRBDbB2VTKs9Ibnpf0G6QyPiGzQm1UfSpsQgKzLb7HQEkHuf9ppaT7k54bu6suaAWIcUneYzH2yi7NvI1AmqVWxA96XDYTVez43D92Jffw8nixoEQhxEfDAFjk_83T3EUT9YpU930KB3tdDyx8Bu7IuJKl5giXien
88.214.195.156302 Found 0 B URL HTTP/1.1 track.trackingtraffo.com/push/ic?auth=pz6u78&c=xdrNUCWMqFa66YYVBYR8aUeu9M26sTg459A4Pw671tiYX25Rd0oVktM0wH9y_WEnX0O-CVa8Z0WFOk66Ifhx1zGub8C6nFbi9F4ZnbV7kylKwsX9DbyZiA17CgDp694wMz8TQzqLO713N672PB4O45yzsC0vTqiKS_y5W6DgkZVyiJjDESSi3FbtZjDKBBmQFrLziAYp4HbF-NR7_oL90bSn40E3APdbxkOsJzN-2xQXsaWZJm8JrOde6AUqgToXLwJaPn7MWAtNVWfVO8p1Thezw-AzWm9fwTCkXfwKmCfGEaegOMtKggujbP4fETJUnE-Ldgjij4-IPwT7NpiKRLZzniNBCHwZu6WNd2jn9gnS_LPNbYfgbIykMUab5TyygRp-aO7GMADpj_A2GLrBDvMAnfNBwbaTPW5Zb90VvWwf7ZqM_Eq1PvGPM9mFUGTu0dBPUwH0DHo2_0EGRBDbB2VTKs9Ibnpf0G6QyPiGzQm1UfSpsQgKzLb7HQEkHuf9ppaT7k54bu6suaAWIcUneYzH2yi7NvI1AmqVWxA96XDYTVez43D92Jffw8nixoEQhxEfDAFjk_83T3EUT9YpU930KB3tdDyx8Bu7IuJKl5giXien
IP 88.214.195.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/ic?auth=pz6u78&c=xdrNUCWMqFa66YYVBYR8aUeu9M26sTg459A4Pw671tiYX25Rd0oVktM0wH9y_WEnX0O-CVa8Z0WFOk66Ifhx1zGub8C6nFbi9F4ZnbV7kylKwsX9DbyZiA17CgDp694wMz8TQzqLO713N672PB4O45yzsC0vTqiKS_y5W6DgkZVyiJjDESSi3FbtZjDKBBmQFrLziAYp4HbF-NR7_oL90bSn40E3APdbxkOsJzN-2xQXsaWZJm8JrOde6AUqgToXLwJaPn7MWAtNVWfVO8p1Thezw-AzWm9fwTCkXfwKmCfGEaegOMtKggujbP4fETJUnE-Ldgjij4-IPwT7NpiKRLZzniNBCHwZu6WNd2jn9gnS_LPNbYfgbIykMUab5TyygRp-aO7GMADpj_A2GLrBDvMAnfNBwbaTPW5Zb90VvWwf7ZqM_Eq1PvGPM9mFUGTu0dBPUwH0DHo2_0EGRBDbB2VTKs9Ibnpf0G6QyPiGzQm1UfSpsQgKzLb7HQEkHuf9ppaT7k54bu6suaAWIcUneYzH2yi7NvI1AmqVWxA96XDYTVez43D92Jffw8nixoEQhxEfDAFjk_83T3EUT9YpU930KB3tdDyx8Bu7IuJKl5giXien HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Jan 2023 20:43:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659515047164-National Casino black.png
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659515047164-National%20Casino%20black.png
142.132.194.196200 OK 4.5 kB URL HTTP/1.1 ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659515047164-National%20Casino%20black.png
IP 142.132.194.196:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 58be17b22d6e1178a54c92cf862c817e
b821bc2f016751647df49e49863077e927a70322
9cc4f3f40313b08baf54c956685ac7a21ac8a3573908b9763865c6f613ce1b5f
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1659515047164-National%20Casino%20black.png HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 07 Jan 2023 20:43:23 GMT
Content-Type: image/png
Content-Length: 4456
Last-Modified: Wed, 03 Aug 2022 08:24:07 GMT
Connection: keep-alive
ETag: "62ea30a7-1168"
Accept-Ranges: bytes
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/fonts/SFUIText-Regular.woff
172.64.167.9200 OK 73 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/fonts/SFUIText-Regular.woff
IP 172.64.167.9:0
File type Web Open Font Format, TrueType, length 72696, version 11.0\012- data
Hash 53d97caea7ef8a12beab745fcc5744e1
b8c70e4f67957e4f2cb809a58d84c773a3bde6d0
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715
GET /sb/interstitial/rtb/default/3/fonts/SFUIText-Regular.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://instrumentalsmp3.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 20:43:23 GMT
content-type: application/font-woff
content-length: 72696
last-modified: Wed, 23 Jun 2021 13:33:22 GMT
etag: "60d33822-11bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifcsMKeFhMCbawpIVr5B2grNyBiLunBUNMbl4gYYeKgyefPKsTmdor1pDuFA56ktysjjGtuwpYbkc3KfxE28CIYXlqj6lN5Jy%2FA5Sl6dzDt%2BD16xYwi5CSto3SLAdqXqodN34ySqO3fm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785f867fed757324-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f3bf71643ae5219a72dda1da70667cf6
00e3e8da4828280fa90ad6f8550b32a1afe9eda7
a62b2beef5db6770d7caefcc77a94da89d1d64e3de538b47926c8b6dee469137
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 20:43:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 7660e350783a4823ac1e66f283a113bc
8d43ea32e6ec4c477f8893da503213113252d4c3
92bb500f0c63ba0cdd1316d1ede82331acd69c63eb0a06f7fb31eb5975001193
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 07 Jan 2023 20:43:24 GMT
date: Sat, 07 Jan 2023 20:43:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-I-eMvugBlOkpufbDqy_OjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fadbf0232f1d32f9e1f69a03ae0d85f
ffd5a5ed1833a796abc058de27b29cbb58caab58
822ac968f892f2afdc623fc5acd352bfd321d13c6299318ff75289d007e458a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "822AC968F892F2AFDC623FC5ACD352BFD321D13C6299318FF75289D007E458A7"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12241
Expires: Sun, 08 Jan 2023 00:07:25 GMT
Date: Sat, 07 Jan 2023 20:43:24 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=bb959096-3f85-4e99-a6a6-2cd72ea58c5d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=e59cff092a6247d43bac9fc15ccc4bfa&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=bb959096-3f85-4e99-a6a6-2cd72ea58c5d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=e59cff092a6247d43bac9fc15ccc4bfa&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=bb959096-3f85-4e99-a6a6-2cd72ea58c5d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=e59cff092a6247d43bac9fc15ccc4bfa&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instrumentalsmp3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 07 Jan 2023 20:43:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cff65ae628d377adc87cf40af6d6c605
Strict-Transport-Security: max-age=0; includeSubdomains