tzak.fun/
188.114.97.1301 Moved Permanently 0 B IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tzak.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 22:01:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Dec 2022 23:01:58 GMT
Location: https://tzak.fun/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kf0Z2ijtHm8kK1w05I3BtEvf8sK1FG8Yh1%2BuB%2F83IK2GrHdnIKDo7MskpmW3F6wKEeikR7hTtQhZhMnbu03CGo2mvaJGNsN8YavpSmE5V%2FRLU1qiETpjJ9M9LA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7747d2dfabbdb4fa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6066
Expires: Sun, 04 Dec 2022 23:43:05 GMT
Date: Sun, 04 Dec 2022 22:01:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=131360
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:01:59 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:31:19 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6585
Expires: Sun, 04 Dec 2022 23:51:44 GMT
Date: Sun, 04 Dec 2022 22:01:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 21:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2510
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e6Bw3d31x2xvq5Z6qXBTAeaJtmc/qPm8fVkfkB7PmZ1cRorgQMZCc/WOoghaN/lYM3/MI5wKI2Q=
x-amz-request-id: DF9KXXXGE7590P4S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 21:47:08 GMT
age: 891
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/y9i1dEjHdzY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/y9i1dEjHdzY
IP 142.250.74.131:0
Hash 64ccb2b8c37e6012630ddc3bf3e2e5be
e8e4e3955f6b3cd969d5fe43a9bb4feb05393f3a
628d7862d7fb037f8dce89b7546d0075e247bd3066510bfd0b90d6c1a83d4c78
POST /s/gts1p5/y9i1dEjHdzY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:01:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/y9i1dEjHdzY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/y9i1dEjHdzY
IP 142.250.74.131:0
Hash 64ccb2b8c37e6012630ddc3bf3e2e5be
e8e4e3955f6b3cd969d5fe43a9bb4feb05393f3a
628d7862d7fb037f8dce89b7546d0075e247bd3066510bfd0b90d6c1a83d4c78
POST /s/gts1p5/y9i1dEjHdzY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:01:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 7861fe46190608472b3baa189f788ed9
46109cd2492f224db9a3eddf9b60b8e7b6a50c81
7a64652f329561e4efbf5143aed47c278575819bce148de6c7e488316731b6c1
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:01:59 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 17:54:34 GMT
Expires: Sat, 10 Dec 2022 17:54:33 GMT
Etag: "46109cd2492f224db9a3eddf9b60b8e7b6a50c81"
Cache-Control: max-age=502953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747d2e31b6a1c0e-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 3181
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6579
Cache-Control: max-age=132871
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:01:59 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:56:30 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
news-gakemi.com/lands/38/lp.js
172.99.190.180200 OK 1.4 kB URL HTTP/2 news-gakemi.com/lands/38/lp.js
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Malware
GET /lands/38/lp.js HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/revopush.js?v=4
172.99.190.180200 OK 8.9 kB URL HTTP/2 news-gakemi.com/revopush.js?v=4
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8922), with no line terminators
Hash 51014cabdb246e54c6fe1c7864225e81
04390aa362cc51c8f3aa848e5f1a11b3f9ba2751
32da65acc9ea9ff95f364751b4855731358710ebeb6b25d863a1c5d02dc73bd1
Analyzer Verdict Alert fortinet Phishing
GET /revopush.js?v=4 HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: application/javascript
content-length: 8922
last-modified: Mon, 29 Aug 2022 09:05:32 GMT
etag: "630c815c-22da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
172.99.190.180200 OK 4.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
172.99.190.180200 OK 6.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
172.99.190.180200 OK 8.3 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
172.99.190.180200 OK 1.4 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/18.png
172.99.190.180200 OK 12 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
172.99.190.180200 OK 22 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
172.99.190.180200 OK 28 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
172.99.190.180200 OK 17 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
172.99.190.180200 OK 12 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
172.99.190.180200 OK 11 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
172.99.190.180200 OK 14 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
172.99.190.180200 OK 13 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
172.99.190.180200 OK 16 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
172.99.190.180200 OK 18 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
172.99.190.180200 OK 2.4 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
172.99.190.180200 OK 9.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
172.99.190.180200 OK 9.6 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
172.99.190.180200 OK 15 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
172.99.190.180200 OK 10 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
172.99.190.180200 OK 9.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
172.99.190.180200 OK 8.3 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
172.99.190.180200 OK 9.3 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
172.99.190.180200 OK 9.9 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
172.99.190.180200 OK 8.9 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
172.99.190.180200 OK 12 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/button.png
172.99.190.180200 OK 20 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/load.gif
172.99.190.180200 OK 15 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
172.99.190.180200 OK 3.8 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
172.99.190.180200 OK 24 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
172.99.190.180200 OK 887 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
172.99.190.180200 OK 1.9 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
172.99.190.180200 OK 1.4 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
172.99.190.180200 OK 2.6 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
172.99.190.180200 OK 1.2 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
172.99.190.180200 OK 1.7 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
172.99.190.180200 OK 1.4 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
172.99.190.180200 OK 1.8 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
172.99.190.180200 OK 1.9 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
172.99.190.180200 OK 1.1 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
172.99.190.180200 OK 2.4 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
172.99.190.180200 OK 2.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
172.99.190.180200 OK 3.1 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
172.99.190.180200 OK 1.8 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
172.99.190.180200 OK 1.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
172.99.190.180200 OK 1.4 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash a08c2c5266f9701e422f042b4a3809c5
9884cf987f84b282f920634b2ab811077dfef7a3
054df6bf8ee2bcb904269745cd2c0830918d9e1a6ff1f965673af5f2946a3c37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(13).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1373
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-55d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=58594
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
172.99.190.180200 OK 1.6 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=47928
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
172.99.190.180200 OK 1.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg
205.185.208.60200 OK 13 kB URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg
IP 205.185.208.60:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 258x145, components 3\012- data
Hash dce82d44b4b11da45323c7fb3d48f2e8
1f89ba9a7c5f9bb914f4d9a8546119f68f7ddcfc
71035bfb92d2af8dd1b035d0b27b853e08adfc90b0c248d1ce3a131cf7631601
GET /m=ecuK8daaaa/videos/201504/13/47540711/original/3.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:00 GMT
etag: "1576646962"
content-length: 13332
content-type: image/jpeg
last-modified: Wed, 18 Dec 2019 05:29:22 GMT
accept-ranges: bytes
cache-control: max-age=10377942
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds240.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
172.99.190.180200 OK 887 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male(1).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=54921
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
172.99.190.180200 OK 841 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=36341
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
172.99.190.180200 OK 2.6 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
172.99.190.180200 OK 4.6 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
172.99.190.180200 OK 4.4 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
172.99.190.180200 OK 7.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
172.99.190.180200 OK 4.3 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
172.99.190.180200 OK 4.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
172.99.190.180200 OK 8.6 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
172.99.190.180200 OK 5.1 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=52140
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
172.99.190.180200 OK 4.4 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=40159
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
172.99.190.180200 OK 7.9 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=47330
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
172.99.190.180200 OK 3.8 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
172.99.190.180200 OK 4.7 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
172.99.190.180200 OK 6.8 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
172.99.190.180200 OK 1.9 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/sw.js
172.99.190.180200 OK 4.2 kB IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:15 GMT
etag: "63886653-1067"
expires: Mon, 05 Dec 2022 10:02:00 GMT
cache-control: max-age=43200
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bM7B1+Ju+AmYQnRa+xVdcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6fFrRnslZKhoodMdE3jEomGQLWk=
news-gakemi.com/lands/38/index.php_files/pu.swf
172.99.190.180200 OK 2.0 kB URL HTTP/2 news-gakemi.com/lands/38/index.php_files/pu.swf
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Malware
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400&subset=latin,latin-ext
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400&subset=latin,latin-ext
IP 142.250.74.106:0
Hash 2f8c7bf9c0c57b27d8f7ccd951db5576
9ef8deb83aa8e3219ee6820e4483a164af84e451
fba062985f138e76ee7c31a19ec757c6384ddd931e44fffc80fee917ed678b48
GET /css?family=Open+Sans:300,400&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 22:02:00 GMT
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=47928
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=54921
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/jquery-3.2.1.min.js
172.99.190.180200 OK 30 kB URL HTTP/2 news-gakemi.com/lands/38/jquery-3.2.1.min.js
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 58d8194b77d2b76444c88f32a1d0ad5b
59983b5d823d05dd5193e20a0558b81cf5ad0723
0a6ad8bd58bf057444963bfb04b9f582e52e1bbf9b94c829ae2d30b5226d1f18
Analyzer Verdict Alert fortinet Malware
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
172.99.190.180200 OK 6.3 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=47330
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=52140
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=58594
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/favicon.png
172.99.190.180200 OK 1.2 kB URL HTTP/2 news-gakemi.com/lands/38/favicon.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.194.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.194.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 22:02:00 GMT
age: 2003248
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
172.99.190.180200 OK 234 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/lp.js
172.99.190.180200 OK 1.4 kB URL HTTP/2 1.news-gakemi.com/lands/38/lp.js
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Malware
GET /lands/38/lp.js HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/revopush.js?v=4
172.99.190.180200 OK 8.9 kB URL HTTP/2 1.news-gakemi.com/revopush.js?v=4
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8922), with no line terminators
Hash 51014cabdb246e54c6fe1c7864225e81
04390aa362cc51c8f3aa848e5f1a11b3f9ba2751
32da65acc9ea9ff95f364751b4855731358710ebeb6b25d863a1c5d02dc73bd1
GET /revopush.js?v=4 HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/javascript
content-length: 8922
last-modified: Mon, 29 Aug 2022 09:05:32 GMT
etag: "630c815c-22da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
172.99.190.180200 OK 4.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
172.99.190.180200 OK 6.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
172.99.190.180200 OK 8.3 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
172.99.190.180200 OK 1.4 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/18.png
172.99.190.180200 OK 12 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
172.99.190.180200 OK 22 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
172.99.190.180200 OK 53 kB URL HTTP/2 1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 4fbf62c249012be865dc0b36962aa81a
3161036e27e156eece673938b313fc9bc7c53e8d
a9cdceadcb248170a1eb4d799b12d8858cb1de86591e2a49bcc05d3a43664fbf
GET /lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4= HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8; expires=Sun, 04-Dec-2022 23:02:00 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=47928
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
172.99.190.180200 OK 12 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
172.99.190.180200 OK 11 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
172.99.190.180200 OK 14 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=54921
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
172.99.190.180200 OK 13 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
172.99.190.180200 OK 16 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
172.99.190.180200 OK 18 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
172.99.190.180200 OK 2.4 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
172.99.190.180200 OK 9.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=36341
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
172.99.190.180200 OK 9.6 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
172.99.190.180200 OK 15 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
172.99.190.180200 OK 10 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
172.99.190.180200 OK 9.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
172.99.190.180200 OK 8.3 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
172.99.190.180200 OK 9.3 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=40159
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
172.99.190.180200 OK 9.9 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=47330
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
172.99.190.180200 OK 8.9 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=52140
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
172.99.190.180200 OK 12 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=58594
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/button.png
172.99.190.180200 OK 20 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/load.gif
172.99.190.180200 OK 15 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
172.99.190.180200 OK 3.8 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
172.99.190.180200 OK 24 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
172.99.190.180200 OK 887 B URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
172.99.190.180200 OK 1.9 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
172.99.190.180200 OK 1.4 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
172.99.190.180200 OK 2.6 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
172.99.190.180200 OK 1.2 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
172.99.190.180200 OK 1.7 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
172.99.190.180200 OK 1.4 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
172.99.190.180200 OK 1.8 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
172.99.190.180200 OK 1.9 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 16b2fab44ddad0b620d0eaec2fc1e425
24fa279de6ceb2c0434ff4e750639e15eb22ed29
58076ed17c6377d23375ec949c6cb2eade75010dcf82ba0e64dbdcbd67583912
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(7).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1902
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-76e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
172.99.190.180200 OK 1.1 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
172.99.190.180200 OK 2.4 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
172.99.190.180200 OK 2.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
172.99.190.180200 OK 8.3 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 137c2bf72e0bb4094abcd0b3d2010aae
3e31ec83cc49482267e74f46e8187d6425d5db4a
e1b4f28f58f52f8bb69ef14a8c80d2752d7fe6e5edc2c3b9da058eeb585fc4ef
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
172.99.190.180200 OK 1.8 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
172.99.190.180200 OK 1.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/jquery-3.2.1.min.js
172.99.190.180200 OK 32 kB URL HTTP/2 1.news-gakemi.com/lands/38/jquery-3.2.1.min.js
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 7829f5186f1cdb949d8f4e6ef72b28ca
323c1ff783c9cf8bebfd89b9b09d4c1e043b1b4c
1d58c5b204eddd381140f37464b5a3789724e2f88bc1cd60410a172655223058
Analyzer Verdict Alert fortinet Malware
GET /lands/38/jquery-3.2.1.min.js HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:33:06 GMT
etag: W/"5d7a10d2-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
172.99.190.180200 OK 1.6 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
172.99.190.180200 OK 1.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
172.99.190.180200 OK 12 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash dcbca93bab065f86d771507c4f0d1ecf
22a425f8bfa0841b1b00d964164a9151c77f1de3
2e2115e9cdbd9716cb06f448f6f7cc548d5469a4f2a49ca321599af248b3ccde
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
172.99.190.180200 OK 3.9 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 029f825906ce2a9d6c6de8a4024a9f12
1bd1e4454c3174e700302d68d1fcf67a0c01c382
d4334b67bb7d15fa9b646c3d05eb0be83a3e8f375658b1025db293cc94f17b4f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
172.99.190.180200 OK 35 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 0a8397aac67d384ffda66220a01a8e9d
0c33fbc5932dc8d6adc40780f8fe32c717729c83
0a6e7570b52fc5ac858e2f3f00343198c6b70da93644b7dab7790bad0019dfd9
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
172.99.190.180200 OK 4.6 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
172.99.190.180200 OK 4.4 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
172.99.190.180200 OK 7.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
172.99.190.180200 OK 20 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash bb61327c12be2131e4fd39667e1625b1
5652ad34726013866f350def02135c7244f8d82a
9a0ca42d0939591140b9678cbbfd84cfc026ee9a0c0dd3aa9b0aa8fef5089f99
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
172.99.190.180200 OK 4.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
172.99.190.180200 OK 8.6 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
172.99.190.180200 OK 5.1 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
172.99.190.180200 OK 14 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 2e036db507bd4d1fab4236cd4600418e
70b2e33f57d7d106364f1bd611e48161ceae22dc
280a36339f3ace06523f3350854e33f333875f98eddafced2498f54b8ae3d0a8
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-gakemi.com/traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38
172.99.190.180200 OK 7.9 kB URL HTTP/2 news-gakemi.com/traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38 HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
172.99.190.180200 OK 3.8 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
172.99.190.180200 OK 4.7 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
172.99.190.180200 OK 6.8 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
172.99.190.180200 OK 1.9 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/sw.js
172.99.190.180200 OK 4.2 kB IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:15 GMT
etag: "63886653-1067"
expires: Mon, 05 Dec 2022 10:02:00 GMT
cache-control: max-age=43200
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/index.php_files/pu.swf
172.99.190.180200 OK 2.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/index.php_files/pu.swf
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Malware
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=47928
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=54921
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=36341
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=40159
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
172.99.190.180200 OK 6.3 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:00 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=52140
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:00 GMT
cache-control: max-age=58594
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191320.dop213.sk1.t,1670191320.cds209.sk1.hn,1670191320.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
172.99.190.180200 OK 234 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
1.news-gakemi.com/lands/38/favicon.png
172.99.190.180200 OK 1.2 kB URL HTTP/2 1.news-gakemi.com/lands/38/favicon.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.194.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.194.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 22:02:01 GMT
age: 2003249
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/lp.js
172.99.190.180200 OK 1.4 kB URL HTTP/2 2.news-gakemi.com/lands/38/lp.js
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 8441b469fa0c093bd106a66a4068d944
c3698e755cd1ef7b5d29e233ef615219559a96f3
befe8e9f55c6e3fe10fd398534acb713129764b05d852089ac34bfa535a53902
Analyzer Verdict Alert fortinet Malware
GET /lands/38/lp.js HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/javascript
content-length: 1418
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-58a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/revopush.js?v=4
172.99.190.180200 OK 8.9 kB URL HTTP/2 2.news-gakemi.com/revopush.js?v=4
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8922), with no line terminators
Hash 51014cabdb246e54c6fe1c7864225e81
04390aa362cc51c8f3aa848e5f1a11b3f9ba2751
32da65acc9ea9ff95f364751b4855731358710ebeb6b25d863a1c5d02dc73bd1
GET /revopush.js?v=4 HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/javascript
content-length: 8922
last-modified: Mon, 29 Aug 2022 09:05:32 GMT
etag: "630c815c-22da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
172.99.190.180200 OK 4.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (4028), with no line terminators
Hash 64f6d7d923f18e5d25a4506b45fcd51d
0e636e489bba7af08cb17f8a72c5dc5685774057
18818b4b5458636324d294a8dee67dbde4808ae542e6cefa18ca6d90c1fc4479
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/modals_commons.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
content-length: 4028
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-fbc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
172.99.190.180200 OK 6.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (5955), with no line terminators
Hash 0fe9d8c60b2c31a97fa966d14be642ef
eb4f94b637c54906ae38eb350b6310d552c75e6d
191ae0d72198f51609589e26c7d837d2978382861f60b360148e0af13c8583e1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/layout.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
content-length: 5955
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1743"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
172.99.190.180200 OK 8.3 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (8327), with no line terminators
Hash 8cd6ca47d55ffed774fde852523940e0
49e1e837355b3de08055c650488d0a3382bff9c0
17528d5914a702bb12ac6b36c8e3bbbfbcd3d52b54dd613acbacf8f4bb17ae33
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
content-length: 8327
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: "61deb724-2087"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
172.99.190.180200 OK 1.4 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (1391), with no line terminators
Hash 677a255a4a9dc3411b8013e8afb09c42
ec9f1a722b028da2eceb06cdc8c26fc6490a4e70
cc4494353809adb8bdfbbdea2ad72a1a0fc9c84816dc23c7ee1f9466e620eb5e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/pb_block.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
content-length: 1391
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-56f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/18.png
172.99.190.180200 OK 12 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/18.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 833a12d372440b20017502d3c72e0b20
5fb9301142e3c53f65cd16502b35d7d1d5f82b98
1531ac56322b89715a35b1cdb5ca1f79f453614f368455b2cc8ef650a992f8cd
GET /lands/38/landings/Ihyam_7H2-fd/18.png HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/png
content-length: 12136
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
172.99.190.180200 OK 22 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 150 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b197d779dd9ee78737a456dbd5c1a6
a3f0b1d0659e5a76bdfaa52bb8f68096d1ab1359
806a8a4abe09c02f4e4b3ed4d6514bfcf1a93a941e838aadf56afaef858d8e37
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/681.png HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/png
content-length: 21724
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-54dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
172.99.190.180200 OK 28 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:03:16 09:26:15], baseline, precision 8, 118x88, components 3\012- data
Hash c1a5819d50b9125f0c46ded86fd5b4b6
3926c15be79cb7522cefdbf5066d39623e36a283
374f0cede3c1f91ad174b97554017b74cbd29424d7467d039beab541f6deb873
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/104.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 27900
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
172.99.190.180200 OK 17 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 118x88, components 3\012- data
Hash 215029a9775d1e9a56c93912ab03f4c6
6a3dbd676e2ea61850d2a20086b9ec84127da0ae
e071c52839ef37679439165349ffdd98cf19aa7e35d0293a1bec69743db70b16
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/36.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 17350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
172.99.190.180200 OK 12 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash ea52ae32ae4319fb03da1672b0c20ed3
4efd8189179b260a4b51fd4b28d729b6143ef00a
43a4ca83560d5720ffeccf17478d6a1741f86639f35744fb61fcb139dc3020a6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/27.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 12525
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-30ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
172.99.190.180200 OK 11 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 2f03fbd61721fdf46883333595050c77
8361f15c906a9457340fc21febd22b5ede56ac61
9f6c76cf695bc0785f4e4f8bb3abe93255af3ea1597307d567dc0fc93fa70560
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 11238
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2be6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
172.99.190.180200 OK 14 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 9903db279cf9714141daac34523f39b6
ac412f9ce9b8c50155e9adb9f5095d82519ccd24
f562892c60fef407c954fd73d6908003c42f832c4ae86f8264438a576ce2c1cd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/35.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 13505
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-34c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
172.99.190.180200 OK 13 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 118x88, components 3\012- data
Hash 99a404d25bcdd47a141dafdbe046d0cf
04de642c5cbc865c29ab3599c1c4fa19f2a6ba8e
fbe779bcef340ba0b148f84b50a8323a2bbb493674e130bf877d87c6d163ed36
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/73.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 13106
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3332"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
172.99.190.180200 OK 16 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 5a34545daf4bc481bcbc3573062aa426
132d09d36ede8f32c3168ecaaa631e5959ce38ef
c044a81b14812c50f3142ad20d0ca862923daba2483eb164b0348ba98d3b7855
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-3c79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
172.99.190.180200 OK 18 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x88, components 3\012- data
Hash 10e8794e65f20d32932985bf814b8965
0627b8648373340d2ba949fd7fe50611d11b033b
43b9f39f94acb50efb3b6981a6c931dcf25eefcc7b7734a927036255263eee39
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/28.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 17978
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-463a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
172.99.190.180200 OK 2.4 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 116 x 86\012- data
Hash ec706a0634f1e5e06ad775b2b2ebdcf2
5a18c424f7b84b40709a6b78b2d632639bb3ff2b
9613f59211bd2194336c666d11a0d2e1daa4dd96d543e661f5835e0a621c2f5d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/categories_seeall.gif HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/gif
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
172.99.190.180200 OK 9.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xae3bf698", progressive, precision 8, 258x145, components 3\012- data
Hash 58357cada0f0171d2a84540391219649
57123e69e055b4d818faedec09884135c5d4a31e
742c68ecf3dcc1096143a0a5d00f4a15a3edb13fd497ea2931e67e66826addd0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/2.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 9007
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-232f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
172.99.190.180200 OK 9.6 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x70755b56", progressive, precision 8, 258x145, components 3\012- data
Hash 8fcd27f0bcc790f75f46d275a19a6300
556d3ca4dec168c77ae4a73c0c6e8291ef1291c0
78410be719ee73e00845d44e100e280d3989fc3d0fa4d3dcfcd888f13ded1843
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(1).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 9565
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-255d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
172.99.190.180200 OK 15 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 258x145, components 3\012- data
Hash bb05342bd1f87ae7624aba323af77dca
4b7c875644d0b6a424abf06cda89ad135bd53d81
828e2c12259274e1eb1c212f3498fb31503462023c4b2642da4f795209b755de
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/15.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 14653
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-393d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
172.99.190.180200 OK 10 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1d6d8e5e", progressive, precision 8, 258x145, components 3\012- data
Hash 1541881a313c963dc754657aefd89ef0
fb41198c81ac17da4f9a34e4b4bf21c8c7fe6001
75e1629d9fad2e22b9d9983c65874a19a3f639db43c11db713a7f972b8f72117
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 10352
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2870"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
172.99.190.180200 OK 9.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 6c17c634ebd856cc85bedd931ac01680
d1e1b9358749b9fd4ff851bb4cbdce54a6223ce8
c1ced3a91bde391f64c6cef03b164cd89ffd499fa5d75a3f797bc57b1fc3c191
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/0.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 9032
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
172.99.190.180200 OK 66 kB URL HTTP/2 2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash e7096e33615854140ac6fa7645e17e0a
b26edc2631061bc24ea8152c3a30c0ad618fd5d4
0e6687f2525a2e2b0bbbb63c0fe8993c15b67d1b0cd07e1215a2e5520937fdf5
GET /lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4= HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8; expires=Sun, 04-Dec-2022 23:02:01 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
172.99.190.180200 OK 8.3 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 258x145, components 3\012- data
Hash bc1cdeea817d887b981f26bc84236b93
4528ed7010e2e0c774890d6041a60cbeb3c69c92
d737ffd9379d8f2734c1dc6304e4ff75f1c946de29371a1ec9ddc01f423076dd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/14.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 8266
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-204a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
172.99.190.180200 OK 9.3 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7cd1fc83", progressive, precision 8, 258x145, components 3\012- data
Hash 5ec2461279f77afe0c6fbb935bd0b94a
95c6e9171db79ea69ce718b02484e36816d1a1cd
ac60e5738d3cf6d32004e1ddfcf4368e256f1928ea923f9369869b8e9af665ba
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 9338
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-247a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
172.99.190.180200 OK 9.9 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x50dba82c", progressive, precision 8, 258x145, components 3\012- data
Hash eed80bba1e2813e70d57a5f3a6bbdf09
3965668a7340d071731a89abf73cc4b3efe4dac3
9ef4f06c23420fae9b1fd163d0719be1b2b258d74d27f7933c810ad64c93ac93
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-26ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
172.99.190.180200 OK 8.9 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 258x145, components 3\012- data
Hash 77df6b7e2677b46a053508a92026cb8a
decad70c5281062495250250fdf985b6073a8a91
6143cd3687b480264dad4e3d3a237c30c26c859ef7fe1c2a7b32472fb65710c0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/8(2).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 8885
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-22b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
172.99.190.180200 OK 12 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 258x145, components 3\012- data
Hash 081a01df58865529d3edcbc765c4dcb5
a7fe3ca35fe5e244926a80addda994218806f613
edebf400c8f60c306491e7b2f8a695b7dde10cf49eed66125423571a1cd60d05
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/5.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 12127
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-2f5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=54920
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201510/20/59925001/original/0.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=36340
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds205.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=40158
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201410/28/34062481/original/7.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=47329
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds001.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/button.png
172.99.190.180200 OK 20 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/button.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 107 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash e2aadceedde9aef1bf42c176b31c585c
76c14eae7537160a304aa458bf11a985d5a57375
2b1ff8c49202306d33deac4cf49841f59c1a49d15c80a77c1e001369578cef3f
GET /lands/38/landings/Ihyam_7H2-fd/button.png HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/png
content-length: 19948
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4dec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/load.gif
172.99.190.180200 OK 15 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/load.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 64 x 64\012- data
Hash 571dfe045d66b88d2d5c82151a1bf579
8966eb7cd27754263bd2861737b695386273f423
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
GET /lands/38/landings/Ihyam_7H2-fd/load.gif HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/gif
content-length: 14574
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-38ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
172.99.190.180200 OK 3.8 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/flash.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d660b4b574161fdee86ae57edc8ed0ab
0b947dc39c7ba7415dd78683e06366ff3848b2d5
7483a49fc67a21c7a295b03880aa6c37425f3e96d60dff1ac36eff743ecf6078
GET /lands/38/landings/Ihyam_7H2-fd/flash.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 3829
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-ef5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
172.99.190.180200 OK 24 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/panel.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2016:05:13 17:11:55], baseline, precision 8, 990x36, components 3\012- data
Hash ab6b76c0cc6683324bd7fe5923b24d17
559b8b1e50f80b7a218e25ce443e523401882577
a923ea85ee73e53db73038b2ea8712e7e40b067cde25b05ffa999608b17a304d
GET /lands/38/landings/Ihyam_7H2-fd/panel.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 23598
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-5c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
172.99.190.180200 OK 887 B URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 7754ce192cf45ea10de0706da442d2ff
b5b7d0fcf5e84b04b34629d5a5a9c0bb69ca5238
0bfd7fc5264b6cede1f78a26a96cee917f96989822aa2aa20ac854e13ad46b2b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/male.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 887
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
172.99.190.180200 OK 1.9 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash ddf58dd1f8745a81264b21bcf1f9cc77
73a35df521dc648af06e2e490cac929bc681a06c
a2315bfaefeae19a449f38fe4131531c7603f5c7e75e956c240074da66123134
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1889
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-761"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
172.99.190.180200 OK 1.4 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x2a0818fe", progressive, precision 8, 60x60, components 3\012- data
Hash 609e06417314a6476bc6d0f3c1900e20
0e2b0d425bd9e5cc0ebb386b093adf64d464ac1e
9450244a77e354c177c18a691c0e5f0c2fc5d0ddf921f40178cbb8bfe4a076ac
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(1).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1394
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-572"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201503/17/46253311/original/6.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=52139
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds247.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
172.99.190.180200 OK 2.6 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 677577d8c6ffb0107ee5c9fbabaa4af7
0bfcbbafee19eeeae113103080c41cd95b4083e5
3a215afa0d15ae2985cfb88e51e90b727f0ba03fe10f8e0b0980ef55af91bdb0
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(2).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 2646
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=58593
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
172.99.190.180200 OK 1.2 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 1226a24c469c0fba3970548aab13650f
a6d371e4acc2a9181d1d6bf13b5d51f82c49a943
6a1513dacd3fcffe47245068fe9fa6a49cdc9c352b8d9cbf8f72005c4cf5cafc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(3).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1191
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-4a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
172.99.190.180200 OK 1.7 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 3db490cc8f824e29d6fb07ba75a97a20
84c2c26447f7b49c76999f31c0ed526bde13c6c4
5c13ca439c63d5f3e5d638ba055f399058117d3b554ae3fb751d4a39043a14fd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(4).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1729
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6c1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
172.99.190.180200 OK 1.4 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xb7d2e3cb", progressive, precision 8, 60x60, components 3\012- data
Hash 47e765dc1abef2d79edafb5fce1c64b5
93d3e7f1e11dd2d98ca3ffb3b49a0211ed76f273
185540f06acc82b2dc4bdfa6d2deb4ce7454bb1e28783acdde67f8a9a90597b1
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(5).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1441
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-5a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
172.99.190.180200 OK 1.8 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.2 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash f042aa7a438ca85be0afeba44a3ac116
183c8b20394fdaf6ba757ff76d3f25e33092369e
05b76ed86b70990f4307223391e1c9abfff59ec545d75d94683c0f69713eed79
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(6).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1809
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-711"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
172.99.190.180200 OK 11 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 3ca26db4a500d821e934f8dcec095ff9
cf76358b173af0688a4b0c848572beb1063cdae6
358baf32450d5ffaf39dcfd40a3ec34da77596e5a23a5cfbbd927effedf48106
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
172.99.190.180200 OK 1.1 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x0bb5b909", progressive, precision 8, 60x60, components 3\012- data
Hash 01ed303509acb0c822fa3c55976d4b96
7ed250f181498962ebafd21f1bde4ca15e6953c6
fba198ced4795895d1f6d0bc2247d315eb8cc6dda60ad119c99846d68d0ce445
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(8).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1085
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-43d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
172.99.190.180200 OK 2.4 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash ec2823c426475d6766008dabf85a4bc2
f0681ce27ba96a1b4f6547a42495ebb5b0ca514a
2316f8554d54e907f9992475ced3bf03fc95412e98b2bc29aa6e5407260bcddd
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(9).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 2350
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-92e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
172.99.190.180200 OK 2.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash 3f809b94b5e5607da5b5c6506a8729c1
26f4376095902a56db86ea2c76689f15ba3cf9c2
7b84461772bad27e431676a53efae81d8584a102f3f6f407ae0a54469a938ff6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(10).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-7bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
172.99.190.180200 OK 3.1 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xd191bb02", progressive, precision 8, 60x60, components 3\012- data
Hash cbff1c490bcdcad2989c2549f278eae5
56e1b4489cfc0d54f9f72e15777788beba396c95
6d96d3de01207ab505c62b2da624ba787cabe4fee767c181b175186e50c23af4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(11).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 3063
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-bf7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
172.99.190.180200 OK 1.8 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 52eba434e5411806cd92add275d164ea
0cc9df3c52de111a307dc3d8d22254cf51b0c77f
a4c2a01f64274d0ede23e233e2be19225c68e5e5a6206b338fb8bc6410f7005f
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(12).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1758
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-6de"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
172.99.190.180200 OK 1.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c840b43a0575b0a1742c50f186a67c22
d1ac0da47b4394a9dbea90eee26a260b5268c4d9
6a8ef9be89e89c23d6d96c50e2fa62bd25473e9cc7a79e2cd1ef64e2647cb38a
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/wink.png HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/png
content-length: 1045
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
172.99.190.180200 OK 34 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash aa6e7f023bdcc59024a27b6c280d0119
5dea22046adf16bee3e9cedfd89d4234dd06408d
1ee8fef0b5f833f87c122738c64677e36f510a39520ebd7f08511ac5f3a258c3
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
172.99.190.180200 OK 1.6 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe0e89376", progressive, precision 8, 60x60, components 3\012- data
Hash bfa11442f9457a03384ecf8128a586a2
a30e6f6a18be085197605b6463f840cb249d0510
941411042624c554a5828ee596c1e3ade4a787ae2fad6e5b6d585ab6a6e1e3c6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(14).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 1563
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-61b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
172.99.190.180200 OK 1.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f46fad8cda5895b895f6ec3f95cda4
3bd79ef305bfa4b7c1a3f328828c63f89a818878
8e48576faf920cae224c669d61831d0ad5fc23f6220e83955275a3115bb568fc
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/tongue.png HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/png
content-length: 1046
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-416"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
172.99.190.180200 OK 6.2 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 26c8a9c9a1b5ae6f4479f3df9e14bac0
1faff49e20c35bae164207fdd234c150e3b5de7f
fb2e52f3679422ed27b5dcb937ed9f397806020bcf0cad9ce74be11b4cf86bb7
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
172.99.190.180200 OK 841 B URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6e5cd524", progressive, precision 8, 60x60, components 3\012- data
Hash 9cf522c306866742c2806e0c14c8bca7
7a3ff28af2c6f7cfd036ec4fc162651eaf634f7e
fa09bef7875241c06a9e2505bc698a189d3b3ce012af29c65817fd476627ec87
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(15).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 841
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-349"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
172.99.190.180200 OK 2.6 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0xe705e0c1", progressive, precision 8, 60x60, components 3\012- data
Hash 950ff8ae916df997fea302859ca2ccb4
42232e28878f65aaf4120d9435784ad46c2be71c
c0b01da5a48a7ddd619a2dee26bec77300b68bb1b028716320719f9c1a5f769e
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/200x200(16).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 2553
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-9f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
172.99.190.180200 OK 4.6 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 150x84, components 3\012- data
Hash 0fa4a903a2adc9da58b52661ebc8d38c
061c6359c2951da7509f6ae4039c2f0bc1ce6b62
79d6da7e0398c3f607c4bbc93562cf6ab96bb800cdab4ef6df82718cf0a0d3e5
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/11.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1224"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
172.99.190.180200 OK 4.4 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 58477c52a9d639b91b16f022d4676bcf
51a85ef703617e996c50cd76b38f2507517a9f25
a0653cc819b252702f55439d6f8763d212fca2f9f604d67224a2a9891e8eadbe
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(1).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 4397
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-112d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
172.99.190.180200 OK 7.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x7ab4f024", progressive, precision 8, 233x131, components 3\012- data
Hash 2a4d527ed65de8e2e0a69dc9d50442d2
8ec4547a38c9e3d37469acfe21ea755531776f09
275876bbb5190da100ae4f9aca976ec15cea0de20d42e167f522a0a50ba8ca02
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(2).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 6972
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
172.99.190.180200 OK 4.3 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 365e215442256548316a73bc7c79edf1
13078402132cb89939a39edf11181fb88ebe390f
f8c35c02ff055694af23c83b1e3019a8c29965ab57ed7db8173a23a38494ff58
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/10(1).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 4315
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-10db"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
172.99.190.180200 OK 4.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x541b39db", progressive, precision 8, 150x84, components 3\012- data
Hash 416ec3af020687541765d48acb81fc08
48b80345ffb951535d4d6ca811d19bd9dd726998
75c30d77f900b2f4c91f502f45f00606b57a47bb84e6b700fb18482389d88f3c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(3).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 4035
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-fc3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
172.99.190.180200 OK 8.6 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x905c306b", progressive, precision 8, 233x131, components 3\012- data
Hash 55778c73ba99a9477464e5c90cdd7e02
bc49e8058f1dafe10e817441de952ba6aa3b7b58
c362fc3a2aafd1b0d8069fb1fae83b5f0abb06443d3e00b21b37be13aeb75bfa
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(4).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 8615
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-21a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
172.99.190.180200 OK 5.1 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x852b408e", progressive, precision 8, 150x84, components 3\012- data
Hash 72e270f7041c2fe2f326d11e162fb249
3f918a2023f10a01a2ed74713d292df415d14e05
b17ce663fab4421f728ea0dd218d2a8a6a10a4314759fdf139b9388fa26e37f6
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(2).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 5080
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-13d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
172.99.190.180200 OK 4.4 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x6359dcbc", progressive, precision 8, 150x84, components 3\012- data
Hash 447470b34b66b570c8fc0dbc11c06609
863180b376242e256189888eb99282e597d894c9
dd57f5a80517b8109279b57d702278f31a9878295045c6766931a0453244d749
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/7(2).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 4417
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
172.99.190.180200 OK 7.9 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x131, components 3\012- data
Hash 5df975e7a8c0b2610069610c54c5ce6c
ab6390fbb7be1be9a0f4477b4439e34d5175b6fc
bbfb6830dabc55fd598cc0948049f2367d17c80f286e0821e660ba7f5a6b360c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(1).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 7904
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1ee0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
172.99.190.180200 OK 3.8 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x8c97c7da", progressive, precision 8, 150x84, components 3\012- data
Hash 6ed4eca1ed776930746531005fcf22aa
11e8643932e35a8ef65be8ef585afee241c8eddc
28849006b773d85fb8fb2295a86bcee5d2cdabb9a23d854ffebbd8dfd203588c
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/12(5).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 3835
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-efb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
172.99.190.180200 OK 4.7 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x550d5e4d", progressive, precision 8, 150x84, components 3\012- data
Hash 12f0c14e5943fd57577ce11155107bdb
a484cb296770fe6cb55d25cba19f831cf1aaf7d1
9eb468f7688a901a3626fdde8d0b07dc490a830718c2938d32f70f0ec122a344
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/13(2).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 4664
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1238"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
172.99.190.180200 OK 6.8 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.12.0.4 0x1f7d625b", progressive, precision 8, 233x131, components 3\012- data
Hash 2ad4260dc1204ad8f3c0c29bd919830a
fd2ddfca32f55ba5d180af812a787e61ce136480
acc8f76a570c0833d34835f5694409e082b4af09783366596c2e151e0b0ed128
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/3(3).jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 6827
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-1aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
172.99.190.180200 OK 1.9 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type GIF image data, version 89a, 88 x 31\012- data
Hash 2bcf55138cde4a65770426a67ea247fc
13d8c808a4276dc88937817d7df7720182c093f6
348fd1e58aec8d99001aca1dd12b72eafef534c2d11725b2280a173d03b5fa6b
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/rta-1.gif HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/gif
content-length: 1882
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-75a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/sw.js
172.99.190.180200 OK 4.2 kB IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type ASCII text, with very long lines (4168)
Hash 569090f90a522f4c62af3b9e40635957
4e6f57da49920f30777f3fe71f83f6183aeb4f3f
ee8c6af307c8d085753adb810c69c8379d1e8d01211b491409c43e9edc9f6fb5
Analyzer Verdict Alert fortinet Phishing
GET /sw.js HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/javascript
content-length: 4199
last-modified: Thu, 01 Dec 2022 08:31:15 GMT
etag: "63886653-1067"
expires: Mon, 05 Dec 2022 10:02:01 GMT
cache-control: max-age=43200
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/index.php_files/pu.swf
172.99.190.180200 OK 2.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/index.php_files/pu.swf
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 6d40122b8a5b7fd31b5aef2749f519fd
518d585dd26c947344ddea5403324850d1b2f7cd
1da7814acd0d6913438bf701d8a2d2cf29814174b5eff0e6ff129ee74f68a7cf
Analyzer Verdict Alert fortinet Malware
GET /lands/38/index.php_files/pu.swf HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/x-shockwave-flash
content-length: 1953
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201401/21/22195452/original/16.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=47927
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds212.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201602/03/67748611/original/5.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=54920
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds251.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
172.99.190.180200 OK 6.3 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 4017230a30fd2de81422baf57cc42ff6
70e0ec756de5ff3e7da696aa5b187f4344793bd0
c4a26437ec996731964beb8292fea2593d775e127586b4ae54e1b974b885a1b4
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/large_temp.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-8353"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201507/15/52864251/original/12.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=40158
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds003.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
172.99.190.180200 OK 3.1 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash f28b03567552ec49b0cf260cf1aabe54
4ce3aac682a9f8484861977a640e2d670f5719d9
dff6024e1c2336d58b5163dc4d9dc6ca0484beb011927bd783d5c5527acf688d
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
172.99.190.180200 OK 15 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash 47018d77ac880c943294621a3afbc8cb
80782444b7072461ad62a80c42b9359b84f740d0
74875aac38e0edf501ee44c6bb21ac09b6f552a5d9e70c605a8199e9cd30d4b9
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
205.185.208.60403 Forbidden 9 B URL HTTP/2 cdn-d-img.pornhub.com/m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg
IP 205.185.208.60:0
File type ASCII text, with no line terminators
Hash 722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
GET /m=ecuK8daaaa/videos/201508/06/54560451/original/14.jpg HTTP/1.1
Host: cdn-d-img.pornhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 04 Dec 2022 22:02:01 GMT
cache-control: max-age=58593
content-length: 9
content-type: text/plain
accept-ranges: bytes
x-hw: 1670191321.dop213.sk1.t,1670191321.cds209.sk1.hn,1670191321.cds219.sk1.c
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf.png@cache=2016051250 HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b6ee6a5fdcf3c781a0b768964797646
f0bf83f6368d7c31471ad258ce8cfb4848109192
511ad4ad0f3db18490c9b7876d44c887f60d78dd8d06a585367c0ab4ddbbe92f
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/premium/premium-spirte.png@cache=2016051250 HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
172.99.190.180200 OK 234 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/fon2.jpg
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2014 (Windows), datetime=2016:06:21 11:55:20], baseline, precision 8, 990x513, components 3\012- data
Size 234 kB (234218 bytes)
Hash 60f67e63f85561c6f95fd573252d2311
6fc6d41b27131074786778522b86077f477dbd51
0e80e9257f1dd0149894bf37342cb082ef2410263de490e851111fa9531e15c6
GET /lands/38/landings/Ihyam_7H2-fd/fon2.jpg HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/jpeg
content-length: 234218
last-modified: Thu, 12 Sep 2019 09:25:02 GMT
etag: "5d7a0eee-392ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 613999d4801774b827b4f8bd140a605f
2c5b07d29a96ee02d53dd712b7e00e24e155cb22
cc78e35561f66b97b4b68cee9544c54190e44bb07bf8e6a067a45db32f5b1883
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/sprite-pornhub-nf-2.png@cache=2016051250 HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1979
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7bb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/redesign-stream-ui.png@cache=2016051250 HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/widgets-comments.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
172.99.190.180200 OK 2.0 kB URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 787dca6a9c809e6dcc3d3018f3f639bb
cf5838982dcd16a1cca3e810716270434413ea80
6fe734b116afdc3782aef601ddee34dfa45e93c69ff372143f3ae187c47627d3
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/images/profile/sprite-icons.png@cache=2016051250 HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: application/octet-stream
content-length: 1995
last-modified: Thu, 12 Sep 2019 09:25:00 GMT
etag: "5d7a0eec-7cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11298
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:02:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11298
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:02:01 GMT
Connection: keep-alive
2.news-gakemi.com/lands/38/favicon.png
172.99.190.180200 OK 1.2 kB URL HTTP/2 2.news-gakemi.com/lands/38/favicon.png
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e7ffe9c659d8c729e12e20dfe05509be
2c413e09ebd14dd3020209fe9c9183e0335fc250
880c000a3ca23bb89262d9c2ccf9d48bab37dcec09f3b3bf55c8385f58745f50
GET /lands/38/favicon.png HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: image/png
content-length: 1233
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: "5d7a0ef0-4d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J5nMfQKgT-FYVTurkqi_1CM7gu_aDiAN9NLP7hocqQ10UixVzQcq5w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:47:08 GMT
age: 893
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: emlp1xilsRT2P1bLbS63ImV7rpoIInC-6mQhu7eGProt148Gj-f1zg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:50:05 GMT
age: 716
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 737
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 58001
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 1162
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 1076
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.194.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.194.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 22:02:01 GMT
age: 2003250
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
194.58.108.80/KjNRwGbQ
194.58.108.80302 Found 0 B IP 194.58.108.80:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /KjNRwGbQ HTTP/1.1
Host: 194.58.108.80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 22:02:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Sun, 04 Dec 2022 22:02:02 GMT
Location: https://135.guesswhatnews.com/dannig/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&mrc=2&zoneid=1851770&tbz=1851772
Pragma: no-cache
Set-Cookie: _subid=s8hnpast38i7;Expires=Wednesday, 04-Jan-2023 22:02:02 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpast38i7_s8hnpast38i7638d18da1e2791.28636144;Expires=Wednesday, 04-Jan-2023 22:02:02 GMT;Max-Age=2678400;Path=/
330d8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI1NVwiOjE2NzAxOTEzMjJ9LFwiY2FtcGFpZ25zXCI6e1wiNDBcIjoxNjcwMTkxMzIyfSxcInRpbWVcIjoxNjcwMTkxMzIyfSJ9.V8jUdEbVGUyIkonsTQz17e09FM9ciJ9m_GIYqCg4mic;Expires=Friday, 08-Nov-2075 20:04:04 GMT;Max-Age=1670277722;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d7a926f4a425d707363fcd484e4473bb
2609844a002577e98a462385b3eda32a31f4b175
49e18fef10472940ecb1039e8fcef694375691c8e0bbf78a5f8b5ff5694b1bcc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:02:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 02:21:23 GMT
Expires: Sun, 11 Dec 2022 02:21:22 GMT
Etag: "2609844a002577e98a462385b3eda32a31f4b175"
Cache-Control: max-age=533359,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747d2f42faab4ee-OSL
135.guesswhatnews.com/dannig/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&mrc=2&zoneid=1851770&tbz=1851772
45.133.44.20200 OK 4.3 kB URL HTTP/2 135.guesswhatnews.com/dannig/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&mrc=2&zoneid=1851770&tbz=1851772
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b1bf1c02ff7cdc2c1552b5a17a50af85
4f3cc8a7b283f6df1e508b14a1b38f443033be9d
632c7683485838cb206b5a57f97e49e7d940c6005efca755662df1969dcc3d8f
GET /dannig/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&mrc=2&zoneid=1851770&tbz=1851772 HTTP/1.1
Host: 135.guesswhatnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: text/html; charset=utf-8
content-length: 4263
server: nginx/1.16.1
last-modified: Wed, 22 Dec 2021 15:36:27 GMT
etag: b1bf1c02ff7cdc2c1552b5a17a50af85
x-timestamp: 1640187386.05190
x-trans-id: tx6dd882d30daa4bc2a5477-0061c43778
x-openstack-request-id: tx6dd882d30daa4bc2a5477-0061c43778
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 08241715ece98c6b5f0c8531981d24cb
50c46dd852aa10defed61d4062cd2f5198429b31
74cd969660f88cf3ccd70fe01a4e881f4bcdac86a3b5f6f254043508bba547ae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:02:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:31:29 GMT
Expires: Thu, 08 Dec 2022 18:31:28 GMT
Etag: "50c46dd852aa10defed61d4062cd2f5198429b31"
Cache-Control: max-age=332365,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747d2f5694fb50b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 08241715ece98c6b5f0c8531981d24cb
50c46dd852aa10defed61d4062cd2f5198429b31
74cd969660f88cf3ccd70fe01a4e881f4bcdac86a3b5f6f254043508bba547ae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:02:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:31:29 GMT
Expires: Thu, 08 Dec 2022 18:31:28 GMT
Etag: "50c46dd852aa10defed61d4062cd2f5198429b31"
Cache-Control: max-age=332365,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747d2f56b9ab4f4-OSL
321.selornews.com/dannig/common-adult-player/img/logo.png
45.133.44.20200 OK 7.2 kB URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/logo.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 298 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fa0c2649b56a64bf24ec059fd49b982
802c9d794cc845927439ce8a3077975199015ebb
a513d2e457125cd443461746199793cd61f2e4511a9acfcda504f70b5000c774
GET /dannig/common-adult-player/img/logo.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/png
content-length: 7171
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
etag: 9fa0c2649b56a64bf24ec059fd49b982
x-timestamp: 1606159423.58541
x-trans-id: tx2d11e631a979497483925-0061c43777
x-openstack-request-id: tx2d11e631a979497483925-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/pics-4.jpg
45.133.44.20200 OK 9.7 kB URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/pics-4.jpg
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data\012- data
Hash bb74abbad9688a711d5c26b38a9836e3
8bec5939654c02d7b800c66547e1aa778c2d438c
3fb9e79f5a0a5fe0f0d466b9d715562c6abeed5b2b32dc4b9673b80494137dbe
GET /dannig/common-adult-player/img/pics-4.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/jpeg
content-length: 9707
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
etag: bb74abbad9688a711d5c26b38a9836e3
x-timestamp: 1606159424.12202
x-trans-id: tx2568c43dab48428daab33-0061c4377a
x-openstack-request-id: tx2568c43dab48428daab33-0061c4377a
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/burger.png
45.133.44.20200 OK 295 B URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/burger.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Hash fdea660170d6a7330b24d167c2c3d1d6
c95db01c09abcd2c3b3375ea2baa1443d1473af0
415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8
GET /dannig/common-adult-player/img/burger.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/png
content-length: 295
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
etag: fdea660170d6a7330b24d167c2c3d1d6
x-timestamp: 1606159429.21363
x-trans-id: tx19062f4261c14fc1b52b8-0061c43777
x-openstack-request-id: tx19062f4261c14fc1b52b8-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
2.news-gakemi.com/traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38
172.99.190.180200 OK 565 B URL HTTP/2 2.news-gakemi.com/traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Hash cecde563ddf80623522fc888052d5f70
0987897a1b087f89595abd94ce09c0887d8fa794
01aabc7f7227eb5cedfd9105a2a11f0582b14cb0382d70c5369629a8ec81c0d0
GET /traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38 HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/btn-icon.png
45.133.44.20200 OK 395 B URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/btn-icon.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 52 x 56, 8-bit gray+alpha, non-interlaced\012- data
Hash 06f18f63c3036edde4e88c1d5f200104
33c1e2780dc0a6f595afc2d87ed438ccb3d8922b
005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d
GET /dannig/common-adult-player/img/btn-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/png
content-length: 395
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
etag: 06f18f63c3036edde4e88c1d5f200104
x-timestamp: 1606159423.53964
x-trans-id: tx38a031f303324d22a20d6-0061c43777
x-openstack-request-id: tx38a031f303324d22a20d6-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/player-ui-l.png
45.133.44.20200 OK 663 B URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/player-ui-l.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 144 x 100, 8-bit gray+alpha, non-interlaced\012- data
Hash 5159265d4e4ecc1bfa2e8b028fc0534d
443e7f825760d81906a5c1a4ca660e0385b435fe
46a01582282a1e9326a84e445ba3da470e059b5d091d326e45271b698d6d62a1
GET /dannig/common-adult-player/img/player-ui-l.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/png
content-length: 663
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
etag: 5159265d4e4ecc1bfa2e8b028fc0534d
x-timestamp: 1606159424.13124
x-trans-id: txb315f345fc71448a869ee-0061c43777
x-openstack-request-id: txb315f345fc71448a869ee-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/views.png
45.133.44.20200 OK 461 B URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/views.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 32 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ad8de150ced2f4ab8828c02c23ab95c
b7620db8dc0ef0075c79de9c0f3409d292413b80
efb233df0a528dd04d7b9725ad679738f043478ced654fe0e9a9b59b205d447b
GET /dannig/common-adult-player/img/views.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/png
content-length: 461
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
etag: 0ad8de150ced2f4ab8828c02c23ab95c
x-timestamp: 1606159429.98953
x-trans-id: tx35d0f61c3329414bb13fa-0061c43777
x-openstack-request-id: tx35d0f61c3329414bb13fa-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/player-ui-r.png
45.133.44.20200 OK 1.1 kB URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/player-ui-r.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 226 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 74174fa53d52a184fa0a586f988f0d94
6fc2f64667c7cfabd7ae7a2409d20de7a501d9a3
4e0fbe743a42b8a641daec0745e3a80e22ed9df424b7e0e0c852ba27b9b409d3
GET /dannig/common-adult-player/img/player-ui-r.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/png
content-length: 1118
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
etag: 74174fa53d52a184fa0a586f988f0d94
x-timestamp: 1606159424.19318
x-trans-id: txe8ee6a71a7464855aa3b6-0061c43777
x-openstack-request-id: txe8ee6a71a7464855aa3b6-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/pics-1.jpg
45.133.44.20200 OK 9.4 kB URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/pics-1.jpg
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data\012- data
Hash 0fdbe8ac7fda89d3ed4d0845d4f86384
b14ff199e53771631d302442b22ecdd1867c88e4
733eb3487f5a82cdb71eda01d36247bf57ad107ee3be967d6561fa7f2f78664e
GET /dannig/common-adult-player/img/pics-1.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/jpeg
content-length: 9415
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
etag: 0fdbe8ac7fda89d3ed4d0845d4f86384
x-timestamp: 1606159423.61753
x-trans-id: tx25849c12f23b4793943c3-0061c43777
x-openstack-request-id: tx25849c12f23b4793943c3-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/stars.png
45.133.44.20200 OK 589 B URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/stars.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 169 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 586e70ae8cf2f823dc7876917d90be92
33d61043ae53a9377ad37bfd5b84c73f770c4105
894bcd381abf4e10bbbe8802a7c52396d8b6b73cdf9d2837caf8f6a0d7aea707
GET /dannig/common-adult-player/img/stars.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/png
content-length: 589
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
etag: 586e70ae8cf2f823dc7876917d90be92
x-timestamp: 1606159424.28164
x-trans-id: txdbf1c414646f4bc2b9451-0061c43777
x-openstack-request-id: txdbf1c414646f4bc2b9451-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/pics-3.jpg
45.133.44.20200 OK 9.2 kB URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/pics-3.jpg
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data\012- data
Hash 5f69e27fa1a7f979ca9e375da09d24dc
22699243d1b2bb1da09e8db42cb4f7cdccb71820
d775a68996acfd4e425c30b5ecb82549361b9f18fadea8509c312b4f420d3634
GET /dannig/common-adult-player/img/pics-3.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/jpeg
content-length: 9158
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
etag: 5f69e27fa1a7f979ca9e375da09d24dc
x-timestamp: 1606159429.34062
x-trans-id: txabf4c3b989ff475692ba4-0061c43777
x-openstack-request-id: txabf4c3b989ff475692ba4-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/common-adult-player/img/pics-2.jpg
45.133.44.20200 OK 6.0 kB URL HTTP/2 321.selornews.com/dannig/common-adult-player/img/pics-2.jpg
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data\012- data
Hash 7ca024e2ee360dee3a5ed409d8694295
55ac5fb299e34092ec8323e8f32cba0f33fd4105
0e6b67b963746ceeb4785fe5041806aca4d98a6fce7a2585240d25e32b5fe999
GET /dannig/common-adult-player/img/pics-2.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/jpeg
content-length: 5972
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
etag: 7ca024e2ee360dee3a5ed409d8694295
x-timestamp: 1606159423.64221
x-trans-id: txed1d93609ca148e9b6af5-0061c4377a
x-openstack-request-id: txed1d93609ca148e9b6af5-0061c4377a
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 08241715ece98c6b5f0c8531981d24cb
50c46dd852aa10defed61d4062cd2f5198429b31
74cd969660f88cf3ccd70fe01a4e881f4bcdac86a3b5f6f254043508bba547ae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:02:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:31:29 GMT
Expires: Thu, 08 Dec 2022 18:31:28 GMT
Etag: "50c46dd852aa10defed61d4062cd2f5198429b31"
Cache-Control: max-age=332365,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747d2f559cdb4ee-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 08241715ece98c6b5f0c8531981d24cb
50c46dd852aa10defed61d4062cd2f5198429b31
74cd969660f88cf3ccd70fe01a4e881f4bcdac86a3b5f6f254043508bba547ae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:02:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:31:29 GMT
Expires: Thu, 08 Dec 2022 18:31:28 GMT
Etag: "50c46dd852aa10defed61d4062cd2f5198429b31"
Cache-Control: max-age=332365,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747d2f56c9cb523-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 08241715ece98c6b5f0c8531981d24cb
50c46dd852aa10defed61d4062cd2f5198429b31
74cd969660f88cf3ccd70fe01a4e881f4bcdac86a3b5f6f254043508bba547ae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:02:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:31:29 GMT
Expires: Thu, 08 Dec 2022 18:31:28 GMT
Etag: "50c46dd852aa10defed61d4062cd2f5198429b31"
Cache-Control: max-age=332365,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747d2f56aabb51b-OSL
2818.selornews.com/script.js?slug=common-adult-player
45.133.44.20200 OK 6.4 kB URL HTTP/2 2818.selornews.com/script.js?slug=common-adult-player
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type C source, ASCII text, with very long lines (349)
Hash d9b0c635d3d0bc00a185fb24e493eaf6
933cc39e9af57b809e594b4e1919a3fbb71f6c29
de7b5470a8b68ae20c4a877e1cef19ba85552c8109ffa3e7d3b5d0831064fc80
GET /script.js?slug=common-adult-player HTTP/1.1
Host: 2818.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 6399
server: nginx/1.22.0
cache-control: max-age=172800
etag: d9b0c635d3d0bc00a185fb24e493eaf6
last-modified: Sun, 06 Nov 2022 11:52:30 GMT
x-timestamp: 1667735549.83703
x-trans-id: tx50484b8c54bb4878bfb94-006367a21d
x-openstack-request-id: tx50484b8c54bb4878bfb94-006367a21d
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
2818.selornews.com/dannig/common-adult-player/css/style.css
45.133.44.20200 OK 22 kB URL HTTP/2 2818.selornews.com/dannig/common-adult-player/css/style.css
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (2400)
Hash 526b5851d4063923ccfbe471143f0932
2b9f3bc80dd94e6d68d642bf68a5cc0d39085b9e
6ac4c4456c0595d52dfd20d83cd869c60dd1eeeead30b078f65d7d2dc1f33f4c
GET /dannig/common-adult-player/css/style.css HTTP/1.1
Host: 2818.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: text/css
content-length: 21671
server: nginx/1.16.1
last-modified: Mon, 23 Nov 2020 19:32:35 GMT
etag: 526b5851d4063923ccfbe471143f0932
x-timestamp: 1606159954.45209
x-trans-id: tx84e0b3c37f0341fd96458-0061c43777
x-openstack-request-id: tx84e0b3c37f0341fd96458-0061c43777
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
321.selornews.com/dannig/kl1788616/files/v_F.ico
45.133.44.20200 OK 1.2 kB URL HTTP/2 321.selornews.com/dannig/kl1788616/files/v_F.ico
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 980036f765553010aef1091b9f35fc2c
44dc856cebd04eed72c818f2f82ac3f1d2f1757e
b09d778fcdb390d13abd8e529004ba61fe8114b5f7232fad6e7296ec97ccea36
GET /dannig/kl1788616/files/v_F.ico HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:02 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
server: nginx/1.16.1
last-modified: Fri, 20 Nov 2020 17:09:54 GMT
etag: 980036f765553010aef1091b9f35fc2c
x-timestamp: 1605892193.71696
x-trans-id: tx87b0d1111c8a4837ba696-0061c4377e
x-openstack-request-id: tx87b0d1111c8a4837ba696-0061c4377e
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Tue, 06 Dec 2022 22:02:02 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
194.58.108.80/KjNRwGbQ
194.58.108.80302 Found 0 B IP 194.58.108.80:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /KjNRwGbQ HTTP/1.1
Host: 194.58.108.80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _subid=s8hnpast38i7; _token=uuid_s8hnpast38i7_s8hnpast38i7638d18da1e2791.28636144; 330d8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI1NVwiOjE2NzAxOTEzMjJ9LFwiY2FtcGFpZ25zXCI6e1wiNDBcIjoxNjcwMTkxMzIyfSxcInRpbWVcIjoxNjcwMTkxMzIyfSJ9.V8jUdEbVGUyIkonsTQz17e09FM9ciJ9m_GIYqCg4mic
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 22:02:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Sun, 04 Dec 2022 22:02:03 GMT
Location: https://135.guesswhatnews.com/dannig/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&mrc=2&zoneid=1851770&tbz=1851772
Pragma: no-cache
Set-Cookie: _subid=s8hnpast38ij;Expires=Wednesday, 04-Jan-2023 22:02:03 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpast38ij_s8hnpast38ij638d18db3c2ad3.26799823;Expires=Wednesday, 04-Jan-2023 22:02:03 GMT;Max-Age=2678400;Path=/
330d8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI1NVwiOjE2NzAxOTEzMjJ9LFwiY2FtcGFpZ25zXCI6e1wiNDBcIjoxNjcwMTkxMzIyfSxcInRpbWVcIjoxNjcwMTkxMzIyfSJ9.V8jUdEbVGUyIkonsTQz17e09FM9ciJ9m_GIYqCg4mic;Expires=Friday, 08-Nov-2075 20:04:06 GMT;Max-Age=1670277723;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
194.58.108.80/KjNRwGbQ
194.58.108.80302 Found 0 B IP 194.58.108.80:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /KjNRwGbQ HTTP/1.1
Host: 194.58.108.80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _subid=s8hnpast38ij; _token=uuid_s8hnpast38ij_s8hnpast38ij638d18db3c2ad3.26799823; 330d8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI1NVwiOjE2NzAxOTEzMjJ9LFwiY2FtcGFpZ25zXCI6e1wiNDBcIjoxNjcwMTkxMzIyfSxcInRpbWVcIjoxNjcwMTkxMzIyfSJ9.V8jUdEbVGUyIkonsTQz17e09FM9ciJ9m_GIYqCg4mic
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 22:02:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Sun, 04 Dec 2022 22:02:03 GMT
Location: https://135.guesswhatnews.com/dannig/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&mrc=2&zoneid=1851770&tbz=1851772
Pragma: no-cache
Set-Cookie: _subid=s8hnpast38im;Expires=Wednesday, 04-Jan-2023 22:02:03 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpast38im_s8hnpast38im638d18dbbe5696.22173929;Expires=Wednesday, 04-Jan-2023 22:02:03 GMT;Max-Age=2678400;Path=/
330d8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI1NVwiOjE2NzAxOTEzMjJ9LFwiY2FtcGFpZ25zXCI6e1wiNDBcIjoxNjcwMTkxMzIyfSxcInRpbWVcIjoxNjcwMTkxMzIyfSJ9.V8jUdEbVGUyIkonsTQz17e09FM9ciJ9m_GIYqCg4mic;Expires=Friday, 08-Nov-2075 20:04:06 GMT;Max-Age=1670277723;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
151.101.66.217200 OK 20 kB URL HTTP/2 browser.sentry-cdn.com/7.19.0/bundle.es5.min.js
IP 151.101.66.217:0
File type ASCII text, with very long lines (62031)
Hash 1c6083f7ae34ed2fa3236569eec9ff56
0c1be1b5468042e65e02c8b886c50d26427c9ce7
2b1d69121eb9dc0629126ff02cf7acef2f1924b32b0bb654792ecd9101e10c44
GET /7.19.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Sat, 11 Nov 2023 17:34:32 GMT
last-modified: Thu, 10 Nov 2022 15:50:35 GMT
etag: "1c6083f7ae34ed2fa3236569eec9ff56"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 22:02:03 GMT
age: 2003251
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20174
X-Firefox-Spdy: h2
194.58.108.80/KjNRwGbQ
194.58.108.80302 Found 0 B IP 194.58.108.80:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /KjNRwGbQ HTTP/1.1
Host: 194.58.108.80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _subid=s8hnpast38im; _token=uuid_s8hnpast38im_s8hnpast38im638d18dbbe5696.22173929; 330d8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI1NVwiOjE2NzAxOTEzMjJ9LFwiY2FtcGFpZ25zXCI6e1wiNDBcIjoxNjcwMTkxMzIyfSxcInRpbWVcIjoxNjcwMTkxMzIyfSJ9.V8jUdEbVGUyIkonsTQz17e09FM9ciJ9m_GIYqCg4mic
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Dec 2022 22:02:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Sun, 04 Dec 2022 22:02:04 GMT
Location: https://135.guesswhatnews.com/dannig/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&mrc=2&zoneid=1851770&tbz=1851772
Pragma: no-cache
Set-Cookie: _subid=s8hnpast38iq;Expires=Wednesday, 04-Jan-2023 22:02:04 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpast38iq_s8hnpast38iq638d18dc5975d4.31448723;Expires=Wednesday, 04-Jan-2023 22:02:04 GMT;Max-Age=2678400;Path=/
330d8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI1NVwiOjE2NzAxOTEzMjJ9LFwiY2FtcGFpZ25zXCI6e1wiNDBcIjoxNjcwMTkxMzIyfSxcInRpbWVcIjoxNjcwMTkxMzIyfSJ9.V8jUdEbVGUyIkonsTQz17e09FM9ciJ9m_GIYqCg4mic;Expires=Friday, 08-Nov-2075 20:04:08 GMT;Max-Age=1670277724;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
wqzyxxrrep.com/dupa.gif?z=1851772&var=your_source_subid&pb=62727ed6f69928d9518691c0e22423111670198524&psp=orWq9V-faGU-iNALpSYn29SJUrRUOWQIyysgIRG_oe4QfKV6OKEqS4s2OptOBFwXV8ynpGSRRQHLrC3i984Uj7SBVhNNZ4EqzE_RxvGO_Pqb7UNhNPyhh0B5FYb7slZboi8rR_uGBdISFg19I6jIf7Mqt0QoMYWzMMgi058mzb8tivYnZkmRzxbn_6kgLvRVaTP148aKiNEXJpjgX5v3F7RrkYZtK5FqZWgtK2kXy7lhXnSNaDsUyI3qqiShKSIMZ2V-6p2JErMVTd0akhmq14IK6hO6-h7AOAnWBGWw3brouxB4W0bWLmblrpN1n1Y5LGvNj4YYPjMNOdkMUZodutLykPj0oCzkH6dpddckGeo1lV3tc0dTBBjNlu-LNHPIo1Sj-guIgMlr8us0n0Us0FNowO7wtMwNwgpcoIgbYJEncHVqEf5ZJlF6mSxeFC_u1dC4i0S6dRUNEVBSzP6M8LGAu8u2soYX6YPKFgtpzx6v2GIod1tjEQg7K1YtYO5XbW9kC01_w4xRUUTVOPFKGUZ7JPynsuEWbouD3aJ-jRplwEkEKTYL8Iwo0hkLvMO-ndXYWMa7EF7MLuQk7g==&abvar=0&pload=69&rlp=%5B0%2C0%2C0%2C0%2C2%2C0%2C28%2C0%5D
62.122.171.6200 OK 43 B URL HTTP/2 wqzyxxrrep.com/dupa.gif?z=1851772&var=your_source_subid&pb=62727ed6f69928d9518691c0e22423111670198524&psp=orWq9V-faGU-iNALpSYn29SJUrRUOWQIyysgIRG_oe4QfKV6OKEqS4s2OptOBFwXV8ynpGSRRQHLrC3i984Uj7SBVhNNZ4EqzE_RxvGO_Pqb7UNhNPyhh0B5FYb7slZboi8rR_uGBdISFg19I6jIf7Mqt0QoMYWzMMgi058mzb8tivYnZkmRzxbn_6kgLvRVaTP148aKiNEXJpjgX5v3F7RrkYZtK5FqZWgtK2kXy7lhXnSNaDsUyI3qqiShKSIMZ2V-6p2JErMVTd0akhmq14IK6hO6-h7AOAnWBGWw3brouxB4W0bWLmblrpN1n1Y5LGvNj4YYPjMNOdkMUZodutLykPj0oCzkH6dpddckGeo1lV3tc0dTBBjNlu-LNHPIo1Sj-guIgMlr8us0n0Us0FNowO7wtMwNwgpcoIgbYJEncHVqEf5ZJlF6mSxeFC_u1dC4i0S6dRUNEVBSzP6M8LGAu8u2soYX6YPKFgtpzx6v2GIod1tjEQg7K1YtYO5XbW9kC01_w4xRUUTVOPFKGUZ7JPynsuEWbouD3aJ-jRplwEkEKTYL8Iwo0hkLvMO-ndXYWMa7EF7MLuQk7g==&abvar=0&pload=69&rlp=%5B0%2C0%2C0%2C0%2C2%2C0%2C28%2C0%5D
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /dupa.gif?z=1851772&var=your_source_subid&pb=62727ed6f69928d9518691c0e22423111670198524&psp=orWq9V-faGU-iNALpSYn29SJUrRUOWQIyysgIRG_oe4QfKV6OKEqS4s2OptOBFwXV8ynpGSRRQHLrC3i984Uj7SBVhNNZ4EqzE_RxvGO_Pqb7UNhNPyhh0B5FYb7slZboi8rR_uGBdISFg19I6jIf7Mqt0QoMYWzMMgi058mzb8tivYnZkmRzxbn_6kgLvRVaTP148aKiNEXJpjgX5v3F7RrkYZtK5FqZWgtK2kXy7lhXnSNaDsUyI3qqiShKSIMZ2V-6p2JErMVTd0akhmq14IK6hO6-h7AOAnWBGWw3brouxB4W0bWLmblrpN1n1Y5LGvNj4YYPjMNOdkMUZodutLykPj0oCzkH6dpddckGeo1lV3tc0dTBBjNlu-LNHPIo1Sj-guIgMlr8us0n0Us0FNowO7wtMwNwgpcoIgbYJEncHVqEf5ZJlF6mSxeFC_u1dC4i0S6dRUNEVBSzP6M8LGAu8u2soYX6YPKFgtpzx6v2GIod1tjEQg7K1YtYO5XbW9kC01_w4xRUUTVOPFKGUZ7JPynsuEWbouD3aJ-jRplwEkEKTYL8Iwo0hkLvMO-ndXYWMa7EF7MLuQk7g==&abvar=0&pload=69&rlp=%5B0%2C0%2C0%2C0%2C2%2C0%2C28%2C0%5D HTTP/1.1
Host: wqzyxxrrep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Cookie: UID=221204170260b04436e48746f1b95f681c8f; OACCAP=ACJeWQAAAAAAAAAB; OACBLOCK=ACJeWQAAAABjjClQ; OXCCLK=ACJeWQAAAAAAAAAB; OXPCLK=AAJCcwAAAAAAAAAB; ppucnt=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:04 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.redirect-pixel
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
flyingadvert.com/base.php?c=1352&key=1379f7e03b73e5aafffa57ff61d560d5&zoneid=1851772
149.28.113.226302 Moved Temporarily 0 B URL HTTP/1.1 flyingadvert.com/base.php?c=1352&key=1379f7e03b73e5aafffa57ff61d560d5&zoneid=1851772
IP 149.28.113.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /base.php?c=1352&key=1379f7e03b73e5aafffa57ff61d560d5&zoneid=1851772 HTTP/1.1
Host: flyingadvert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 04 Dec 2022 22:02:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=m76qp70mm8f1h2smssikjf8dv7; path=/
cpvlabclick=ZWttd3BkdHlfMTM1Ml84NDE1Xzg0MTZfMTk4MDYwNDc1Xzg%3D; expires=Tue, 03-Jan-2023 22:02:04 GMT; Max-Age=2592000
cpvlablevel=1; expires=Tue, 03-Jan-2023 22:02:04 GMT; Max-Age=2592000
cpvlabclicks=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Location: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5cab9becd03b82ef21a174d1037e050c
e505442fe75c75809ac99a196816e05b2917fb69
b2153253e62a7e4fc38b3be03beed3d479b203ceff18b0fd67e80eb627e9bd75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127742
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:02:05 GMT
Etag: "638c68db-117"
Expires: Tue, 06 Dec 2022 09:31:07 GMT
Last-Modified: Sun, 04 Dec 2022 09:31:07 GMT
Server: nginx
Content-Length: 279
surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
172.67.180.143200 OK 3.9 kB URL HTTP/2 surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
IP 172.67.180.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3322)
Hash 7c724fb2fb67b85ef2ad23df3f445a44
97db8a218647090ccfc3cae6b5b51ca64662979c
2f4f6f11eb6eee4f620387f5e57fb60ae24cc4a42d15f23ee65847da5f8148f2
GET /D-ALL.C1/index-no.htm?zoneid=1851772 HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: text/html
last-modified: Wed, 13 Feb 2019 09:36:54 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlxHb0OBHaH55dF11x5Q6hzOC7Ic8FWBz6P4moTDLlPNZH0JKl%2Fx7IxJsl40Fu0o%2B13OSRxOFsOGqIxsQJ5LGRaxAMh%2F8XoX0VHOs2t9%2Fd0nfcuxv9UNVTYlJfgOEFI3c8Oi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7747d3074e231c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
surveyonline.top/D-ALL.C1/Image/1.jpg
172.67.180.143200 OK 20 kB URL HTTP/2 surveyonline.top/D-ALL.C1/Image/1.jpg
IP 172.67.180.143:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash c80d781982ab474451d0bbae18e12a9e
f121330f3a314cada512de73d57e071b33278890
16b7197b74d5a5957e025e04aec1f4c71a46351091a81600c2b1f0e3ef4253f4
GET /D-ALL.C1/Image/1.jpg HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: image/jpeg
content-length: 19573
last-modified: Wed, 13 Feb 2019 09:36:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4317
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfL%2Bb8Mk99CHRt4UrywYvyvJA9VEV805%2BrkRspL6kWvQClPHo0EziGEZ2BRk54PvZQkeZh1kjRmjhHZura0a52hdzIyhxRBYIBskatxdD7JCr46H32ZWklg%2Bo3PdYqgZFyd%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7747d30928c91c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
surveyonline.top/D-ALL.C1/Image/2.jpg
172.67.180.143200 OK 22 kB URL HTTP/2 surveyonline.top/D-ALL.C1/Image/2.jpg
IP 172.67.180.143:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 5da8a727e4802bd16b25a13ff8ecaa82
6bc0383fd25caae1427daa3c7114d0bc6a9f7203
e81cd747ae740605fe5c7dcb3bca1ae44aa69b050c2311631575ae8e81959ac1
GET /D-ALL.C1/Image/2.jpg HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: image/jpeg
content-length: 21500
last-modified: Wed, 13 Feb 2019 09:36:06 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4317
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8K2zn%2Bes067JpEXzQC%2Bqs1YKlzHIX5QG%2BR6fzMtnkFjizixdQslhdCT4KJtZnyK1c0YtkXDKyWIcNRlLGgc9txs%2FIGGMS8VVUhO2QAqn0HHyXmNe%2BU364HdGlQLMd%2FyHH2o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7747d30928d11c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
surveyonline.top/D-ALL.C1/CSS/bootstrap.47407f28f6b047490b60b0854c97a929.css
172.67.180.143200 OK 119 kB URL HTTP/2 surveyonline.top/D-ALL.C1/CSS/bootstrap.47407f28f6b047490b60b0854c97a929.css
IP 172.67.180.143:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 119 kB (119439 bytes)
Hash c007c37c6673ffdd701ec62f938b10bd
1fb3b405958878f794ca772271ad3ce00fada0af
fd5890426efe2ac04f1b084b9601f4662116824dae452661bd53c8a3a3289d91
GET /D-ALL.C1/CSS/bootstrap.47407f28f6b047490b60b0854c97a929.css HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: text/css
last-modified: Wed, 13 Feb 2019 09:35:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2q776tjfCHFQDfDtiI%2FjFWZMTeuu6lZmpjS5gs0Gs7v4Ivxn8vGFzyxWXOiq7FA9%2FTP18QQUVgQg7WmDW%2Bt9ZPE%2BYTb9fa4Fnbp8N4jbplYBlqfiPM5K7J1K4iGaqyw9MiHe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7747d30918bd1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
surveyonline.top/D-ALL.C1/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css
172.67.180.143200 OK 716 B URL HTTP/2 surveyonline.top/D-ALL.C1/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css
IP 172.67.180.143:0
File type ASCII text, with very long lines (500), with no line terminators
Hash 8acdff1399b91bdeb9f3467cdb9addd8
fd782982641d442a8f971a2561ef6cafa4c581e4
b4381d82553b2346494dc3a64e730a756771e5c24d0b9daed72bd24a9c69da5e
GET /D-ALL.C1/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: text/css
last-modified: Wed, 13 Feb 2019 09:35:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEIgEM2rZJILAzhGwakhekKdTAlpNYVmiq2%2BZ2k5LegggdJ%2Fkhj5iYn85klWSsL3xhXv22ozQBeMFZIJRjeXeS6UA5fpCXbQ0S0NkXY0YmgK5titlLmze2idGyiZY0i8RsuD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7747d30918c21c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
142.250.74.40200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
IP 142.250.74.40:0
File type ASCII text, with very long lines (14188)
Hash 1a556334ad95f4bc3043e68e095e1d0d
95e8259189d4081d61268f5fc3cb652dfde7b626
56f74aadf033dfe5c106b0de8e77799540926ba890adbf436cf556f19fbd6a53
GET /gtm.js?id=GTM-TMR4NP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 22:02:05 GMT
expires: Sun, 04 Dec 2022 22:02:05 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:02:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/nr-768.min.js
151.101.2.137200 OK 8.6 kB URL HTTP/2 js-agent.newrelic.com/nr-768.min.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (22625), with no line terminators
Hash f609b011c4024aa0568283a441571094
994180dd4c0201a5d4c016a05617d344e3a30db3
e89e8dbcfbf23828890914f8ba633693f3ac5582770e16fde88bfc1baddea9aa
GET /nr-768.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d+0PsCK4WfWET7omx9jrK7Jla6K7sPxhdp88O6UqgNYd9BzapliyIob8+mPB7HJbHz3Mzj7kH04=
x-amz-request-id: VF43T732CFDEXJV2
last-modified: Wed, 28 Feb 2018 23:33:43 GMT
etag: "b4b84a4b4f36d13ffaa93c062b2d3e17"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 22:02:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 21
x-timer: S1670191326.939843,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 8634
X-Firefox-Spdy: h2
tsyndicate.com/api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=2022853270
136.243.134.97200 OK 35 B URL HTTP/2 tsyndicate.com/api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=2022853270
IP 136.243.134.97:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=2022853270 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:06 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: daed5f2beee149b4
set-cookie: ts_rt_e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70=AM_QaTNGTA8ZMGTIwFFjhowbMAIC; expires=Mon, 04 Dec 2023 22:02:06 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
tsyndicate.com/api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1501647036
136.243.134.97200 OK 350 B URL HTTP/2 tsyndicate.com/api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1501647036
IP 136.243.134.97:0
ASN #24940 Hetzner Online GmbH
Hash c1383c0302b035b07cdb5e537b5d5f01
cc8aec0a2aa302903f584df8dffc459dbccf20d2
56acaa6a01af2b52fa943eb1fb884d8be5a4cfdb1b45931493173d32750fce4b
GET /api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1501647036 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:06 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: e4d8f2de267a9b0a
set-cookie: ts_rt_06eb0705-463f-4b96-836b-64bf3cfa8631=AM_QaTNGTI8YNWDEsEHjBowZNgIC; expires=Mon, 04 Dec 2023 22:02:06 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 1a73f3c561ba3455b3a13e5b6904c00b
eca3706e9cc647319de80144a8c865e0149ad544
1644c73f2c7476e3764f58157ae602a9d194890268f69b505f500cdd02c9ff03
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154600
Date: Sun, 04 Dec 2022 22:02:06 GMT
Etag: "638cc872-1d7"
Expires: Tue, 06 Dec 2022 16:58:46 GMT
Last-Modified: Sun, 04 Dec 2022 16:18:58 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2A900GfUPTDv3TRpacuz3y50DBWaLyCQ--KX7ep1VJpkehKGnsSqAg==
Age: 2388
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 0d8c8d74c7b94bd88289f460cdba2eb9
aa644db8cddde09a58d0a335f9b9d19af16d64a3
ae34646163376206464588d4e68c9316ce6e129d8fcd46ae3ffffbe7fb279ac8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 22:02:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 23:30:39 GMT
Expires: Sun, 04 Dec 2022 23:30:39 GMT
ETag: "aa644db8cddde09a58d0a335f9b9d19af16d64a3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 56830a71c8e695b56ab58ae05a8bd299
288f5cb022c4d4551cca52024a0284e8c0e45bb7
b7f33d3d2dab7ad5b0d2020cf2d0ea6e8113495326a2d9572116358d516bd027
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:02:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 07:46:37 GMT
Expires: Fri, 09 Dec 2022 07:46:36 GMT
Etag: "288f5cb022c4d4551cca52024a0284e8c0e45bb7"
Cache-Control: max-age=380069,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7747d30cc96eb4ee-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4e6f0611ca719cd6aaeaef106b7759c6
daca1e5f081468d9d99d76983843ca8d7cd5f342
d73d61b82828787671a243330c8ba408aa077b1d7f033a5deb24c1e941059a4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5366
Cache-Control: max-age=93507
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:02:06 GMT
Etag: "638bce2b-1d7"
Expires: Tue, 06 Dec 2022 00:00:33 GMT
Last-Modified: Sat, 03 Dec 2022 22:31:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3>mcb=1537977451
3.217.214.189200 OK 2 B URL HTTP/2 ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3>mcb=1537977451
IP 3.217.214.189:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /adv_ret/?adv_pixel_id=861&nid=3>mcb=1537977451 HTTP/1.1
Host: ads.traffichunt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:06 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: new_adx_profile_guid=5554de67-5ec6-4c71-9906-bdb3e6c15af0;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_daily_rt_0=861;Max-Age=7073;Path=/;SameSite=None; Secure
new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure
3.adx_rt_0=861; Max-Age=7776000; Expires=Sat, 04 Mar 2023 22:02:06 GMT; Path=/
3.adx_daily_rt_0=861; Max-Age=7073; Expires=Sun, 04 Dec 2022 23:59:59 GMT; Path=/
adx_profile_guid=5554de67-5ec6-4c71-9906-bdb3e6c15af0; Max-Age=7776000; Expires=Sat, 04 Mar 2023 22:02:06 GMT; Path=/
X-Firefox-Spdy: h2
main.exoclick.com/tag.php?goal=5ca8b60d120434a1134c010ca6272da6>mcb=789701750
95.211.229.245200 OK 20 B URL HTTP/1.1 main.exoclick.com/tag.php?goal=5ca8b60d120434a1134c010ca6272da6>mcb=789701750
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=5ca8b60d120434a1134c010ca6272da6>mcb=789701750 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:02:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83337%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-04%22%3B%7D%7D; expires=Mon, 04 Dec 2023 22:02:06 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
surveyonline.top/D-ALL.C1/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js
172.67.180.143200 OK 720 B URL HTTP/2 surveyonline.top/D-ALL.C1/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js
IP 172.67.180.143:0
File type CSV text\012- , ASCII text
Hash 723577f380b883721dca5bee313a1937
6a0e466545db39fe8a754918edb29c089e8db5ea
60e4c7774ec11b0294dabfdeec0013bd45d4192b43fda070c2b8672ba1e40e0d
GET /D-ALL.C1/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: application/javascript
last-modified: Wed, 13 Feb 2019 09:37:07 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpN3tJ%2B478POOxycKLQB2S%2FA435VQvntZuLkpvgGCIiJ5kU1G%2BREfEKbTErLiys%2BHV3fEdjS8jHL%2BrIsrp5qcrJtOHCuAOwJlmtkm%2BU%2BA62II6mx9HBG2CadXBPu%2Fnma89nW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7747d30928c71c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
main.exoclick.com/tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f>mcb=1558818631
95.211.229.245200 OK 20 B URL HTTP/1.1 main.exoclick.com/tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f>mcb=1558818631
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f>mcb=1558818631 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:02:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71475%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-04%22%3B%7D%7D; expires=Mon, 04 Dec 2023 22:02:06 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
surveyonline.top/D-ALL.C1/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js
172.67.180.143200 OK 0 B URL HTTP/2 surveyonline.top/D-ALL.C1/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js
IP 172.67.180.143:0
GET /D-ALL.C1/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: application/javascript
last-modified: Wed, 13 Feb 2019 09:37:01 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VUNXyU%2BZknYsczRJjlE8YEF1765E87aW%2Fu6dv1XhovGpRPrMJ2g%2BWAudZ%2FjcbaHOry6zNfW5Uo1MrtUiMEG7gzq85sYEYQY%2BTph23xKBgZi3bBBgts1yh6j0hdrTCpAN3%2Fm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7747d30918bc1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
surveyonline.top/D-ALL.C1/Javascript/jquery.695b55bf947b588e5fad6be1acfdc1f6.js
172.67.180.143200 OK 0 B URL HTTP/2 surveyonline.top/D-ALL.C1/Javascript/jquery.695b55bf947b588e5fad6be1acfdc1f6.js
IP 172.67.180.143:0
GET /D-ALL.C1/Javascript/jquery.695b55bf947b588e5fad6be1acfdc1f6.js HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: application/javascript
last-modified: Wed, 13 Feb 2019 09:37:05 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1240
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ssnk4qOKRDbgfpBh8tLSUhOp8CzqvUevDLZiNeKPmwH93TGJc21Ed1zlwlNjGOYpS3AW3l8eoKGm6sThJm9LjSZFIaPSr%2B%2BR8LJANOPXwQUTqvNw3Zv1lsTpJWIfv9yJs7LS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7747d30928c41c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzak.fun/
188.114.97.1302 Found 0 B IP 188.114.97.1:0
GET / HTTP/1.1
Host: tzak.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/html; charset=UTF-8
location: https://news-gakemi.com/tds.php?sid=8019817&p1=s8hnpast38hn&domain=news-gakemi.com
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Sun, 04 Dec 2022 22:01:59 GMT
pragma: no-cache
set-cookie: _subid=s8hnpast38hn;Expires=Wednesday, 04-Jan-2023 22:01:59 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpast38hn_s8hnpast38hn638d18d7605e29.24728987;Expires=Wednesday, 04-Jan-2023 22:01:59 GMT;Max-Age=2678400;Path=/
330d8=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjc4NFwiOjE2NzAxOTEzMTl9LFwiY2FtcGFpZ25zXCI6e1wiMTg4XCI6MTY3MDE5MTMxOX0sXCJ0aW1lXCI6MTY3MDE5MTMxOX0ifQ.s3jLaQuAOpP-z4NjeeecGEPJatP9gQcbRJsW1aNgVgA;Expires=Friday, 08-Nov-2075 20:03:58 GMT;Max-Age=1670277719;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2%2BgbusgChNNooI6gJM4i66L%2BlssPRTdT1QbrSnEm%2FdUgE6HJ5vBVCOFBalE%2FSKcRbXezxiltlMt1OfmnceiYb4aVj%2BnFtZE%2BFng6%2BZbDX5m7dG%2FslIeGRjUqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7747d2e1ab450b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
172.99.190.180200 OK 0 B URL HTTP/2 news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4= HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8; expires=Sun, 04-Dec-2022 23:01:59 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
172.99.190.180200 OK 0 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
tfosrv.com/retargeting.js?id=981>mcb=1920014063
216.18.168.29200 OK 0 B URL HTTP/1.1 tfosrv.com/retargeting.js?id=981>mcb=1920014063
IP 216.18.168.29:0
GET /retargeting.js?id=981>mcb=1920014063 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:06 GMT
content-type: text/javascript
transfer-encoding: chunked
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
x-request-id: 638D18DE-D812A81D01BB75D4-E36A778
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
172.99.190.180200 OK 0 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/premium-modals.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-3957"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
1.news-gakemi.com/traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38
172.99.190.180200 OK 0 B URL HTTP/2 1.news-gakemi.com/traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
GET /traffback.php?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=&land=38 HTTP/1.1
Host: 1.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
wqzyxxrrep.com/1851772/?var={your_source_subid}
62.122.171.6200 OK 0 B URL HTTP/2 wqzyxxrrep.com/1851772/?var={your_source_subid}
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1851772/?var={your_source_subid} HTTP/1.1
Host: wqzyxxrrep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://135.guesswhatnews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-route-id: check.sumbit.dl
set-cookie: UID=221204170260b04436e48746f1b95f681c8f; Path=/; Expires=Mon, 04 Dec 2023 22:02:04 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
172.99.190.180200 OK 0 B URL HTTP/2 2.news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/show_new.css HTTP/1.1
Host: 2.news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:01 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-1327c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
172.99.190.180200 OK 0 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/playlist-base.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-6aa0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
172.99.190.180200 OK 0 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/header.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-10b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
surveyonline.top/D-ALL.C1/CSS/style.a699b1caf61e690ba1b00116d51c9269.css
172.67.180.143200 OK 0 B URL HTTP/2 surveyonline.top/D-ALL.C1/CSS/style.a699b1caf61e690ba1b00116d51c9269.css
IP 172.67.180.143:0
GET /D-ALL.C1/CSS/style.a699b1caf61e690ba1b00116d51c9269.css HTTP/1.1
Host: surveyonline.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://surveyonline.top/D-ALL.C1/index-no.htm?zoneid=1851772
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:02:05 GMT
content-type: text/css
last-modified: Wed, 13 Feb 2019 09:36:00 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgIOPRiYnynuKlyAUO2X0duJCwwY0DmRfQBTlREewCTD8wldOjWx8IcRPnu4TzzxzkRbI3jCb5CZtJyF2qHpxNf%2FLhHdsGupKv6qEC%2BS56TkC1e9o2ZawL5p6Wd0%2Bp8qOh6e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7747d30918c31c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
172.99.190.180200 OK 0 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
Analyzer Verdict Alert fortinet Malware
GET /lands/38/landings/Ihyam_7H2-fd/sweetalert2.all.min.js HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2019 09:25:04 GMT
etag: W/"5d7a0ef0-f889"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
wqzyxxrrep.com/submit.min.js?abvar=
62.122.171.6200 OK 0 B URL HTTP/2 wqzyxxrrep.com/submit.min.js?abvar=
IP 62.122.171.6:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /submit.min.js?abvar= HTTP/1.1
Host: wqzyxxrrep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=221204170260b04436e48746f1b95f681c8f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:02:04 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-85d9"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
172.99.190.180200 OK 0 B URL HTTP/2 news-gakemi.com/lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css
IP 172.99.190.180:0
ASN #63023 AS-GLOBALTELEHOST
GET /lands/38/landings/Ihyam_7H2-fd/index.php_files/commons.css HTTP/1.1
Host: news-gakemi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news-gakemi.com/lands/38/?site=8019817&sub1=s8hnpast38hn&sub2=&sub3=&sub4=
Cookie: clickdata=ODAxOTgxN3w6fDM4fDp8czhobnBhc3QzOGhufDp8fDp8fDp8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:01:59 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 11:10:28 GMT
etag: W/"61deb724-2f3dd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2