racaty.io/aw1mqfize2ol
188.114.96.1301 Moved Permanently 238 B IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6003b46ddf33c310242f0b022616aedc
ea7edce0324c83c0668c3bef05d3e6589d018588
25908fb9b06b0f71171e57ab98b5884c0f03c111a420c1f1e272ec0c5d8624d6
GET /aw1mqfize2ol HTTP/1.1
Host: racaty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 09:42:47 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Location: https://racaty.io/aw1mqfize2ol
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDkuaTQ1ioIJ6HpedNu3hYfS6cfT93LnQd9x36S8Rw%2B97%2BJaoxj%2F5gmtBpPPYy9%2BZgEJapE9PDnYB4l39VG3XXkUF5LjQWyKjW9YbxmG79lArmVnmKKvb2yATO8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774bd5706ce5b4fd-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2912
Expires: Mon, 05 Dec 2022 10:31:19 GMT
Date: Mon, 05 Dec 2022 09:42:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2449
Cache-Control: max-age=91759
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:12:06 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2619
Expires: Mon, 05 Dec 2022 10:26:26 GMT
Date: Mon, 05 Dec 2022 09:42:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 09:20:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1352
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tiFdWBG/s3e3K6hv6OKNeppMy+XFFU1z/of/H4J7CqAEPwR8M3pGndsFZ8VmeCl74DZT9zN4tlY=
x-amz-request-id: RNYXKF1TZ1EERZP3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 08:47:21 GMT
age: 3326
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/lIWNt6JuKbg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lIWNt6JuKbg
IP 142.250.74.131:0
Hash 50601c79bc67c02834e9552be473e987
ff7f7ca244b952879a11b217e4d3892c8f85f31a
8bf2f66208ea508b1594d10cc26850b91e0fb949009e2d3c07534ce7eaec049f
POST /s/gts1p5/lIWNt6JuKbg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/lIWNt6JuKbg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lIWNt6JuKbg
IP 142.250.74.131:0
Hash 50601c79bc67c02834e9552be473e987
ff7f7ca244b952879a11b217e4d3892c8f85f31a
8bf2f66208ea508b1594d10cc26850b91e0fb949009e2d3c07534ce7eaec049f
POST /s/gts1p5/lIWNt6JuKbg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 24 kB IP 142.250.74.131:0
Hash 65921ed4c01d6934b6e8fd5a6a56c88e
70b4dd40a29084318d7f5f7f5a7bb37bfd557d89
533df83446e69224d24105426de3190943da5f2db8b6512388db0f3b5374b33e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
racaty.io/aw1mqfize2ol
188.114.96.1200 OK 46 kB IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42357)
Hash c4f28e8847f5ff421246b1d6c8c975fa
bf5b2c4d3e32c39410e436a30f3038445150f7ab
c9badd1159efb553c4409d98d5a8908dd75fb76c6dadffc3902a15a3cf03c4dd
GET /aw1mqfize2ol HTTP/1.1
Host: racaty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 05 Dec 2022 09:42:47 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
expires: Sun, 04 Dec 2022 09:42:47 GMT
set-cookie: lang=english; domain=.racaty.io; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ODy5DjbZMT2nYxA53dfGurn8Zj1PO3ySol%2BT4wPnOcJh417B5R%2B1fP1%2BJ9Xgx%2F1VpQ%2BTZ0MnOVkv4qJOm%2BT9QesFo1OcEWrac8x0Kcu30IaEVJQVqlyh4noFpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774bd57269621c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33002e87ed87cec83ec76bdfe55cb33a
a2dafcefab949833412ab20508096c9974b9e359
f73d30247eb325d9dc9531381224e8942b39b56c264ade1618855f1fad9eda2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3358
Cache-Control: max-age=98051
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Etag: "638c8bfc-1d7"
Expires: Tue, 06 Dec 2022 12:56:58 GMT
Last-Modified: Sun, 04 Dec 2022 12:01:00 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat|Quicksand:400,500,700&display=swap
142.250.74.74200 OK 13 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat|Quicksand:400,500,700&display=swap
IP 142.250.74.74:0
Hash ea5a32f3bdada81c6781ae30c8bc0589
26f66ec4d373186c6aa5434bfaf0e67f98073968
9affc601b4a4fd0cffb900ef6ce593f581800d8f342a2355386fece5701878db
GET /css?family=Montserrat|Quicksand:400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 09:42:47 GMT
date: Mon, 05 Dec 2022 09:42:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FofficialRacaty%2F&width=670&layout=button_count&action=like&size=small&share=true&height=46&appId
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FofficialRacaty%2F&width=670&layout=button_count&action=like&size=small&share=true&height=46&appId
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FofficialRacaty%2F&width=670&layout=button_count&action=like&size=small&share=true&height=46&appId HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Rnwn7278pv8NNbgyPyt2s+4kFfCtCu1D88n3/cXZ88IJ/Iiwz5txae+MGgVQnvh5ukjRcEe3Us+5UenlHLu2wg==
content-length: 0
date: Mon, 05 Dec 2022 09:42:47 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://racaty.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:56:29 GMT
expires: Fri, 01 Dec 2023 21:56:29 GMT
cache-control: public, max-age=31536000
age: 301578
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1774
Cache-Control: max-age=126710
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 20:54:37 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1774
Cache-Control: max-age=126710
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 20:54:37 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4221
Cache-Control: max-age=129156
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 21:35:23 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (57791)
Hash f7ec1f608a6644d182a2aef3308d3fc1
504609ff13eb3af8a2364b6753f73bc3ad3b4e1b
398376b9590200f385c71475b834492c281ce9cd34bc137a57f087e7a65bd7fb
GET /ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 09:42:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 13537
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-e2d8"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 21127364
expires: Sat, 25 Nov 2023 09:42:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eq11LKJDWq%2FlPFY0f6IfyVAs0bThW4QQnOp1FDylTYi5yqUVKTQuPum2m5%2FgH%2BKx4sQwSHMMylPOaoA%2BO8YBi5VkLWzLoZx8ftZkO9fRAl4PUzUCy8XRV9BA7fK%2FXIe5%2BUV7NgCM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774bd5758d16b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1774
Cache-Control: max-age=126710
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 20:54:37 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
104.17.24.14200 OK 6.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20831)
Hash 368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102
GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 09:42:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 317762
expires: Sat, 25 Nov 2023 09:42:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsIGLKEFO0Z7G%2BmMTWStkIGQRIJ24zPjxFrB2riHDAzQqntYIX18yMtDRHeOnwOXatDZhYbf18uHXYdSkrWNOySORI2oUBDpseoJn9ZLGZvIIOlOLr57Kts6djhOyRoKoKq%2Fl%2Bql"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774bd5759d2bb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33002e87ed87cec83ec76bdfe55cb33a
a2dafcefab949833412ab20508096c9974b9e359
f73d30247eb325d9dc9531381224e8942b39b56c264ade1618855f1fad9eda2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4444
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:47 GMT
Last-Modified: Mon, 05 Dec 2022 08:28:43 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
172.217.21.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:29:29 GMT
expires: Wed, 29 Nov 2023 13:29:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 504798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.4/clipboard.min.js
104.17.24.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.4/clipboard.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (10645)
Hash 3a22bcc6c05a8cbf8909ede597f5367d
a230ada58d7db9020ceed9d993b5c9925c162c94
e13ba0e04c4706a07074d16b322d76631e957685ec6d5ca7c5c43e1e84ec87a1
GET /ajax/libs/clipboard.js/2.0.4/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 09:42:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 2976
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e29-2a02"
last-modified: Mon, 04 May 2020 16:09:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 318763
expires: Sat, 25 Nov 2023 09:42:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJltUxm%2B24pUpH7acn8xcMM8r4U3q1FD2dg9oS%2BbvWGq3Lsc%2BoLeWm9ooCBWT1fYyko9Cu5f3dlNcVeDcH3H2kRlMxztRIiZpEU82wmpTVfrELyATLY2VoFQom2Fm63n%2F5IY5OVL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774bd575bd44b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aed0c7f93e6e0587d7e1c5918f4a3765
c4d31c932c3fa1374fcdb8aefe4d8d353a92f207
32c25a28eec56f9d8055455d70b35046595e41fb34888c4ed4c23ed735427edd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32C25A28EEC56F9D8055455D70B35046595E41FB34888C4ED4C23ED735427EDD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17277
Expires: Mon, 05 Dec 2022 14:30:44 GMT
Date: Mon, 05 Dec 2022 09:42:47 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/jquery-backstretch/2.0.3/jquery.backstretch.min.js
104.17.24.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-backstretch/2.0.3/jquery.backstretch.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (3909)
Hash 1767f41cedce70298bf986847f55dbba
307c8be6864bc709e03c3163156aa9e2195de5f5
eb24bf2d83e4b6159f9d0a1732cd66904e66dba2d4bd8544d3385638196b62f3
GET /ajax/libs/jquery-backstretch/2.0.3/jquery.backstretch.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 09:42:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 1478
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-fcf"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1079788
expires: Sat, 25 Nov 2023 09:42:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4g%2BkVOMMx%2FLLaitTHFiixQBMCv7hBRibTOElPwChszGDjAAvi%2FZiRKx7HmVWVRfV5dw3%2F0ccKB7L3Mmk2pVKxrSyktOqKWrhxeKKu7wroTzcjiDxNooSW9Ns4vzwi42Siprje4l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774bd5761dbab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1775
Cache-Control: max-age=126710
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:48 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 20:54:38 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 09:11:19 GMT
cache-control: public,max-age=3600
age: 1889
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
lingerincle.com/tt9osMfFQziLr81/55932
23.109.87.184200 OK 25 B URL HTTP/1.1 lingerincle.com/tt9osMfFQziLr81/55932
IP 23.109.87.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tt9osMfFQziLr81/55932 HTTP/1.1
Host: lingerincle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 09:42:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://racaty.io
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 06-Dec-2022 09:42:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 06-Dec-2022 09:42:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:48 GMT
Etag: "638c632b-1d7"
Last-Modified: Mon, 05 Dec 2022 09:02:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc9c7d1e0b5f16daea1e27e3beb2423d
abc7cefe184edecb5f7a2009a3171a23f1288ac5
9b2ac898f9b0f382e82550b970a44d478e94b008f8e539342e6986c3d32dc439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B2AC898F9B0F382E82550B970A44D478E94B008F8E539342E6986C3D32DC439"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18240
Expires: Mon, 05 Dec 2022 14:46:48 GMT
Date: Mon, 05 Dec 2022 09:42:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc9c7d1e0b5f16daea1e27e3beb2423d
abc7cefe184edecb5f7a2009a3171a23f1288ac5
9b2ac898f9b0f382e82550b970a44d478e94b008f8e539342e6986c3d32dc439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B2AC898F9B0F382E82550B970A44D478E94B008F8E539342E6986C3D32DC439"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3374
Expires: Mon, 05 Dec 2022 10:39:02 GMT
Date: Mon, 05 Dec 2022 09:42:48 GMT
Connection: keep-alive
louchees.net/tag.min.js
139.45.197.236200 OK 23 kB IP 139.45.197.236:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 391a9fe961c74a035ed5ac424bfc5fb2
65bf15f254531c80c76212bb6d3c5f33d6a501ee
73f16b3e042c5e5f34570279688fb08577d95105d0707d1a21b11c0c1524dcfb
GET /tag.min.js HTTP/1.1
Host: louchees.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 23393
content-encoding: br
x-trace-id: b64ff463152d0eefdaaacdba1681ae62
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 02 Dec 2022 10:20:03 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 1.0 kB IP 93.184.220.29:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 49b2ab3856c168526495f9c33aca5cbf
fcd86cdc2acb68e7e79904f8a18de9d24e41647a
17587f10c4f0e2d94cf437aa17ad2b631412c351c6fd2b8dbd5f6fc71f1733b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 198
Cache-Control: max-age=167965
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:48 GMT
Etag: "638da96f-118"
Expires: Wed, 07 Dec 2022 08:22:13 GMT
Last-Modified: Mon, 05 Dec 2022 08:18:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash feada0c59c0eaab85490c6c8a7bcdd19
067889598d6125a945f0f7815a03328b62e9d139
18d3562684c32ed7b8d7cf02c853d8f1f08bf1074151891d9b756d14fdddfa1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18D3562684C32ED7B8D7CF02C853D8F1F08BF1074151891D9B756D14FDDDFA1F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6568
Expires: Mon, 05 Dec 2022 11:32:16 GMT
Date: Mon, 05 Dec 2022 09:42:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 1.1 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f096b7c7dc53aca1d032a61f3430c240
4cd860eb11fbef9370b2b209c50b76f1351349fd
6420f97ba02a5c87ee490de3a629beec39abfc0558e9d83012f3ce89b15f0e54
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E2DF8A8CD476B6F533878D21F8363FA3A1BF5E932E75AE56A74887D3DFA17F2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13246
Expires: Mon, 05 Dec 2022 13:23:34 GMT
Date: Mon, 05 Dec 2022 09:42:48 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=74a24af35273435aa2afab718d9477c4
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=74a24af35273435aa2afab718d9477c4
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7b845b9849d5a0308d48b62b6d0c4eda
47c71824fddc96e61b5c4e80c8b10c762e4684f0
d62b245ef849254e20d7b1234e81f67968bcf806aaccb5345147b1996f368961
GET /gid.js?userId=74a24af35273435aa2afab718d9477c4 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:48 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://racaty.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 461a184573da704ca2779f0b342dc163
52d2690d15cbc73e6c89b7feba251ad569b75171
51758ea2c2937b60603f396128aacbecc6c494f1f7708cb1d2c98430f5866b46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1594
Cache-Control: max-age=169361
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:48 GMT
Etag: "638da96f-118"
Expires: Wed, 07 Dec 2022 08:45:29 GMT
Last-Modified: Mon, 05 Dec 2022 08:18:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rPcw8/4kC0nDPmwPHZOLqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZXREMqyQ9lR52e2YH475kFq69b8=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nanouwho.com/1?z=3976876
139.45.197.242200 OK 24 kB IP 139.45.197.242:0
File type ASCII text, with very long lines (16471)
Hash 990efc4117c6962af332d4acdc4e3c48
1b3a5204ca4d70d3c910bdfffa9fcff687e346e5
bcef85d311e6029ec56bdb629bab5167c4bdfdf031ce57418eefade535141716
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=3976876 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:48 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9db21998fa620ba81b2c09fc980f77af
access-control-expose-headers: X-Sc
x-sc: rAanIwI-uGcbwzyWg8krnqUB6706Z6ISZjucTBduBLNLOUhdHTK3x6iHtYrnfs9LEmKO2b8KAbrGcHX5EDY7lVV1K3o=
set-cookie: scm=1; expires=Tue, 05 Dec 2023 09:42:48 GMT; secure; SameSite=None
OAID=164486c6a39e47d88654ff16139d7e1f; expires=Tue, 05 Dec 2023 09:42:48 GMT; secure; SameSite=None
oaidts=1670233368; expires=Tue, 05 Dec 2023 09:42:48 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 09:42:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 791af1d2c062c4081d2631131553e28f
55851199bb8b1ec3359c7b0cff5819143087229d
cb918e321ae3fd08c37070bfe8d16376fc8862713adf7d8cadebfc787ac09446
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB918E321AE3FD08C37070BFE8D16376FC8862713ADF7D8CADEBFC787AC09446"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10432
Expires: Mon, 05 Dec 2022 12:36:41 GMT
Date: Mon, 05 Dec 2022 09:42:49 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 09:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=358827,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774bd57d4d64b50b-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 05 Dec 2022 09:42:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://racaty.io
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
nanouwho.com/9?z=3976876&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=74a24af35273435aa2afab718d9477c4
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=3976876&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=74a24af35273435aa2afab718d9477c4
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=3976876&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=74a24af35273435aa2afab718d9477c4 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://racaty.io/
Origin: https://racaty.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://racaty.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=3404031285&z=3976876&b=12985214&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=97
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=3404031285&z=3976876&b=12985214&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=97
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=3404031285&z=3976876&b=12985214&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=97 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Cookie: scm=1; OAID=74a24af35273435aa2afab718d9477c4; oaidts=1670233368
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://racaty.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f115caea6fea1601243244175a203fa0
access-control-expose-headers: X-Sc
set-cookie: OAID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:49 GMT; secure; SameSite=None
oaidts=1670233368; expires=Tue, 05 Dec 2023 09:42:49 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a74368a7c1d63f980521996cab4df3d4
e63c9e94b1bf2766f45c500ea5bdd24419f171a2
cdf274e8573ed6cd2b341d343bf620cddcb4a1ac3e38b1e88b1b3b0be26d6fae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDF274E8573ED6CD2B341D343BF620CDDCB4A1AC3E38B1E88B1B3B0BE26D6FAE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10211
Expires: Mon, 05 Dec 2022 12:33:00 GMT
Date: Mon, 05 Dec 2022 09:42:49 GMT
Connection: keep-alive
interstitial-07.com/contents/s/44/60/ce/3fc02baa1d315be9da7fc2191f/01013618323491.jpeg
139.45.197.151200 OK 22 kB URL HTTP/2 interstitial-07.com/contents/s/44/60/ce/3fc02baa1d315be9da7fc2191f/01013618323491.jpeg
IP 139.45.197.151:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 4460ce3fc02baa1d315be9da7fc2191f
776a581171820135804bbdf60bdec449fae1dcd2
275b37215ff49731e09374a189321ff6ebad1feaff3576894db40a3407a2cdc7
GET /contents/s/44/60/ce/3fc02baa1d315be9da7fc2191f/01013618323491.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=Bo3Y235ygaYEH34&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3014348056%26z%3D3976876%26b%3D12985214%26c%3D5549482%26var%3D%26d%3Dhttps%253A%252F%252Fiwantuonly.com%252Fclick.php%253Fc%253D1119%2526key%253D59mbnk099b21z773135c4542%2526c1%253D%257Bzoneid%257D%2526c2%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DDE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg%3D%3D%26bag%3DQELbe37UKoTCbvnnYVKWvA%3D%3D%26ruid%3D0b70b392-e633-4b56-a0fb-5511bdb8fae0%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fracaty.io%252Faw1mqfize2ol%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
content-type: image/jpeg
content-length: 22219
last-modified: Tue, 19 Apr 2022 02:33:24 GMT
vary: Accept-Encoding
etag: "625e1f74-56cb"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/0f/cf/5b/ac7b371a53664c533e9a935a54/0398978642804.jpeg
139.45.197.151200 OK 52 kB URL HTTP/2 interstitial-07.com/contents/s/0f/cf/5b/ac7b371a53664c533e9a935a54/0398978642804.jpeg
IP 139.45.197.151:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 0fcf5bac7b371a53664c533e9a935a54
12f1d9c6ad918eba0929130bb507954f6791c565
15ed7f621c225b221e9903bf03ab727d3210fdf7d1c26667f83a516af4cef903
GET /contents/s/0f/cf/5b/ac7b371a53664c533e9a935a54/0398978642804.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=Bo3Y235ygaYEH34&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3014348056%26z%3D3976876%26b%3D12985214%26c%3D5549482%26var%3D%26d%3Dhttps%253A%252F%252Fiwantuonly.com%252Fclick.php%253Fc%253D1119%2526key%253D59mbnk099b21z773135c4542%2526c1%253D%257Bzoneid%257D%2526c2%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DDE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg%3D%3D%26bag%3DQELbe37UKoTCbvnnYVKWvA%3D%3D%26ruid%3D0b70b392-e633-4b56-a0fb-5511bdb8fae0%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fracaty.io%252Faw1mqfize2ol%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
content-type: image/jpeg
content-length: 51609
last-modified: Tue, 19 Apr 2022 02:33:23 GMT
vary: Accept-Encoding
etag: "625e1f73-c999"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dad2710f07f8b2547b1057f90b1f00a2
80d2445584a90bab9e28e93946be42905845bb87
7d531b53c8a9ccd99bb7367f74aec208dd88d9020f8664bcc33d024a5aebf828
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D531B53C8A9CCD99BB7367F74AEC208DD88D9020F8664BCC33D024A5AEBF828"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14939
Expires: Mon, 05 Dec 2022 13:51:48 GMT
Date: Mon, 05 Dec 2022 09:42:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 09:42:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 09:42:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 09:42:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Mon, 05 Dec 2022 12:34:59 GMT
Date: Mon, 05 Dec 2022 09:42:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:26:44 GMT
age: 22565
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 43210
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 42785
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2jx-M9MgKrJXU4yYsJzWqNXwruIGhFNWkD7GcPdqddnEzcNgFw2luw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:35:35 GMT
age: 22034
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 12:09:06 GMT
age: 77623
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 25015
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 158afc39b2ea3bbca9b8d3c5ac17f50f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4991dde9e116b9362a4fdb888958ab6a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=3404031285&z=3976876&b=12985214&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=3404031285&z=3976876&b=12985214&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=3404031285&z=3976876&b=12985214&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Cookie: scm=1; OAID=74a24af35273435aa2afab718d9477c4; oaidts=1670233368
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://racaty.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2a5f409611d6a36e369cf6242b8eaa86
access-control-expose-headers: X-Sc
set-cookie: OAID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:49 GMT; secure; SameSite=None
oaidts=1670233368; expires=Tue, 05 Dec 2023 09:42:49 GMT; secure; SameSite=None
oaidvc=1; expires=Tue, 05 Dec 2023 09:42:49 GMT; secure; SameSite=None
CNT=1_v1_fiPGAAEAAACDS21v; expires=Mon, 05 Dec 2022 10:42:49 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.114%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.114%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.114%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Cookie: scm=1; OAID=74a24af35273435aa2afab718d9477c4; oaidts=1670233368; oaidvc=1; CNT=1_v1_fiPGAAEAAACDS21v
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Dec 2022 09:42:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://racaty.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e14945a06530f07b071296becc7b4b7f
access-control-expose-headers: X-Sc
set-cookie: OAID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:50 GMT; secure; SameSite=None
oaidts=1670233368; expires=Tue, 05 Dec 2023 09:42:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.115%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.115%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.115%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Cookie: scm=1; OAID=74a24af35273435aa2afab718d9477c4; oaidts=1670233368; oaidvc=1; CNT=1_v1_fiPGAAEAAACDS21v
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Dec 2022 09:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://racaty.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: b649c45e22680cf76486eb0394c12251
access-control-expose-headers: X-Sc
set-cookie: OAID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:52 GMT; secure; SameSite=None
oaidts=1670233368; expires=Tue, 05 Dec 2023 09:42:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A7.123%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A7.123%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /15?rnd=2758916184&z=3976876&var=&rb=DE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg==&ruid=0b70b392-e633-4b56-a0fb-5511bdb8fae0&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A7.123%2C%22location%22%3A%22https%3A%2F%2Fracaty.io%2Faw1mqfize2ol%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Cookie: scm=1; OAID=74a24af35273435aa2afab718d9477c4; oaidts=1670233368; oaidvc=1; CNT=1_v1_fiPGAAEAAACDS21v
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Dec 2022 09:42:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://racaty.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 3f5e1b1bd59d68fa5c574fcc185e866f
access-control-expose-headers: X-Sc
set-cookie: OAID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:56 GMT; secure; SameSite=None
oaidts=1670233368; expires=Tue, 05 Dec 2023 09:42:56 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 43131
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nanouwho.com/27/1ead059fa749da4c72410ffa55976f24
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/27/1ead059fa749da4c72410ffa55976f24
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/1ead059fa749da4c72410ffa55976f24 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Cookie: scm=1; OAID=164486c6a39e47d88654ff16139d7e1f; oaidts=1670233368
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:48 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 02 Dec 2022 03:31:44 GMT
expires: Fri, 01 Jan 2083 03:31:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=vXzdFMHWUydlOl1-wb4BNwXalSuaBDcNMtuvfIHMmDNi4Y_tg8Lea6Ix2ksRgNFBDORTqkGo7LIaImTSsp47SNk1sM7Hk2x2kFP338O2YCmTpyd2zUkDSenpcyHc6SXu_icvIghA6cOdoeeshWs1iG_LgtLu2hChfCdr-ulAL_pAKrDnfrGYi_scfvVJMch4Kv9xLrL5HahC2-yPyphJWT6vjyPzxHLgLXVs48Av5C4%3D&request_ab2=96002&zoneid=3579972&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=fd2b736f-e732-43cc-bd2e-3c55ec00b470&userId=74a24af35273435aa2afab718d9477c4&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=vXzdFMHWUydlOl1-wb4BNwXalSuaBDcNMtuvfIHMmDNi4Y_tg8Lea6Ix2ksRgNFBDORTqkGo7LIaImTSsp47SNk1sM7Hk2x2kFP338O2YCmTpyd2zUkDSenpcyHc6SXu_icvIghA6cOdoeeshWs1iG_LgtLu2hChfCdr-ulAL_pAKrDnfrGYi_scfvVJMch4Kv9xLrL5HahC2-yPyphJWT6vjyPzxHLgLXVs48Av5C4%3D&request_ab2=96002&zoneid=3579972&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=fd2b736f-e732-43cc-bd2e-3c55ec00b470&userId=74a24af35273435aa2afab718d9477c4&m=link
IP 139.45.197.243:0
GET /?rb=vXzdFMHWUydlOl1-wb4BNwXalSuaBDcNMtuvfIHMmDNi4Y_tg8Lea6Ix2ksRgNFBDORTqkGo7LIaImTSsp47SNk1sM7Hk2x2kFP338O2YCmTpyd2zUkDSenpcyHc6SXu_icvIghA6cOdoeeshWs1iG_LgtLu2hChfCdr-ulAL_pAKrDnfrGYi_scfvVJMch4Kv9xLrL5HahC2-yPyphJWT6vjyPzxHLgLXVs48Av5C4%3D&request_ab2=96002&zoneid=3579972&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=fd2b736f-e732-43cc-bd2e-3c55ec00b470&userId=74a24af35273435aa2afab718d9477c4&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://racaty.io/
Origin: https://racaty.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
content-type: application/json
x-trace-id: 33acee2a490d5f3cc34adea70c43de3a
access-control-allow-origin: https://racaty.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:49 GMT; path=/; secure; SameSite=None
oaidts=1670233369; expires=Tue, 05 Dec 2023 09:42:49 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 12 Dec 2022 09:42:49 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/9?z=3976876&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=74a24af35273435aa2afab718d9477c4
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/9?z=3976876&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=74a24af35273435aa2afab718d9477c4
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=3976876&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fracaty.io%2Faw1mqfize2ol&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=74a24af35273435aa2afab718d9477c4 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 264
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Cookie: scm=1; OAID=164486c6a39e47d88654ff16139d7e1f; oaidts=1670233368
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://racaty.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 65ab2ed04fdb3e459d3b136648612763
access-control-expose-headers: X-Sc
set-cookie: OAID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:49 GMT; secure; SameSite=None
oaidts=1670233368; expires=Tue, 05 Dec 2023 09:42:49 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=Bo3Y235ygaYEH34&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3014348056%26z%3D3976876%26b%3D12985214%26c%3D5549482%26var%3D%26d%3Dhttps%253A%252F%252Fiwantuonly.com%252Fclick.php%253Fc%253D1119%2526key%253D59mbnk099b21z773135c4542%2526c1%253D%257Bzoneid%257D%2526c2%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DDE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg%3D%3D%26bag%3DQELbe37UKoTCbvnnYVKWvA%3D%3D%26ruid%3D0b70b392-e633-4b56-a0fb-5511bdb8fae0%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fracaty.io%252Faw1mqfize2ol%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.151200 OK 0 B URL HTTP/2 interstitial-07.com/?l=Bo3Y235ygaYEH34&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3014348056%26z%3D3976876%26b%3D12985214%26c%3D5549482%26var%3D%26d%3Dhttps%253A%252F%252Fiwantuonly.com%252Fclick.php%253Fc%253D1119%2526key%253D59mbnk099b21z773135c4542%2526c1%253D%257Bzoneid%257D%2526c2%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DDE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg%3D%3D%26bag%3DQELbe37UKoTCbvnnYVKWvA%3D%3D%26ruid%3D0b70b392-e633-4b56-a0fb-5511bdb8fae0%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fracaty.io%252Faw1mqfize2ol%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.151:0
GET /?l=Bo3Y235ygaYEH34&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3014348056%26z%3D3976876%26b%3D12985214%26c%3D5549482%26var%3D%26d%3Dhttps%253A%252F%252Fiwantuonly.com%252Fclick.php%253Fc%253D1119%2526key%253D59mbnk099b21z773135c4542%2526c1%253D%257Bzoneid%257D%2526c2%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DDE1fLGccGz7ggCUB4lqebevabPeUVaire9oV7mvHDNOtObygqr95paZBCW0t5LdgroZX1lxACACulwQk7F9zh341Nwe3Kha5tuv2gGwk0tu1KfIrKb2DEnz_ng1ldyAq8gfMygB2yqiS6YfCQF4I-8FrY7J_6EgIAKck8Mx6yd8vHFeIE5BIm-hDhNnr30nQaXp8r-d6IHV7jMbUY3i3hoTvSDh11R7CaR4poVzJvX8_mip8oqEXPR9GI-rJB6430Eh0pxUFUeT4W6CTWZXiEd-IRBcTz4cdCJ-0cDIpFCFzhOoX7MNjXNwEIxpA38E2YJ9_-BQkmkYjaxaaEceRC6flLeQCI_GkC2mzH8dJbTll4kvwgunaBggl1A7CYoZJfUEM_79SRSumLS9rVB9kETvAYmhy3FZbT555R6uND7KRaLmjiDoABldqN8HK1xyBkwYaAi5T-qHT4a-DPIaCyOhuTBKu57FdBWvo57o1U4fvpfvyk_RmlnWyjOwO3uyatpmixPCzoaRqn08shKEvoYy3vIMdwTTupWe7pZAzft-RHzxHIpEqlCpMHVd6ckTSI6-MCbVyO7aru43xbqi2onj_H0icPYtF9u4GOFAAAv_iPFaQtXpegIlPO6M9f1dlg4e7sSz2PfbQ4mm5inCPyg%3D%3D%26bag%3DQELbe37UKoTCbvnnYVKWvA%3D%3D%26ruid%3D0b70b392-e633-4b56-a0fb-5511bdb8fae0%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fracaty.io%252Faw1mqfize2ol%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=hyLXXdSAikMy3Hgv5aPL6j1F3h_t65bcdDp6QTegSfo; expires=Mon, 05-Dec-2022 10:42:49 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=996137142
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=996137142
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=996137142 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:49 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d366a4e910330648851f8d4388ceea78
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
louchees.net/apu.php?zoneid=3579972&oo=1
139.45.197.236200 OK 0 B URL HTTP/2 louchees.net/apu.php?zoneid=3579972&oo=1
IP 139.45.197.236:0
GET /apu.php?zoneid=3579972&oo=1 HTTP/1.1
Host: louchees.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://racaty.io
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 09:42:48 GMT
content-type: application/json
x-trace-id: 175d97641e1cfaba3009eec190eff982
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://racaty.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=74a24af35273435aa2afab718d9477c4; expires=Tue, 05 Dec 2023 09:42:48 GMT; path=/; secure; SameSite=None
oaidts=1670233368; expires=Tue, 05 Dec 2023 09:42:48 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://racaty.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 09:42:48 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx71OVRV8Mh3PFt7TPu7BhCqho9HxhRjR8U7vAIE%2BootZ%2Fp6MmJ2vmMsHgfq39GDDUOuAMmN8UBednUxmKqEWgS1doyRDQ5UvCt3feOEYgqYVS9NV%2BTrj4Exwf8oWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774bd5784bb0b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2