detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 07 Sep 2022 05:50:46 GMT
Age: 53028
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
c1ne.co/perfumed-nightmare-1977/
104.21.235.214302 Found 693 B URL HTTP/1.1 c1ne.co/perfumed-nightmare-1977/
IP 104.21.235.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6c9c3fb00a679451606ab03c47e9e157
b68aba166b483700379337d6ebfaa78888cdadbd
07bcb0259edd6546a6fb7b1828dc870763d9a2fe0e19293813bc05dcb2e5f968
GET /perfumed-nightmare-1977/ HTTP/1.1
Host: c1ne.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 07 Sep 2022 20:34:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://c1ne.co/perfumed-nightmare-1977/
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeaEa8oS0yx8GzrgY69g1UaEhvykYZnnGVLLeLgQEJfAn4%2F3cUuYrUJa%2FXtjWSxRkdiZwUi5tJ32PZd%2BbxgyAo%2BHiZWxE1s%2B7Q1a11JEhQvkw78n9NynlNEa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 747239d71a98dd82-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d2d5a5cb5a0eb9006019ec8a8a7a60c
a97cb86a600ae223434604442f997504bc3a293b
fe016a09001e17224ac6ac11c76b7c4fa98bc99480575b6e0ae3ca22805148d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE016A09001E17224AC6AC11C76B7C4FA98BC99480575B6E0AE3CA22805148D3"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11073
Expires: Wed, 07 Sep 2022 23:39:07 GMT
Date: Wed, 07 Sep 2022 20:34:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3692
Expires: Wed, 07 Sep 2022 21:36:06 GMT
Date: Wed, 07 Sep 2022 20:34:34 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 48 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 01684b37226510e35797cf212a6ac252
e9ba6ab9cea317f0e3ffbd503f233a35b04838b1
8404ba30bebd546f4aa6291dea9e279d4ce4e1c58343ec2d9f80c8972dbe8ff1
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: 5KBMKzg4ImPL-eHMSkXfHBBtbw4Taadz2_m3N-c2YkzitLmjwDhUHg==
content-encoding: gzip
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 20:22:38 GMT
age: 717
content-type: application/json
content-length: 48115
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 48ca0beea419a9039591cf1aee5179e0
9e92629f505fcc07aab51221e8fe62197a23e307
630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 01:34:59 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i33Vm9e-_8JpR63rwbj-RBm0V9bNloZP--iE3H0mUu3SkXAd9IJ18w==
age: 69150
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 20:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: w2yjo5swsm3uxtFUyoOe3Ah3yv4mLIhMNJptzHmLIE8Pn0_2l3jNjw==
Age: 1789
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 20:34:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 07 Sep 2022 05:50:46 GMT
Age: 53029
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
cdn.statically.io/wp/c/latest/wp-includes/js/utils.min.js
151.101.85.91200 OK 838 B URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/utils.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (1831)
Hash 8b72ed00466357cc80e401f0c9320317
8ed4743389f154db2cac233a21b3420cd8bffc58
003d2efd5165ed3faee0f28d296afeec432d4fe1e72cc7b54461e88b77a33e92
GET /wp/c/latest/wp-includes/js/utils.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 40546
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52702//trunk/wp-includes/js/utils.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10027-SJC, cache-bma1665-BMA
content-length: 838
X-Firefox-Spdy: h2
cdn.statically.io/gh/fancyapps/fancybox/c4fd9037/dist/jquery.fancybox.min.css
151.101.85.91200 OK 3.1 kB URL HTTP/2 cdn.statically.io/gh/fancyapps/fancybox/c4fd9037/dist/jquery.fancybox.min.css
IP 151.101.85.91:0
File type ASCII text, with very long lines (12795), with no line terminators
Hash 3b524a08961886f9d5c0b85013a1a821
bf7815e3b12060a7f625a63aa85ecb0f1efbcf84
b799116a34584705d0ff89725209d977f15b88bfbc32764dfd401baf2301f76d
GET /gh/fancyapps/fancybox/c4fd9037/dist/jquery.fancybox.min.css HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 3743724
cache-control: public, max-age=31536000, immutable
content-type: text/css; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"bf561f438f268be58be4a7600a4b6ac6082f79cda2ccd115d1ee7cd27cabcda1"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10033-SJC, cache-bma1665-BMA
content-length: 3114
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/dist/vendor/regenerator-runtime.min.js
151.101.85.91200 OK 2.5 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 1a9939685e2b1de5332174da4b9a0427
c82fc2683aa7758eb4e8e9f0ca6df0a41b480c90
893b107d75bad0722c924b6b4025fc8b35a5ac697e6c58e038e3805c5184a238
GET /wp/c/latest/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 32363
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52724//trunk/wp-includes/js/dist/vendor/regenerator-runtime.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10020-SJC, cache-bma1665-BMA
content-length: 2465
X-Firefox-Spdy: h2
cdn.statically.io/gh/showeme/cdn/live/v.js
151.101.85.91200 OK 264 B URL HTTP/2 cdn.statically.io/gh/showeme/cdn/live/v.js
IP 151.101.85.91:0
Hash 49f8e7c2261b8b87cf35e959f9afb93b
6f0afede9af6985a881cbd715f19e88c9eb0fc64
e345f315e6d5e994389addd749259093cf2c56c098a1245b6a0ab4a8897e7206
GET /gh/showeme/cdn/live/v.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 127082
cache-control: public, max-age=31536000, immutable
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"f47e8a1f329378487b77e1bb106dfdfa6af6a85385737480dda11dde05a1420e"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10034-SJC, cache-bma1665-BMA
content-length: 264
X-Firefox-Spdy: h2
cdn.statically.io/gh/fancyapps/fancybox/c4fd9037/dist/jquery.fancybox.min.js
151.101.85.91200 OK 22 kB URL HTTP/2 cdn.statically.io/gh/fancyapps/fancybox/c4fd9037/dist/jquery.fancybox.min.js
IP 151.101.85.91:0
File type HTML document, ASCII text, with very long lines (31972)
Hash 1de978d8fb8a6ce38d172042af15c1e4
79777a8bc67f6c55a7e75c792bdeb730f474c1fa
9e23c9544edf04449f2cf2fe5d6aacfd719bfdc003ca0f8b59be90a60774f852
GET /gh/fancyapps/fancybox/c4fd9037/dist/jquery.fancybox.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 127082
cache-control: public, max-age=31536000, immutable
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"6bdb40759f03e95fd58d052e14f0ef14a5c4fc7501c9dbfda2ec002cd3c4cf5e"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10020-SJC, cache-bma1665-BMA
content-length: 22160
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/dist/vendor/wp-polyfill.min.js
151.101.85.91200 OK 7.2 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 151.101.85.91:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 20fdd0bc8e483b353158b12495949371
47614f3e778103523bd2f5729c16cc1a4a167c3c
3c8858167ce8e50a47978b820b31d27e36feaef2024146f61cba7799aea9694f
GET /wp/c/latest/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 28214
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52724//trunk/wp-includes/js/dist/vendor/wp-polyfill.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10053-SJC, cache-bma1665-BMA
content-length: 7192
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/dist/hooks.min.js
151.101.85.91200 OK 1.7 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/dist/hooks.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (4875)
Hash 5a56855f9e117e4a949ebfeb5f9a62a7
4a502590b00d4ecbfedfa98935059766f1152e52
8b5c465258fac0a61cad06fee9c8af4627ec1032bf9d25baad30782285210757
GET /wp/c/latest/wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 32029
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52724//trunk/wp-includes/js/dist/hooks.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-bma1665-BMA
content-length: 1671
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/quicktags.min.js
151.101.85.91200 OK 3.5 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/quicktags.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (11097)
Hash 454cdca7c99f9cb2fe5dc90bc98be647
202a68f36ccee1c1764d9042c2f60819ac9a8c87
057b2217887c8458de0f90f90096ea473416f49be21e0b593747b044af5f0a06
GET /wp/c/latest/wp-includes/js/quicktags.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 42715
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52702//trunk/wp-includes/js/quicktags.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10045-SJC, cache-bma1665-BMA
content-length: 3517
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/dist/dom-ready.min.js
151.101.85.91200 OK 342 B URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/dist/dom-ready.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (463)
Hash a2f81b89a5ccd5975e4eb6b837cb34a2
aa4a84ba7be8cdbf12870d3b346d5192dba81d25
6d05f33e2c1caf6a9d6dbcd36da13f93f9001d25a558213e42bbe527abc6d905
GET /wp/c/latest/wp-includes/js/dist/dom-ready.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 64161
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52724//trunk/wp-includes/js/dist/dom-ready.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10020-SJC, cache-bma1665-BMA
content-length: 342
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/wplink.min.js
151.101.85.91200 OK 3.9 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/wplink.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (11231)
Hash 0b3f8d4b44f1b02610ac073ffd2e86c9
7e04f7929fa438429fa9e4ab0ae623cecb468de4
d41d4e69b245e37526c05b19b8f8124ebb17512210d185be92432eb728c6c466
GET /wp/c/latest/wp-includes/js/wplink.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 13870
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52702//trunk/wp-includes/js/wplink.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10071-SJC, cache-bma1665-BMA
content-length: 3899
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/dist/i18n.min.js
151.101.85.91200 OK 3.9 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/dist/i18n.min.js
IP 151.101.85.91:0
Hash 51f8d4ae5c200ce345e9425a1289b58a
15b63338f2dae29542a1aa56a52529c920de0a38
fe0eb949ab20a371569217d6028dc1a6795af03f8f3f9e160a708201ed2bd5c3
GET /wp/c/latest/wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 44316
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52746//trunk/wp-includes/js/dist/i18n.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10020-SJC, cache-bma1665-BMA
content-length: 3872
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/dist/a11y.min.js
151.101.85.91200 OK 998 B URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/dist/a11y.min.js
IP 151.101.85.91:0
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash 180efd9e2edec8c28367d982bb107c17
e6373a96926853eec535c86e6e83d3fa221d19db
63092e4d05f1d8f85d883f76ca7c4b1e24922937f09737a5dfdc6198dcb929b5
GET /wp/c/latest/wp-includes/js/dist/a11y.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 84029
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52724//trunk/wp-includes/js/dist/a11y.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-bma1665-BMA
content-length: 998
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/jquery/ui/menu.min.js
151.101.85.91200 OK 3.0 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/jquery/ui/menu.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (9937)
Hash bad3fadec5f2da722f5f9faf523c05dd
126a9124bfdbf9228b1f84eb532a700633d0cf41
01cb388e2e553a6b38000d2ec58992b492d16234be2843be1356006a0d5b1d60
GET /wp/c/latest/wp-includes/js/jquery/ui/menu.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 42671
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52702//trunk/wp-includes/js/jquery/ui/menu.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10071-SJC, cache-bma1665-BMA
content-length: 3044
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/jquery/ui/autocomplete.min.js
151.101.85.91200 OK 2.9 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/jquery/ui/autocomplete.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (8339)
Hash f904b0bf070a68b5cf8fea0d9724abe1
a75ee95585b90aeae321aa427e54f8d425372932
96580676ac3c3fc36f0316f7e63f6607a6185cf0d66848de0c5c8ca4167e4e64
GET /wp/c/latest/wp-includes/js/jquery/ui/autocomplete.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 25972
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52702//trunk/wp-includes/js/jquery/ui/autocomplete.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10056-SJC, cache-bma1665-BMA
content-length: 2913
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/thickbox/thickbox.js
151.101.85.91200 OK 4.0 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/thickbox/thickbox.js
IP 151.101.85.91:0
File type HTML document, ASCII text, with very long lines (597)
Hash e2c92764fcb51e9a15fa2f62aa8ee7a8
614bed25c8fccc947da233d860d1dd944b2d4775
d6d4a538b18aec0be8fb93bbce8834c8aa0c0c210438f2c177fc0ff022692d19
GET /wp/c/latest/wp-includes/js/thickbox/thickbox.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 30715
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"53040//trunk/wp-includes/js/thickbox/thickbox.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10030-SJC, cache-bma1665-BMA
content-length: 4037
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/underscore.min.js
151.101.85.91200 OK 7.4 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/underscore.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (18876)
Hash c8e366c40b3a6aa733af35747aeada57
cc993c1ae185ea58fb423f93a44149c595aafe04
96e22602f15ba2ad38bd73b17163d3c78751a514dca8bf90dc14cf1641f66003
GET /wp/c/latest/wp-includes/js/underscore.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 11262
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"53219//trunk/wp-includes/js/underscore.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10028-SJC, cache-bma1665-BMA
content-length: 7389
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/shortcode.min.js
151.101.85.91200 OK 1.2 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/shortcode.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (2616)
Hash 7e3faf42f34c1cc8c306fffa0dcce472
d95127310dfb003eedc503f917c8217ee2de0388
14f9fc3b2f047e4c5e532c314b6b81301ea1af65d604faf4c5d5688ad536a060
GET /wp/c/latest/wp-includes/js/shortcode.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 23842
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52702//trunk/wp-includes/js/shortcode.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10063-SJC, cache-bma1665-BMA
content-length: 1151
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/comment-reply.min.js
151.101.85.91200 OK 1.4 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/comment-reply.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (2946)
Hash efe44be065ffc96cb77fb4bd01b91c15
a3ad10abab76bad6449a668afeda285a282a53f2
b550de95cf89b9599aaa8cb1b8801c87234367955b73d84af330b1e39151a0b4
GET /wp/c/latest/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 40196
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"52702//trunk/wp-includes/js/comment-reply.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-bma1665-BMA
content-length: 1357
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/tinymce/tinymce.min.js
151.101.85.91200 OK 126 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/tinymce/tinymce.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (65513)
Size 126 kB (126044 bytes)
Hash 7455f47190ed713862050479b61ea190
f71bdf12619fd3a7a618b264cfc196760d94988d
ee040ec0933bc81512fc9822f55700ee4d506e4f7a0ecfff3f6899a7c2baa23e
GET /wp/c/latest/wp-includes/js/tinymce/tinymce.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 32183
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"49295//trunk/wp-includes/js/tinymce/tinymce.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10034-SJC, cache-bma1665-BMA
content-length: 126044
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/js/tinymce/plugins/compat3x/plugin.min.js
151.101.85.91200 OK 1.7 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/js/tinymce/plugins/compat3x/plugin.min.js
IP 151.101.85.91:0
File type ASCII text, with very long lines (4129), with no line terminators
Hash 77d648257ad5505763663dc2a3804df1
ca87f7f58bd6c41311e47b1aad172c67e177655a
befa9e58f5525b6bf9b5dd425d942fb4433a702b011c93583b9114c5d6b7c9c5
GET /wp/c/latest/wp-includes/js/tinymce/plugins/compat3x/plugin.min.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 26672
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"42833//trunk/wp-includes/js/tinymce/plugins/compat3x/plugin.min.js"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10062-SJC, cache-bma1665-BMA
content-length: 1744
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 137ba61b01080f2ad962b11f3fce15e1
eddedd0e6bdaecc7b1fb114a9c2c3878c3379428
2f14b143bdea23932cf7bf8ec31733ba6f9ba470d1ba85d7510bf9617f410e10
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:34:35 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8E12A6484702D2154B4B2DB2BA41E3B30EA15303"
Expires: Thu, 08 Sep 2022 07:00:00 GMT
Last-Modified: Wed, 07 Sep 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2691
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747239dcfb731c06-OSL
cdn.statically.io/wp/c/latest/wp-includes/css/dashicons.min.css
151.101.85.91200 OK 36 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/css/dashicons.min.css
IP 151.101.85.91:0
File type ASCII text, with very long lines (58981)
Hash 7d1c37eeb31d0cdb97b101e1912f55c1
7c01fbdf46214e9dbebe0d6fe2ed03b4d1283f57
326a2a111845a7cba4d795213f40f9bd6fae254eb575ba18608ed99ae578ca7b
GET /wp/c/latest/wp-includes/css/dashicons.min.css HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 43063
cache-control: public, max-age=86400
content-type: text/css; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"50100//trunk/wp-includes/css/dashicons.min.css"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10081-SJC, cache-bma1665-BMA
content-length: 35593
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/css/buttons.min.css
151.101.85.91200 OK 1.5 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/css/buttons.min.css
IP 151.101.85.91:0
File type ASCII text, with very long lines (5819)
Hash 9bf3d93dd572000d708bda5bb883204a
8a0f019b490f3572969dc5931b922c963650274b
ba50439d87155492fb93f98b908388ea391226efdfd32d7e32183f73863bcb51
GET /wp/c/latest/wp-includes/css/buttons.min.css HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 33941
cache-control: public, max-age=86400
content-type: text/css; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"51763//trunk/wp-includes/css/buttons.min.css"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10069-SJC, cache-bma1665-BMA
content-length: 1471
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/css/editor.min.css
151.101.85.91200 OK 6.0 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/css/editor.min.css
IP 151.101.85.91:0
File type ASCII text, with very long lines (27153)
Hash c054f53143b7cc8e6941dc4440181f5d
f13a0ca8051ae4628b0c93d3a7f64a87c1beb0df
cb00660f31cd8a44a583c7fd0dcef05f0c901f83ab6bb1b4d57647ac849310fe
GET /wp/c/latest/wp-includes/css/editor.min.css HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 46477
cache-control: public, max-age=86400
content-type: text/css; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"50393//trunk/wp-includes/css/editor.min.css"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10076-SJC, cache-bma1665-BMA
content-length: 6017
X-Firefox-Spdy: h2
cdn.statically.io/wp/c/latest/wp-includes/css/dist/block-library/style.min.css
151.101.85.91200 OK 12 kB URL HTTP/2 cdn.statically.io/wp/c/latest/wp-includes/css/dist/block-library/style.min.css
IP 151.101.85.91:0
File type ASCII text, with very long lines (43771)
Hash 425691bfbe56aef8ac790a812546ee68
38e64352481d7dc1ac490f579456a28cefe26881
9fde492faf3a3bc5c83ecef6994fef7ff7e21d554a9936c3c0a00b59a3b9da7b
GET /wp/c/latest/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 38444
cache-control: public, max-age=86400
content-type: text/css; charset=utf-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"53203//trunk/wp-includes/css/dist/block-library/style.min.css"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10052-SJC, cache-bma1665-BMA
content-length: 12201
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 02f0434cd0169b15c2610d2db147a0c8
a374bdcb4c18ff7abefb16306afe910346e6be1b
7a70143ab3e753d64ecd44759ad60a0890bd493bec5cad983cd4557a26e0fec5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4811
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:34:36 GMT
Last-Modified: Wed, 07 Sep 2022 19:14:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac9221c8cb70879915f879666290400d
79e9b43d47b4136eb64f19943cedc1f5f5395bf4
94480902446145e9b7bcedd742304ed41c5be525070270a59e8bddc577da340f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94480902446145E9B7BCEDD742304ED41C5BE525070270A59E8BDDC577DA340F"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6590
Expires: Wed, 07 Sep 2022 22:24:26 GMT
Date: Wed, 07 Sep 2022 20:34:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac9221c8cb70879915f879666290400d
79e9b43d47b4136eb64f19943cedc1f5f5395bf4
94480902446145e9b7bcedd742304ed41c5be525070270a59e8bddc577da340f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94480902446145E9B7BCEDD742304ED41C5BE525070270A59E8BDDC577DA340F"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Thu, 08 Sep 2022 02:33:57 GMT
Date: Wed, 07 Sep 2022 20:34:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 19:38:18 GMT
Expires: Wed, 07 Sep 2022 19:54:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hXp-X8A7DmKpVvEJHhfTl4cbTE_qs_cwS1ZisiUDUaay8e9naSX7sQ==
Age: 3378
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
44.228.90.169200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 44.228.90.169:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Wed, 07 Sep 2022 20:34:36 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa29b2ff732f178e3313e38af69ba26c
56fe42fbe714ff8990310e62371ac1c15d4a38fd
3c009fc7b6f33a249fb4007c65cf181d37064360e192871e4159a3877870c9d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C009FC7B6F33A249FB4007C65CF181D37064360E192871E4159A3877870C9D4"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1600
Expires: Wed, 07 Sep 2022 21:01:16 GMT
Date: Wed, 07 Sep 2022 20:34:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 1.1 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ecbb4055348662b04d9ff2e31641411
492405e7adf5dae5319cb186ec34ceff4a24688b
29350f3c427d3bb7f7bbd5faddfe2bf5a19e1f8a481a3fc5c20a06fc3140b375
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D95254FAD633C9EB1F7FC23B12C281A06D0F9CDD4751A0DF5A43C3A8F191"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5404
Expires: Wed, 07 Sep 2022 22:04:40 GMT
Date: Wed, 07 Sep 2022 20:34:36 GMT
Connection: keep-alive
kickchecking.com/18/54/2d/18542d6091ed98d29c5abce862338bc2.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 kickchecking.com/18/54/2d/18542d6091ed98d29c5abce862338bc2.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37106), with no line terminators
Hash 5cb1806e6344136ffd377ea82a413d72
d3750de8b893579488d9b09be140edfa799daf72
db59067b683bae77a9c5186721d500ed9d4c561c34def33764b989f5fb927fb7
Analyzer Verdict Alert quad9 Sinkholed
GET /18/54/2d/18542d6091ed98d29c5abce862338bc2.js HTTP/1.1
Host: kickchecking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Sep 2022 20:34:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81515c104d22989e59e5ecb832122de3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:34:36 GMT
Last-Modified: Wed, 07 Sep 2022 19:32:43 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
kickchecking.com/95/3d/4f/953d4f4a90eeb0c93f8172c3df14f956.js
192.243.59.13200 OK 20 kB URL HTTP/1.1 kickchecking.com/95/3d/4f/953d4f4a90eeb0c93f8172c3df14f956.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59389), with no line terminators
Hash 1a72b196a53fa4bfb8ce81eae1617575
6f5be217b06737d565a71f144e12b1a6b41ba04b
90d1c61fc7a1e2e074e75de84219ffe84db230ed432e3e59036a5f9b2344e0ac
Analyzer Verdict Alert quad9 Sinkholed
GET /95/3d/4f/953d4f4a90eeb0c93f8172c3df14f956.js HTTP/1.1
Host: kickchecking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Sep 2022 20:34:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fcdfc7b81e190cdc91a8961f8226915c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
151.101.85.229200 OK 65 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (569)
Hash b777e6c56f5f5e872f7a5eb7127d63b0
46951718388738d642c3558022da931385284d76
c31967813ef7a58502fb0f3b95adbaacaeeefc497dae3f953cb760c47ec5351d
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.242.0
x-jsd-version-type: version
etag: W/"27996-GGqJ7B/Rn25ZlAVgS9w1JIFSkYA"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Sep 2022 20:34:36 GMT
age: 37127
x-served-by: cache-fra19151-FRA, cache-bma1669-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 65436
X-Firefox-Spdy: h2
core.arc.io/broker.html?62de60f
194.242.11.186200 OK 1.1 kB URL HTTP/2 core.arc.io/broker.html?62de60f
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (920)
Hash c6f7dd41e7754a9b6b13dd367e73164f
6f4ef31d07088087e8abce1659e4701ec0203ebd
6c5994f02576c2efcc640c37a94b827737efaa95d9b8c2425f7040ff964aee2a
GET /broker.html?62de60f HTTP/1.1
Host: core.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 786568
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: W/"61e89f9d-612"
expires: Fri, 07 Oct 2022 18:32:37 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/07/2022 18:32:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4332d9d76604d4396a688ced6eaaf197
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1a2adb6d06ff306d9d3118213e27e532
b0c6dede44100d653ac05c260c3c6a15a60f13f1
624d5505fb673fd21dacda10f774ee3d19f9c3c33db688473b3b7c55f5cc5c11
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 20:34:36 GMT
Last-Modified: Wed, 07 Sep 2022 19:21:09 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L_FEav5R9v-3hhHpRLEO_-V85jPATidKtc-oN_UjCovbGRVIsg6A_w==
Age: 4407
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash d26594c728623a5d7c7a9e5051595e04
f70b83f6513618f79544ed3ab26340839458e9a4
fef9fbf39f0dd8c3c3fc5234cf98e8bde5c8262a2bdf80e663ec511e4e7d6433
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:34:36 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FF51EB21C4B62E60B9C992131B56BF2B0EFCDAC2"
Expires: Thu, 08 Sep 2022 07:00:00 GMT
Last-Modified: Wed, 07 Sep 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1048
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747239e2faa21c06-OSL
simplewebanalysis.com/stats
52.59.153.168200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.59.153.168:0
File type ASCII text, with no line terminators
Hash abe1ad68c752590029a77c38ee232d51
88b8bd37b8918aff014e856a0a34cd3e4f7740f4
0e546e23f76eedfbf60833bf48001050506a1535ebc1acfb05c66adc3cabb258
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://c1ne.co
access-control-allow-credentials: true
set-cookie: uid_id2=2bf66b7c-ac30-429f-8f90-f28d39653512:2:1; expires=Sat, 04 Sep 2032 20:34:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1a2adb6d06ff306d9d3118213e27e532
b0c6dede44100d653ac05c260c3c6a15a60f13f1
624d5505fb673fd21dacda10f774ee3d19f9c3c33db688473b3b7c55f5cc5c11
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 20:34:36 GMT
Last-Modified: Wed, 07 Sep 2022 19:21:09 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1x_KBlmiZYBA0eCabJUD-fJ0nmqJvJXpuTpMaVtAzwuZ39SO3KKmpw==
Age: 4407
simplewebanalysis.com/stats
52.59.153.168200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.59.153.168:0
File type ASCII text, with no line terminators
Hash a61c98511ebf86711eb329fc33ed183d
f7bfe668c6e73432c1250946fbb41330fcf3df64
1b4e74a3beb9d63e9a564fbae73225c0bb9794ee13f8098d90d3ebd8c75a49d7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://c1ne.co
access-control-allow-credentials: true
set-cookie: uid_id2=66ac26e0-d2ee-4050-ba52-d242fd03e747:2:1; expires=Sat, 04 Sep 2032 20:34:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
browser.sentry-cdn.com/6.2.2/bundle.min.js
151.101.2.217200 OK 21 kB URL HTTP/2 browser.sentry-cdn.com/6.2.2/bundle.min.js
IP 151.101.2.217:0
File type ASCII text, with very long lines (65448)
Hash a948fc086ec14683f3f2270913c7f702
945e9d1a6a70d4e3f87dbd1058879bcddcb40a1d
0bb5309b61da0b307549c7c9edd6a61766a86d3dd317d093525fddeebeb212e9
GET /6.2.2/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 17 Mar 2023 07:22:09 GMT
last-modified: Thu, 11 Mar 2021 09:25:54 GMT
etag: "a948fc086ec14683f3f2270913c7f702"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Sep 2022 20:34:36 GMT
age: 15081146
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20633
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.242.32.27101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.32.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7jiNx782gwDm3ynjANQvGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: y6ec4yniyVLWJDOmhN4j38wPPok=
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61a1d49aa535963841c587d8263dd108
0efb6da29383ab32455f2df3490eb3cb2c27ae81
604f30f23d59dfe745af62dfe586c0135acd11f5c369298abca51ed81a20a2a2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "604F30F23D59DFE745AF62DFE586C0135ACD11F5C369298ABCA51ED81A20A2A2"
Last-Modified: Mon, 05 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4646
Expires: Wed, 07 Sep 2022 21:52:02 GMT
Date: Wed, 07 Sep 2022 20:34:36 GMT
Connection: keep-alive
addresseepaper.com/sfp.js
104.21.234.254200 OK 24 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash ae552b7c9910dfe36dde843945779b8a
ef6b9d68ffd37d63cbdc562ace0a5f22b5a99a6f
ce50ddde54c228af0ac8a57bfcdd373bd96a1d49e90aae2ec1a5c6308a07090c
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ae31d95c278b2799bd4dde0365bc81b1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 07 Sep 2022 20:34:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ7VamlGFUFl%2F6eeY%2FUvQYRWtmmMtt4DbynyqIxUAoye1u3fUGxKHYNJSx1c%2B1mmr8PWike%2F6Q1k9tnwb6ulxTQPQypEWGEAXnyHC5YsMs7lFH6UfGDE9Sx0QV8iv9TcmS7olYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747239e2ff4c7701-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
arc.io/arc-sw-core.js
54.230.111.70200 OK 68 kB IP 54.230.111.70:0
File type ASCII text, with very long lines (22448)
Hash b62d64ef6acb7d9e69619926d12987fd
d17547ac81a5b9ec9d3cfaa7fbecd563233af351
e82a5776a21790a3b2855755cb37d2aea37274b04b5b4e4ee48c318e8127d7e2
GET /arc-sw-core.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 67725
last-modified: Sat, 31 Jul 2021 01:05:06 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 07 Sep 2022 20:24:41 GMT
cache-control: public, max-age=3600, must-revalidate
etag: "6104a1c2-1088d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YQN5NJRHoVOg7XTKXmldfHXeiFiTdZkHfA4_DOMAxd-1G7p4uPQHQQ==
age: 596
X-Firefox-Spdy: h2
res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BMTc5NzM2MDY5MF5BMl5BanBnXkFtZTcwMTMxNDgxMQ@@._V1_UY268_CR3,0,182,268_AL_.jpg
151.101.85.137200 OK 4.7 kB URL HTTP/2 res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BMTc5NzM2MDY5MF5BMl5BanBnXkFtZTcwMTMxNDgxMQ@@._V1_UY268_CR3,0,182,268_AL_.jpg
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x178, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ef0dca34fc9019da1a82745a96f1272
3350fe8e724c171d5b76eb5d4e49814c61fe9091
d46e90f18fa7737649689d947a308000c1aa7638528de6cff57484287bb8b48f
GET /practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BMTc5NzM2MDY5MF5BMl5BanBnXkFtZTcwMTMxNDgxMQ@@._V1_UY268_CR3,0,182,268_AL_.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="MV5BMTc5NzM2MDY5MF5BMl5BanBnXkFtZTcwMTMxNDgxMQ@@._V1_UY268_CR3,0,182,268_AL_.webp"
content-type: image/webp
etag: "1ef0dca34fc9019da1a82745a96f1272"
last-modified: Fri, 11 Sep 2020 21:44:36 GMT
date: Wed, 07 Sep 2022 20:34:37 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2022-09-07T20:34:37.116Z;desc=hit,rtt;dur=11
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 4738
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221662580634884%22
143.204.55.115200 OK 4.7 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221662580634884%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (22383), with no line terminators
Hash 04a8a64ab3bd02d4502a0064a7f6d787
34b2221cd8bd87a7e7cb4f6eb34e861685988be2
b78703ace60cd8d6b82bd049428151f19fe320d9b44429c0a05cbb8f8263cdff
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221662580634884%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 20:02:03 GMT
Expires: Wed, 07 Sep 2022 21:02:03 GMT
Last-Modified: Wed, 07 Sep 2022 19:57:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dTSO6EayLD9XGMpD7KcVhV4f-UwxK9n2N0wV1OsHWRpvNWGpJ8jZaw==
Age: 1954
static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
194.242.11.186200 OK 37 kB URL HTTP/2 static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (63194)
Hash 8af4cc46e2e43c462b2e9f90093187bf
60049b24a221fa86ada78f376539f6131b6fbf44
523a4f7c7842b7ed6dd27cd8976153e3f096ceeef226c2c810e639b552f94c54
GET /widget/js/vendors~widget-ui.js?c9b0de53 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"5f5181a44cab6b9ccdc03f0d9f46e177"
last-modified: Mon, 08 Aug 2022 22:09:02 GMT
x-amz-id-2: A9pqjKPrqIQflyxmXrVwzuzToR7cxaWclWx6NjnAerAt8ogrYlvolAtqoGvvdIsvqEeqAzY1AX0=
x-amz-request-id: 6ACY3P80RJNPZB5G
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/14/2022 14:32:19
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 552107804e64e76db5dccf1c65818792
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662554243287&_since=%221653914271178%22
143.204.55.115200 OK 13 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662554243287&_since=%221653914271178%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 05d9a78a8a2b88cb2692fb833bd62894
25f176efa4515d892e632d95571267bbc8f0a92e
1a82e2608106af8001b72ae71df56b492bf16221e9dc64195113c3a1ba6a1a08
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662554243287&_since=%221653914271178%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 07 Sep 2022 12:37:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 19:44:35 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h8avqfEh9kIvDgM_Ris6QEfn1QS8lNd6sqUwZ4eQkh5lUmlUOh4TJA==
Age: 3317
static.arc.io/widget/css/widget.css?62de60f
194.242.11.186200 OK 8.7 kB URL HTTP/2 static.arc.io/widget/css/widget.css?62de60f
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (13367)
Hash 55009d7d0b3a3e488238faa9dd8b17d4
c4dee65abeaf70124273bb09aec6e5fcd33d30b4
e8581b8abf2b88fe061d70e535da74ba697dde1540a3232a6a825f9546d73963
GET /widget/css/widget.css?62de60f HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET, HEAD
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
last-modified: Wed, 07 Sep 2022 18:01:07 GMT
x-amz-id-2: BlpzaVDecI0+GAGIKkovvMZc5hlztxkjuNCMQgTwPr7vuqkvNvzRZTk7f5ud3fOf/rctCQF31BA=
x-amz-request-id: VQD42AGSHTDE3RVA
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/07/2022 18:32:38
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e0375a7ddd07a772142ffd29a78ba84c
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -DtbdQ5VjRsJ1aLSSc_2fj8tKvMC33yU6Mamnsk6ZDL4ODfN_dAeaA==
age: 60483
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5b14a1603ad02ac6fe627e6c7a92611
cadf10f57aa924e3585ea24053b582e16c41511c
9c684297b80e595a5b1166e78b79f5d40cc90ece24a58a1ba9df23e221379f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C684297B80E595A5B1166E78B79F5D40CC90ECE24A58A1BA9DF23E221379F09"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1159
Expires: Wed, 07 Sep 2022 20:53:56 GMT
Date: Wed, 07 Sep 2022 20:34:37 GMT
Connection: keep-alive
res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BN2IzNDI4ZjQtMDIwYy00MjcwLThjMTItYzc0ZGVjZThjNzAzXkEyXkFqcGdeQXVyMTE1MzI2NzIz._V1_UX182_CR0,0,182,268_AL_.jpg
151.101.85.137200 OK 5.6 kB URL HTTP/2 res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BN2IzNDI4ZjQtMDIwYy00MjcwLThjMTItYzc0ZGVjZThjNzAzXkEyXkFqcGdeQXVyMTE1MzI2NzIz._V1_UX182_CR0,0,182,268_AL_.jpg
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x178, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d11f3929eb802de6096a10df51a7354
8394c9564d4cbb9aa5e91ddf63dd7fe376b8d8a2
2d9a062015508bc81fb7862293cffdb394befd8f3395e489cef176cf5ca6c395
GET /practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BN2IzNDI4ZjQtMDIwYy00MjcwLThjMTItYzc0ZGVjZThjNzAzXkEyXkFqcGdeQXVyMTE1MzI2NzIz._V1_UX182_CR0,0,182,268_AL_.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="MV5BN2IzNDI4ZjQtMDIwYy00MjcwLThjMTItYzc0ZGVjZThjNzAzXkEyXkFqcGdeQXVyMTE1MzI2NzIz._V1_UX182_CR0,0,182,268_AL_.webp"
content-type: image/webp
etag: "1d11f3929eb802de6096a10df51a7354"
last-modified: Sat, 01 Aug 2020 20:42:49 GMT
date: Wed, 07 Sep 2022 20:34:37 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=132;cpu=0;start=2022-09-07T20:34:37.118Z;desc=miss,rtt;dur=11,cloudinary;dur=38;start=2022-09-07T20:34:37.167Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5614
X-Firefox-Spdy: h2
res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BMzgwODk3ODA1NF5BMl5BanBnXkFtZTcwNjU3NjQ0Nw@@._V1_SX120.jpg
151.101.85.137200 OK 2.9 kB URL HTTP/2 res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BMzgwODk3ODA1NF5BMl5BanBnXkFtZTcwNjU3NjQ0Nw@@._V1_SX120.jpg
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x178, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 64d6ab9a92b013fb9b38abb7c4ebe672
46c4f260c499fd5c7fd68852cb7e6a7c92e112a8
a6d9e0726eeb8bbadb829f8f057bce5f7770cc9797d56b857b6a3d4498831c58
GET /practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BMzgwODk3ODA1NF5BMl5BanBnXkFtZTcwNjU3NjQ0Nw@@._V1_SX120.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="MV5BMzgwODk3ODA1NF5BMl5BanBnXkFtZTcwNjU3NjQ0Nw@@._V1_SX120.webp"
content-type: image/webp
etag: "64d6ab9a92b013fb9b38abb7c4ebe672"
last-modified: Sun, 26 Jul 2020 17:35:24 GMT
date: Wed, 07 Sep 2022 20:34:37 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=146;cpu=0;start=2022-09-07T20:34:37.110Z;desc=miss,rtt;dur=12,cloudinary;dur=51;start=2022-09-07T20:34:37.159Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 2894
X-Firefox-Spdy: h2
static.arc.io/broker/js/lazy-iwc.9b430e25.js
194.242.11.186200 OK 19 kB URL HTTP/2 static.arc.io/broker/js/lazy-iwc.9b430e25.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (14147), with no line terminators
Hash 97637f850e39304b6adc46113427e891
746a1abc5633e66986ddb44625d6e13c09b610e4
120319a71760b6b9309b215d4294d5552300fc1e3200f00599be20576e5d6727
GET /broker/js/lazy-iwc.9b430e25.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 0pqtvhmktNzG/kuXS+f70yU/1nrs8NiaC5jbPx0Ogn1zHjS1MBw3Ld9u+2vBvs1RgznasANnNaM=
x-amz-request-id: P7W24ZM6DAWWT664
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/30/2022 16:48:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8d8d3202734724d0e42a521b1a6c33f3
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 20:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zqemL6l_RJFOe-ZtELkDj0kcXafn_d0OaxnoM2qzE78pwPQtoHIYcg==
Age: 1791
res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BZWQ0ZDFmYzMtZGMyMi00NmYxLWE0MGYtYzM2ZGNhMTE1NTczL2ltYWdlL2ltYWdlXkEyXkFqcGdeQXVyMjM5ODMxODc@._V1_SX120.jpg
151.101.85.137200 OK 5.2 kB URL HTTP/2 res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BZWQ0ZDFmYzMtZGMyMi00NmYxLWE0MGYtYzM2ZGNhMTE1NTczL2ltYWdlL2ltYWdlXkEyXkFqcGdeQXVyMjM5ODMxODc@._V1_SX120.jpg
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x178, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e98bd59a7c246a880164312fa99f6b0
7339441b4b9f00a963bf55744680a3d0f162137a
e2a839b423fbc6f872a213f24b0ea5afb5de6635a580d85be4b2064b8720ff84
GET /practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BZWQ0ZDFmYzMtZGMyMi00NmYxLWE0MGYtYzM2ZGNhMTE1NTczL2ltYWdlL2ltYWdlXkEyXkFqcGdeQXVyMjM5ODMxODc@._V1_SX120.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="MV5BZWQ0ZDFmYzMtZGMyMi00NmYxLWE0MGYtYzM2ZGNhMTE1NTczL2ltYWdlL2ltYWdlXkEyXkFqcGdeQXVyMjM5ODMxODc@._V1_SX120.webp"
content-type: image/webp
etag: "8e98bd59a7c246a880164312fa99f6b0"
last-modified: Mon, 27 Jul 2020 04:50:49 GMT
date: Wed, 07 Sep 2022 20:34:37 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=189;cpu=0;start=2022-09-07T20:34:37.110Z;desc=miss,rtt;dur=12,cloudinary;dur=94;start=2022-09-07T20:34:37.156Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5194
X-Firefox-Spdy: h2
mc.yandex.ru/watch/65228386?wmode=7&page-url=https%3A%2F%2Fc1ne.co%2Fperfumed-nightmare-1977%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A1541%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A285000499154%3Ahid%3A735512038%3Az%3A0%3Ai%3A20220907203429%3Aet%3A1662582870%3Ac%3A1%3Arn%3A507914649%3Arqn%3A1%3Au%3A1662582870916812518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662582867749%3Ads%3A1%2C68%2C102%2C5%2C353%2C0%2C%2C1001%2C4%2C%2C%2C%2C2018%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662582870%3At%3AWatch%20Perfumed%20Nightmare%20(1977)%20Full%20HD%20Free%20Online%20-%20C1NE&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 796 kB URL HTTP/2 mc.yandex.ru/watch/65228386?wmode=7&page-url=https%3A%2F%2Fc1ne.co%2Fperfumed-nightmare-1977%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A1541%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A285000499154%3Ahid%3A735512038%3Az%3A0%3Ai%3A20220907203429%3Aet%3A1662582870%3Ac%3A1%3Arn%3A507914649%3Arqn%3A1%3Au%3A1662582870916812518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662582867749%3Ads%3A1%2C68%2C102%2C5%2C353%2C0%2C%2C1001%2C4%2C%2C%2C%2C2018%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662582870%3At%3AWatch%20Perfumed%20Nightmare%20(1977)%20Full%20HD%20Free%20Online%20-%20C1NE&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
Size 796 kB (795699 bytes)
Hash 9b95765b0e26af76116a95a966d61354
3f7c1b40fc999b83f3696f455402e49ab484b027
34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /watch/65228386?wmode=7&page-url=https%3A%2F%2Fc1ne.co%2Fperfumed-nightmare-1977%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A1541%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A285000499154%3Ahid%3A735512038%3Az%3A0%3Ai%3A20220907203429%3Aet%3A1662582870%3Ac%3A1%3Arn%3A507914649%3Arqn%3A1%3Au%3A1662582870916812518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662582867749%3Ads%3A1%2C68%2C102%2C5%2C353%2C0%2C%2C1001%2C4%2C%2C%2C%2C2018%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662582870%3At%3AWatch%20Perfumed%20Nightmare%20(1977)%20Full%20HD%20Free%20Online%20-%20C1NE&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/65228386/1?wmode=7&page-url=https%3A%2F%2Fc1ne.co%2Fperfumed-nightmare-1977%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A1541%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A285000499154%3Ahid%3A735512038%3Az%3A0%3Ai%3A20220907203429%3Aet%3A1662582870%3Ac%3A1%3Arn%3A507914649%3Arqn%3A1%3Au%3A1662582870916812518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662582867749%3Ads%3A1%2C68%2C102%2C5%2C353%2C0%2C%2C1001%2C4%2C%2C%2C%2C2018%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662582870%3At%3AWatch%20Perfumed%20Nightmare%20%281977%29%20Full%20HD%20Free%20Online%20-%20C1NE&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 07 Sep 2022 20:34:37 GMT
access-control-allow-origin: https://c1ne.co
set-cookie: yandexuid=9450040891662582877; Expires=Thu, 07-Sep-2023 20:34:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9450040891662582877; Expires=Thu, 07-Sep-2023 20:34:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2208573881662582877; Path=/; SameSite=None; Secure
i=utL1rTn1bIGPPtmxsIDDNCn2xUlkoxGCCLPsQI3iGdIFcoqjt0yYBRLr/W61n38gB1bPhT7blVvkgrxzF4f58VAaVcA=; Expires=Sat, 04-Sep-2032 20:34:34 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694118877.yrts.1662582877#1694118877.yrtsi.1662582877; Expires=Thu, 07-Sep-2023 20:34:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 20:34:37 GMT
last-modified: Wed, 07-Sep-2022 20:34:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BZjExOGUxZTUtNWYzMi00Y2Q3LWFlOGQtZTc4YTFkYTNkNjQyXkEyXkFqcGdeQXVyNzgzODI1OTE@._V1_UY268_CR4,0,182,268_AL_.jpg
151.101.85.137200 OK 4.1 kB URL HTTP/2 res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BZjExOGUxZTUtNWYzMi00Y2Q3LWFlOGQtZTc4YTFkYTNkNjQyXkEyXkFqcGdeQXVyNzgzODI1OTE@._V1_UY268_CR4,0,182,268_AL_.jpg
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x178, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 34e32fa8feaa31da2d6b14e82a1d00d6
4bd1e03991512b54df4f093e1fab01cfb9a2c106
a1c5177a72e08a3fd800195bf65495bfde972fd69c9bba5b90f6cf06978f7e51
GET /practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://m.media-amazon.com/images/M/MV5BZjExOGUxZTUtNWYzMi00Y2Q3LWFlOGQtZTc4YTFkYTNkNjQyXkEyXkFqcGdeQXVyNzgzODI1OTE@._V1_UY268_CR4,0,182,268_AL_.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="MV5BZjExOGUxZTUtNWYzMi00Y2Q3LWFlOGQtZTc4YTFkYTNkNjQyXkEyXkFqcGdeQXVyNzgzODI1OTE@._V1_UY268_CR4,0,182,268_AL_.webp"
content-type: image/webp
etag: "34e32fa8feaa31da2d6b14e82a1d00d6"
last-modified: Tue, 01 Sep 2020 15:32:06 GMT
date: Wed, 07 Sep 2022 20:34:37 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=207;cpu=0;start=2022-09-07T20:34:37.105Z;desc=miss,rtt;dur=12,cloudinary;dur=112;start=2022-09-07T20:34:37.153Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 4068
X-Firefox-Spdy: h2
mc.yandex.ru/watch/65228386/1?wmode=7&page-url=https%3A%2F%2Fc1ne.co%2Fperfumed-nightmare-1977%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A1541%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A285000499154%3Ahid%3A735512038%3Az%3A0%3Ai%3A20220907203429%3Aet%3A1662582870%3Ac%3A1%3Arn%3A507914649%3Arqn%3A1%3Au%3A1662582870916812518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662582867749%3Ads%3A1%2C68%2C102%2C5%2C353%2C0%2C%2C1001%2C4%2C%2C%2C%2C2018%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662582870%3At%3AWatch%20Perfumed%20Nightmare%20%281977%29%20Full%20HD%20Free%20Online%20-%20C1NE&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/65228386/1?wmode=7&page-url=https%3A%2F%2Fc1ne.co%2Fperfumed-nightmare-1977%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A1541%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A285000499154%3Ahid%3A735512038%3Az%3A0%3Ai%3A20220907203429%3Aet%3A1662582870%3Ac%3A1%3Arn%3A507914649%3Arqn%3A1%3Au%3A1662582870916812518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662582867749%3Ads%3A1%2C68%2C102%2C5%2C353%2C0%2C%2C1001%2C4%2C%2C%2C%2C2018%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662582870%3At%3AWatch%20Perfumed%20Nightmare%20%281977%29%20Full%20HD%20Free%20Online%20-%20C1NE&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash f26ab6b3f9435453a721dbf22961de69
de31be6b3a4e5fa13d669a20b9744cd95c93188a
837a4e285abc5d690384113a91c1b2ae5dc5db201f569ce4339ea9f4294b5af6
GET /watch/65228386/1?wmode=7&page-url=https%3A%2F%2Fc1ne.co%2Fperfumed-nightmare-1977%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A1541%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A285000499154%3Ahid%3A735512038%3Az%3A0%3Ai%3A20220907203429%3Aet%3A1662582870%3Ac%3A1%3Arn%3A507914649%3Arqn%3A1%3Au%3A1662582870916812518%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662582867749%3Ads%3A1%2C68%2C102%2C5%2C353%2C0%2C%2C1001%2C4%2C%2C%2C%2C2018%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662582870%3At%3AWatch%20Perfumed%20Nightmare%20%281977%29%20Full%20HD%20Free%20Online%20-%20C1NE&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Referer: https://c1ne.co/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Wed, 07 Sep 2022 20:34:37 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://c1ne.co
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 20:34:37 GMT
last-modified: Wed, 07-Sep-2022 20:34:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662508869589&_since=%221654732864402%22
143.204.55.115200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662508869589&_since=%221654732864402%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (59438), with no line terminators
Hash d67981722c80a0f28991334e47fa8717
c8fc96c17aa070b36955e935ff490145f3c55e58
65f225266925852756f22415971aeb54bec24d1a7cc0b07ff0da41955add25ef
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662508869589&_since=%221654732864402%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 07 Sep 2022 00:01:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 07 Sep 2022 20:33:50 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j-F5CcELD5AT3Vx__4lNelS9JoPsHB2dz13RyZbGQ4nfGoBnc0Zx-Q==
Age: 277
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
143.204.55.115200 OK 783 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (1393), with no line terminators
Hash d8e59c6bd160719da9f2b9571af22b8e
b4353f8308be656bdf00bc4676fdb23e7c285f32
a3e7359fc3dbb20b38aae533bedd4061dad7a3440ea323cb17dba0540a670c81
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 07 Sep 2022 19:39:01 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i3bTYRydtA65KnJGKmXt0zB_Y_uWAyiiCsRknbf1HMKPhrOxae0Dvg==
Age: 3346
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 578b9ff83ff3950ab2a3d1a8344d2938
39d48b67ba6aa45ec01767725e726cf9b0c87a70
35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Wed, 07 Sep 2022 01:37:09 GMT
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZqlT20RAhIBGXE1fmKiA2axj9cbiDnOzsWZ5qT2Yj7LMM9SWOmfOdQ==
age: 68249
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 77cb90c1bcc1626dc5f002b309ed6c8e
adca42d0c7a341166c081fc698ec37c3174988ec
9903ef9c78c0f9f12357b418c5a2233f8a97401aa5a9cafa64a99153715b95fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9903EF9C78C0F9F12357B418C5A2233F8A97401AA5A9CAFA64A99153715B95FB"
Last-Modified: Tue, 06 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20073
Expires: Thu, 08 Sep 2022 02:09:10 GMT
Date: Wed, 07 Sep 2022 20:34:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
143.204.55.115200 OK 3.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Hash cb546ddfc075945fc3edcc0a08714230
d0c184b28768e0b60712ebfb2a1d7efed49ec5e7
1140ff372948c06d0577eb7a7299c2d95c87b4d47839defef7307486f9f7ea21
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 07 Sep 2022 19:39:01 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tvJZ6rCGCUMwe2EetIwOWg90OLWqjt-W8cxAx7K6pXit_4qmCXOpXA==
Age: 3346
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
143.204.55.115200 OK 3.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (14030), with no line terminators
Hash 9498433bbbcad841ef1b67c31e9e19f7
bc89dbd1261594949ebc09eb0978e22d14fb5c3f
01a250849ba7c6b099e5e2e85059f7657041d3997a5a0118b85aea782aa408b2
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 20:31:29 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O9O2pc7jeRJs6WblXgKiXO5_mtF_yHNAn6MbDpEzOCI5SloADWRQyw==
Age: 205
res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://i.imgur.com/hbC46DB.jpg
151.101.85.137200 OK 5.1 kB URL HTTP/2 res.cloudinary.com/practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://i.imgur.com/hbC46DB.jpg
IP 151.101.85.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x178, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10e52e8ba82eb181bdde798b3b5951f6
be7c1879909b737bad02a12b4fa9d85ca8739a27
a837a9a296ae3b315dcad017b491f518440da0f37e9588b7bb80ed835753356a
GET /practicaldev/image/fetch/w_120,h_178,c_scale,f_auto,q_auto/https://i.imgur.com/hbC46DB.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="hbC46DB.webp"
content-type: image/webp
etag: "10e52e8ba82eb181bdde798b3b5951f6"
last-modified: Sun, 26 Jul 2020 23:39:41 GMT
date: Wed, 07 Sep 2022 20:34:37 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=459;cpu=0;start=2022-09-07T20:34:37.104Z;desc=miss,rtt;dur=12,cloudinary;dur=90;start=2022-09-07T20:34:37.427Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 5146
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2db764001243d13c739384fdf698f185
54f6f0f91c266c7a7bcf2458509b672d784dec7d
1e5b508cc623ef3d5e35713e70846bbb1aa272a5294c2aeda8f53609740da663
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E5B508CC623EF3D5E35713E70846BBB1AA272A5294C2AEDA8F53609740DA663"
Last-Modified: Wed, 07 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4310
Expires: Wed, 07 Sep 2022 21:46:27 GMT
Date: Wed, 07 Sep 2022 20:34:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
143.204.55.115200 OK 681 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash 747f384efea12ce5dab98117b84a36d8
3bfa87d8ca19bf259e1b28f5d8484560bc4aa59f
674580bbd668da2fccee5bd78cd11bdb237a800ec945160353537b15c3e924f2
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 681
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, ETag, Last-Modified, Backoff, Cache-Control, Retry-After, Expires, Pragma, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sat, 03 Sep 2022 16:36:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 20:11:23 GMT
Cache-Control: no-cache, no-store
ETag: "1662223014803"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RX5v16GpcpJ6TCbv8ZHkfgH1HTQHNrWIhpXQLzPWtChlOVNnOPisvw==
Age: 1395
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Sep 2022 20:34:37 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d61c122293579702eaf27d0b7296472
Strict-Transport-Security: max-age=0; includeSubdomains
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
143.204.55.115200 OK 897 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (1710), with no line terminators
Hash 2ef700623eb0b783e8a583fb14fcbb80
c6b6cbb847d3a5e5c6d991c8d6dce6e9b9c902cf
b2a5ecbd87cc70c34c20d9470de54751cc1f48c8945e2239f12874ed35839983
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 07 Sep 2022 20:04:40 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NH9rvRWTIEUXeutoIMpM-bkGIxINoK7INkwIBmmXSX7yY8M-bP1Gcg==
Age: 1846
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
143.204.55.115200 OK 1.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (2195), with no line terminators
Hash ea7be8630c2ab64565dcf909ddd6b1e9
99b5c68aea2e5c3f498290bca5affa8c4d5ccaee
46a7bd4666db075b42064484105f0381c5cd8ff11ce5a9a555711ad03f83b38c
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 19:50:46 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8HXwyFAnunT5pAwz2MmkF8R8ntNop91Lpa9PM8nYluulBScB1JVuYw==
Age: 2752
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
143.204.55.115200 OK 1.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (3677), with no line terminators
Hash 7c2cf5e6216dc47511f819acd70197a5
f8f556d7600b3e74941bc4d3100463e054879170
0b13a9837661102f8e1ee4647007e78ddff90738b62eeb2df69713ed0c2be6bd
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 07 Sep 2022 20:01:06 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wSqZZnyY83ZVvXvRD8zQrm6UAchzE7wMEPcCRaelO3VEn9zBzvYUYg==
Age: 2110
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662120887268&_since=%221654636467710%22
143.204.55.115200 OK 6.0 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662120887268&_since=%221654636467710%22
IP 143.204.55.115:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dba03ddf7851da36cdc2b05131cbf872
ca311ba9d7961eebf6a3ea78f65a692a19124763
db58fb0ad9aa163d76fb200f682e260173e9226a2d9e22d9b8b6aa740239d4bd
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662120887268&_since=%221654636467710%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 02 Sep 2022 12:14:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 20:33:51 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rdYPZGKZBzb0scag8M2M_GyARBqevmzM22b8v6-FjOw_Rxy2RugQ7A==
Age: 1448
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Sep 2022 20:34:37 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Wed, 07 Sep 2022 21:34:37 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
143.204.55.115200 OK 5.5 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (20424), with no line terminators
Hash 4aeeb7e3b8bbe13f0e937ff570f20777
3d30e1983d6ce6126fef50acaae4a41d579b1c09
3f016c7fbcd505500620db2169b0f39282087dc89ba805e479a8ef53d45f10b7
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Wed, 07 Sep 2022 20:04:40 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0pucevUGguhK4_T3_ceOsmMLpxHqHa1lwoKfKAEpFDqhwySMTDP0Sg==
Age: 1802
reapinject.com/sbar.json?key=18542d6091ed98d29c5abce862338bc2
209.192.156.116200 OK 4.0 kB URL HTTP/1.1 reapinject.com/sbar.json?key=18542d6091ed98d29c5abce862338bc2
IP 209.192.156.116:0
File type JSON data\012- , ASCII text, with very long lines (5488), with no line terminators
Hash 0267f95fbd6beaee673f3f33dca74db1
0e0f1560e2ba4e61ef2fbe1e97028ce9e0a308df
57f5e2073d16c87275333e705c6f673164dbf2fa6c5476f5c1a1445813c03d02
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=18542d6091ed98d29c5abce862338bc2 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://c1ne.co
Access-Control-Allow-Origin: https://c1ne.co
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17160004; expires=Thu, 08 Sep 2022 20:34:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Sep 2022 20:34:38 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Sep 2022 20:34:38 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 08 Sep 2022 20:34:38 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 08 Sep 2022 20:34:38 GMT; secure; SameSite=None
slec18542d6091ed98d29c5abce862338bc2=[3364845]; expires=Wed, 07 Sep 2022 20:34:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0fb056814e4d6133417fdddbab534cdc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
stats.panji.me/api/collect
88.198.66.217204 No Content 0 B URL HTTP/2 stats.panji.me/api/collect
IP 88.198.66.217:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/collect HTTP/1.1
Host: stats.panji.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://c1ne.co/
Origin: https://c1ne.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
date: Wed, 07 Sep 2022 20:34:38 GMT
server: Caddy
strict-transport-security: max-age=31536000;
vary: Access-Control-Request-Headers
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
content-length: 0
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
104.17.24.14200 OK 631 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (1796)
Hash c27520fe60c6f5f7cba22d6912e04494
59bdd4f097d44825326bfa7fdf075669deabaa09
bfbb841e763e8cd7a378b0a6bb83b08251eb3ee0afd7bfcb6d55dae63f6f514d
GET /ajax/libs/normalize/8.0.0/normalize.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: text/css; charset=utf-8
content-length: 631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f2b-732"
last-modified: Mon, 04 May 2020 16:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 319334
expires: Mon, 28 Aug 2023 20:34:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUlclaEw7k3lu2r3tx0V7lUpOrcz5HxrvDjknIyHXVa0%2BkF%2BbnINhKIKelMbRiUA50jq2kYGGW1x63x11uZp8pUevtUtDzsjAvx65MaJCwLkOQ7FrYzWI%2B9llBpHQbyjGfEpEqMC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 747239ec9e98b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.panji.me/api/collect
88.198.66.217200 OK 136 B URL HTTP/2 stats.panji.me/api/collect
IP 88.198.66.217:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 320eed5062641b3bb166f09932a73d46
7a7e2c471f1b73ebe7c4ead3370c8bd952461560
92083e7ad8654deeaa528dabdc5d609ec0dff3caf736ae0a37119ea80ea2f53d
POST /api/collect HTTP/1.1
Host: stats.panji.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 189
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-type: text/plain
date: Wed, 07 Sep 2022 20:34:38 GMT
etag: "nsh20iaz403s"
server: Caddy
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
content-length: 136
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15770
Expires: Thu, 08 Sep 2022 00:57:28 GMT
Date: Wed, 07 Sep 2022 20:34:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15770
Expires: Thu, 08 Sep 2022 00:57:28 GMT
Date: Wed, 07 Sep 2022 20:34:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:10:03 GMT
age: 55475
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:38:56 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 78942
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 2956f23c-8907-48de-b82a-73da9ae1d75e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYVHnLoAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdce-5d76bbe82dc2823407fe67f3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6tTqfG7yRrMw0cMwiQFlu9XuRzxlK7uzTXL-cAMFmrrDrKL9Rd3zqA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:20 GMT
age: 82398
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 31a6c427-a073-4c25-88b1-6ba40a48c359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrvyGg6oAMFhDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bffe-36dd49416c62f3811167173d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hNtG651fpAOKjZluawZlbXYFfBUojeSyqB9UMRsAg1Ooxc95mudq7A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:27 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 81791
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 82396
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 6db42fa4-5a04-4368-b5cb-ea8f70d83ead
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XmxSRFp7oAMFb3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c2f41-1df42bd2265554de5f47932e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KQ1yb69_uETJJlEIcwsR165zqZuiklGuj3Nn-tyta0e_q8BGqs3cXg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:24 GMT
age: 81794
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRidTYKExAlUDkUC%2BQgScnbXztqmh4oQgqKmTWlB5QTMzoydIbM7q5kdr5NTRAXq0fyDzXPSUKgQSFwpyKnoIRJSlwPKgfwDDgipJw7IroXhk1bfe%2Fve4X3fN58fuHPiw9Gztat6TypFl1fqfu3VD4LgUm1Tpm5QG7Sjj6LmpZrpv9GJ6v5rtXcE29HLoR%2F4fuAHtXVpRFcPliciZHa%2FE9Q7fr0Z1oOVJgbm%2F9w6D5Z64P1z8gIkr5Yeehcg2Rhp8u2asDu5zl5%2FO3GK5tqgz4%2FfT3dSXaRI5rBrPHTT45kb2j5efwCdHk3jQvf%2FNcayIt6jB4jT41lIxP3Dac5YQaSI%2BXMo%2BmMINYakYzB9G5I%2FJgDjuLaFNLl7TZuC7j5V6UStyNKTvyCLiiz9fgFp8s2qkoPaTa1cLnVqMeiWkIMxZG%2BMzJ0g31uALE7A8k8h%2BS9k%2Bckm0uRwyyoNycvp7FKOIbtjKDEEtR7c5JMeXNeDyzwk%2FKzGgiBo%2BZxRv91hrMFbIo64H9BWN6CBH7Xh2CTeEHk2BFNDMLOPzOxjRw5h3E%2Bw2yUs92Dzinjv7qPPSxSCoLAEBSUoJEGRExT98ogrG9ryLlfWxcGsh7PeKEc67x3QI533REoOsnPy%2FGQv3jO%2FrWFHnNWC9koz5JHfCQTvtHnYYSs0ZqIdhY1GO2YhrCwh7cJ01D1ZkaXtH5HJiixc%2BRkxPYFVJ2DyRVD3MmgxaoU%2B6Pao2faxl35pt3Uh6okA1yWyfAn5rnegzsnF6W0at%2F6AYKeXP46vVn%2Fe%2BxvMlMhMiU%2FkQ4KeujO6oQtyeEMXlny3leUykXt0crebOc3F4ldXxG6hDd9Ys8N7b7KJMIH33xM236Qpl2nPkq9XJefCrGvDBPlhw94S8XVnt1edSV22ef2t9Y0kM8JaqdMxqKwIeXQKJivy7PdH0yf50mcFpBnDuBKJOyWzgtQnYNk%2BbDbPb%2FUijJp74sxD4cqRCeP5TyUJlJhzGpew%2F%2BHxHB%2FYO%2BiZV0Dz20iTEn1Toq9KUDWEdYujPDOnl39tTAux8kaxMt5hrIz64ulyrTyrtRoNn0adlaDVoqIVN8N2Nwo4pWEzCqOINpDbil0kH%2F4DAAD%2F%2FwEAAP%2F%2FCDjXol0EAAA%3D
209.192.156.116200 OK 7 B URL HTTP/1.1 reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRidTYKExAlUDkUC%2BQgScnbXztqmh4oQgqKmTWlB5QTMzoydIbM7q5kdr5NTRAXq0fyDzXPSUKgQSFwpyKnoIRJSlwPKgfwDDgipJw7IroXhk1bfe%2Fve4X3fN58fuHPiw9Gztat6TypFl1fqfu3VD4LgUm1Tpm5QG7Sjj6LmpZrpv9GJ6v5rtXcE29HLoR%2F4fuAHtXVpRFcPliciZHa%2FE9Q7fr0Z1oOVJgbm%2F9w6D5Z64P1z8gIkr5Yeehcg2Rhp8u2asDu5zl5%2FO3GK5tqgz4%2FfT3dSXaRI5rBrPHTT45kb2j5efwCdHk3jQvf%2FNcayIt6jB4jT41lIxP3Dac5YQaSI%2BXMo%2BmMINYakYzB9G5I%2FJgDjuLaFNLl7TZuC7j5V6UStyNKTvyCLiiz9fgFp8s2qkoPaTa1cLnVqMeiWkIMxZG%2BMzJ0g31uALE7A8k8h%2BS9k%2Bckm0uRwyyoNycvp7FKOIbtjKDEEtR7c5JMeXNeDyzwk%2FKzGgiBo%2BZxRv91hrMFbIo64H9BWN6CBH7Xh2CTeEHk2BFNDMLOPzOxjRw5h3E%2Bw2yUs92Dzinjv7qPPSxSCoLAEBSUoJEGRExT98ogrG9ryLlfWxcGsh7PeKEc67x3QI533REoOsnPy%2FGQv3jO%2FrWFHnNWC9koz5JHfCQTvtHnYYSs0ZqIdhY1GO2YhrCwh7cJ01D1ZkaXtH5HJiixc%2BRkxPYFVJ2DyRVD3MmgxaoU%2B6Pao2faxl35pt3Uh6okA1yWyfAn5rnegzsnF6W0at%2F6AYKeXP46vVn%2Fe%2BxvMlMhMiU%2FkQ4KeujO6oQtyeEMXlny3leUykXt0crebOc3F4ldXxG6hDd9Ys8N7b7KJMIH33xM236Qpl2nPkq9XJefCrGvDBPlhw94S8XVnt1edSV22ef2t9Y0kM8JaqdMxqKwIeXQKJivy7PdH0yf50mcFpBnDuBKJOyWzgtQnYNk%2BbDbPb%2FUijJp74sxD4cqRCeP5TyUJlJhzGpew%2F%2BHxHB%2FYO%2BiZV0Dz20iTEn1Toq9KUDWEdYujPDOnl39tTAux8kaxMt5hrIz64ulyrTyrtRoNn0adlaDVoqIVN8N2Nwo4pWEzCqOINpDbil0kH%2F4DAAD%2F%2FwEAAP%2F%2FCDjXol0EAAA%3D
IP 209.192.156.116:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRidTYKExAlUDkUC%2BQgScnbXztqmh4oQgqKmTWlB5QTMzoydIbM7q5kdr5NTRAXq0fyDzXPSUKgQSFwpyKnoIRJSlwPKgfwDDgipJw7IroXhk1bfe%2Fve4X3fN58fuHPiw9Gztat6TypFl1fqfu3VD4LgUm1Tpm5QG7Sjj6LmpZrpv9GJ6v5rtXcE29HLoR%2F4fuAHtXVpRFcPliciZHa%2FE9Q7fr0Z1oOVJgbm%2F9w6D5Z64P1z8gIkr5Yeehcg2Rhp8u2asDu5zl5%2FO3GK5tqgz4%2FfT3dSXaRI5rBrPHTT45kb2j5efwCdHk3jQvf%2FNcayIt6jB4jT41lIxP3Dac5YQaSI%2BXMo%2BmMINYakYzB9G5I%2FJgDjuLaFNLl7TZuC7j5V6UStyNKTvyCLiiz9fgFp8s2qkoPaTa1cLnVqMeiWkIMxZG%2BMzJ0g31uALE7A8k8h%2BS9k%2Bckm0uRwyyoNycvp7FKOIbtjKDEEtR7c5JMeXNeDyzwk%2FKzGgiBo%2BZxRv91hrMFbIo64H9BWN6CBH7Xh2CTeEHk2BFNDMLOPzOxjRw5h3E%2Bw2yUs92Dzinjv7qPPSxSCoLAEBSUoJEGRExT98ogrG9ryLlfWxcGsh7PeKEc67x3QI533REoOsnPy%2FGQv3jO%2FrWFHnNWC9koz5JHfCQTvtHnYYSs0ZqIdhY1GO2YhrCwh7cJ01D1ZkaXtH5HJiixc%2BRkxPYFVJ2DyRVD3MmgxaoU%2B6Pao2faxl35pt3Uh6okA1yWyfAn5rnegzsnF6W0at%2F6AYKeXP46vVn%2Fe%2BxvMlMhMiU%2FkQ4KeujO6oQtyeEMXlny3leUykXt0crebOc3F4ldXxG6hDd9Ys8N7b7KJMIH33xM236Qpl2nPkq9XJefCrGvDBPlhw94S8XVnt1edSV22ef2t9Y0kM8JaqdMxqKwIeXQKJivy7PdH0yf50mcFpBnDuBKJOyWzgtQnYNk%2BbDbPb%2FUijJp74sxD4cqRCeP5TyUJlJhzGpew%2F%2BHxHB%2FYO%2BiZV0Dz20iTEn1Toq9KUDWEdYujPDOnl39tTAux8kaxMt5hrIz64ulyrTyrtRoNn0adlaDVoqIVN8N2Nwo4pWEzCqOINpDbil0kH%2F4DAAD%2F%2FwEAAP%2F%2FCDjXol0EAAA%3D HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: u_pl=17160004; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec18542d6091ed98d29c5abce862338bc2=[3364845]
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2603df72493f6796ae41cc4d0c318de
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d510006684c41cbdf97ea19087d5d77f
175e3a9e1727d7841003b6c6c228ba2e79d41124
d30f31a4fd293a2bf326f667d47745533d99a6088849033b9086578b3541f741
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20050
Expires: Thu, 08 Sep 2022 02:08:48 GMT
Date: Wed, 07 Sep 2022 20:34:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d510006684c41cbdf97ea19087d5d77f
175e3a9e1727d7841003b6c6c228ba2e79d41124
d30f31a4fd293a2bf326f667d47745533d99a6088849033b9086578b3541f741
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20050
Expires: Thu, 08 Sep 2022 02:08:48 GMT
Date: Wed, 07 Sep 2022 20:34:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d510006684c41cbdf97ea19087d5d77f
175e3a9e1727d7841003b6c6c228ba2e79d41124
d30f31a4fd293a2bf326f667d47745533d99a6088849033b9086578b3541f741
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20050
Expires: Thu, 08 Sep 2022 02:08:48 GMT
Date: Wed, 07 Sep 2022 20:34:38 GMT
Connection: keep-alive
static.arc.io/widget/js/widget-sc-client.js?197dbd2e
194.242.11.186200 OK 75 kB URL HTTP/2 static.arc.io/widget/js/widget-sc-client.js?197dbd2e
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (3151), with no line terminators
Hash 8b668146880878d52fea026a7e4a2af7
dbbe877728c969c50233a1d1e54d6e0093d4a5b4
361064db4cbf546705de3cafbd8249edcd51651a1ef2d85997fc27b6d160cf3e
GET /widget/js/widget-sc-client.js?197dbd2e HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-09-07T20:34:29.563Z%22%2C%22dismissedAt%22:null}
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"14884d9e881791d580471ec30f89f22a"
last-modified: Mon, 08 Aug 2022 22:09:02 GMT
x-amz-id-2: URaeHor7BKsSAtcnqISpEn6E3w+xeceiV+yk3tYl1MHAPfIYu6QUy/mqJlWlIX9KQaPnVYygXzU=
x-amz-request-id: ZEX3NT5QY6GPK09Y
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/09/2022 11:22:23
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bcc627c85737a07a7e78a4893f1e8006
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Findex.html&l=1394&fd=197
209.192.156.116200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Findex.html&l=1394&fd=197
IP 209.192.156.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Findex.html&l=1394&fd=197 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: u_pl=17160004; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec18542d6091ed98d29c5abce862338bc2=[3364845]
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
static.arc.io/widget/js/chunk-2d2088b3.js?69076442
194.242.11.186200 OK 2.3 kB URL HTTP/2 static.arc.io/widget/js/chunk-2d2088b3.js?69076442
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (3585), with no line terminators
Hash 793ae4bffece4d29437257782705102b
672a33f1abfb0429b5e6a4597ce0bf54fd3a65fe
64544d65fcee81e2d19057318232f595c46d07f471b8d8bf5fcf0aa841ba90ff
GET /widget/js/chunk-2d2088b3.js?69076442 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-09-07T20:34:29.563Z%22%2C%22dismissedAt%22:null}
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"749dcd6bbb05ad8beddd5723c55e4040"
last-modified: Wed, 07 Sep 2022 18:01:07 GMT
x-amz-id-2: 0NqnDuMQHQlVjlf6M4TBPi1Cm6ZZuW+qEhY6Z/yDUyWsCBWOSHdppp9yfWYHNz//K9AYOBOZFDo=
x-amz-request-id: G5SCSBBQT92SHVN8
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/07/2022 18:32:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 757d8c51e894fcd87344475530bce3d5
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
strn.pl/ipfs/QmVWFAxNhzo2iG4M9rQcck3xoXeRvnnXibomBcHHybee7e/377.json?clientId=7d5888dd-e688-4957-83dd-da8643d260bd
37.19.222.215200 OK 403 B URL HTTP/2 strn.pl/ipfs/QmVWFAxNhzo2iG4M9rQcck3xoXeRvnnXibomBcHHybee7e/377.json?clientId=7d5888dd-e688-4957-83dd-da8643d260bd
IP 37.19.222.215:0
ASN #60068 Datacamp Limited
File type JSON data\012- , ASCII text, with very long lines (403), with no line terminators
Hash 8e8dd5a09d60a9cc017ca70221565b52
8452dce8a1f86c034cd5ed903e454f191a802937
d47e640c51331fc5749596f85d45892b4656f364c03da2b62fd397d8c90ae012
GET /ipfs/QmVWFAxNhzo2iG4M9rQcck3xoXeRvnnXibomBcHHybee7e/377.json?clientId=7d5888dd-e688-4957-83dd-da8643d260bd HTTP/1.1
Host: strn.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: application/json; charset=utf-8
content-length: 403
cache-control: public, max-age=29030400, immutable
saturn-node-id: e44da331-851c-4786-b630-8e600f8ac2f3
saturn-node-version: 342_6a9edb9
etag: "QmRFDJkQNH1QiMSZwGAqoahdg2w1rU4k3hMYdmWs9sQeAg"
x-ipfs-path: /ipfs/QmVWFAxNhzo2iG4M9rQcck3xoXeRvnnXibomBcHHybee7e/377.json
x-ipfs-roots: QmVWFAxNhzo2iG4M9rQcck3xoXeRvnnXibomBcHHybee7e,QmRFDJkQNH1QiMSZwGAqoahdg2w1rU4k3hMYdmWs9sQeAg
x-ipfs-datasize: 403
saturn-cache-status: HIT
saturn-transfer-id: 94456845efa2e298cc61b1baad4cc566
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
static.arc.io/widget/js/chunk-2d0cf2b3.js?37d69e5f
194.242.11.186200 OK 352 kB URL HTTP/2 static.arc.io/widget/js/chunk-2d0cf2b3.js?37d69e5f
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (65536), with no line terminators
Size 352 kB (351639 bytes)
Hash 5322f1943e6b4f0d689a387c7f2cd161
704f9f5acaeb49989248938ebc83eccd01a7b807
0414606422e85aaf638baafc18b7a7e113811ba3c069f467f2eea8d62b259435
GET /widget/js/chunk-2d0cf2b3.js?37d69e5f HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-09-07T20:34:29.563Z%22%2C%22dismissedAt%22:null}
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"9fd6e6576e115b00478e1b557803d9ea"
last-modified: Fri, 22 Jul 2022 23:08:54 GMT
x-amz-id-2: H6T1qosnGin33armnEwIC5gd4vHy+jyiItdRAJ6xxSNVzBenVzfi+kECZvMngwTMJDMo3p8QTlg=
x-amz-request-id: 3VXAT6NGXFMNXMWF
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/25/2022 16:04:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a4b86e7af64137b37080b0b842aa2ff6
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fstyle.css&l=5560&fd=114
209.192.156.116200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fstyle.css&l=5560&fd=114
IP 209.192.156.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fcss%2Fstyle.css&l=5560&fd=114 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: u_pl=17160004; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec18542d6091ed98d29c5abce862338bc2=[3364845]
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 601d02860a32cd0667c2b4b6d5746e29
cd419b7dbf9f54edca0ceca468d14627d70f0764
18b245d8cf9427a2fab1793342ec08d8b1967083aad465785540d7f6bbc1af01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18B245D8CF9427A2FAB1793342EC08D8B1967083AAD465785540D7F6BBC1AF01"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10122
Expires: Wed, 07 Sep 2022 23:23:20 GMT
Date: Wed, 07 Sep 2022 20:34:38 GMT
Connection: keep-alive
warden.arc.io/mailbox/nodes/TCdMiarDBgZyB4Wt23ef4D
18.223.141.84204 No Content 0 B URL HTTP/2 warden.arc.io/mailbox/nodes/TCdMiarDBgZyB4Wt23ef4D
IP 18.223.141.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mailbox/nodes/TCdMiarDBgZyB4Wt23ef4D HTTP/1.1
Host: warden.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 284
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 20:34:38 GMT
access-control-allow-origin: *
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fjs%2Fscript.js&l=397&fd=118
209.192.156.116200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fjs%2Fscript.js&l=397&fd=118
IP 209.192.156.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fflip_icon_fullpage%2F16%2Fjs%2Fscript.js&l=397&fd=118 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: u_pl=17160004; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec18542d6091ed98d29c5abce862338bc2=[3364845]
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 89 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash b810bfb4b16196375a18a50c4ac7faa5
dc5ddb2361723144c1379739a66216f0890c62e4
426e692a9f9e698ab2b12e8a74a5879b7ade06ef7dce94868bf6cd49069204f3
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Connection: keep-alive
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 20:34:38 GMT
date: Wed, 07 Sep 2022 20:34:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arc.io/arc-sw-core.js
54.230.111.70200 OK 68 kB IP 54.230.111.70:0
File type ASCII text, with very long lines (22448)
Hash b62d64ef6acb7d9e69619926d12987fd
d17547ac81a5b9ec9d3cfaa7fbecd563233af351
e82a5776a21790a3b2855755cb37d2aea37274b04b5b4e4ee48c318e8127d7e2
GET /arc-sw-core.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 67725
last-modified: Sat, 31 Jul 2021 01:05:06 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 07 Sep 2022 20:24:41 GMT
cache-control: public, max-age=3600, must-revalidate
etag: "6104a1c2-1088d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kZ8z1yNMKJJBaL633SICX8TbYHiz170KcsOVBs7cfHWS8CLlZkoeMg==
age: 597
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:34:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unseenreport.com/pxf.gif?uuid=66ac26e0-d2ee-4050-ba52-d242fd03e747&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=18542d6091ed98d29c5abce862338bc2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=66ac26e0-d2ee-4050-ba52-d242fd03e747&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=18542d6091ed98d29c5abce862338bc2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=66ac26e0-d2ee-4050-ba52-d242fd03e747&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=18542d6091ed98d29c5abce862338bc2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97e12e041dacf0907b66ee9a6f1f3cf1
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=66ac26e0-d2ee-4050-ba52-d242fd03e747&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=953d4f4a90eeb0c93f8172c3df14f956&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=66ac26e0-d2ee-4050-ba52-d242fd03e747&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=953d4f4a90eeb0c93f8172c3df14f956&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=66ac26e0-d2ee-4050-ba52-d242fd03e747&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=953d4f4a90eeb0c93f8172c3df14f956&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 649420fd0fb750c3f8b6ed33016d0015
Strict-Transport-Security: max-age=0; includeSubdomains
reapinject.com/pixel/sbs?c=1
209.192.156.116200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbs?c=1
IP 209.192.156.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: u_pl=17160004; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec18542d6091ed98d29c5abce862338bc2=[3364845]
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
reapinject.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9L4kguFLqooIySwWZvDe%2Fxy6KMUZC06a2Sl2p99dMrrnv3ce9786bZBUsSpfjf%2FByJmmsFlFwa5VJsYuA0OdCsjD%2FgQsRunIhMw2OfvD4znnnLM73fffzfX9GQnh6unrV7Cqt6XKzGlZe%2FSCKLlU2VOKHlWGn9VGrcaliB290W9Xwtco7km%2Bb5VoYhWEURpU1ZWXPDJenIlR6vxtVu2G1UatGzQaG9v%2Fc%2BQCOBhCDM%2FIClCiXHgYXoPgESfztqnTbmUlffzv2mmbGYiCO3k%2B2E5MniOewZwP0kqNzN4x7vPYAJjmcxYUZ%2FGtkqiTBowdgydF5SLDBwSwn05AJmHgO%2BWACqSdQdAJubkOJxwTgAtc2kcR3rxmb052nKp2qJVl68hdUXpKl3y8gib9Z0WpYuWm0z5RJHIa9Amo4gepPkPpjZLsLUPkxePYplPiFLD%2FZQBIfbDptoEQxm12pCVRvAi1HoC6An34qgO8F8GmAWJxWeBRF7VBwGna6nNdFW7KWCCPa7kU0ClsdeD6NN0KWjsD1CNzuIbV72FYjWP8T3FYBJwK4rCTBu3sYiAK5JMgdQU4JckWQZwT5oDgU2tVccVdo51l03mvnvV6MTdbfp4cm68uE7Kdn5PnpXoJnflvFtjytRJ1moyZaYTeSotsRtS5vUsZlp1Wr1zuM1%2BBUAeUWZqPuqpIsbf2IVJVk4crPYPQYTh%2BDqxdB%2Fcug%2BbhdC0G3xo1OiN3kS7dlclmNJYQpkGZLyHaCfX1GLs5uU7%2F1ByQ%2Fufwxu1r%2Bee9vcFsgtQU%2BUQ8J%2BvrO%2BIbJycENkzvy3WaaqVjt0undbmY0k4tfXZE7ubFifdWN7r3Jp8IU3n9PumyDJkIlfUe%2BXlFCSLtmLJfkh3V3S7Lr3m2teJv4dOP6W2vrcWqlc8okE1BVEvLoBFyV5NnvD2dP8qXPcig7gfUFYn9CzgvKHIOne3DpPL8zi7B67mFpgNwXY1tj859aEWg555QVcP%2FhbI733R307Sug2W0kcYGBLTDQBagewfnFcZbak8u%2F1mcFpoMx0zY4YNrqL54u16nTSj0UbSZ7ss1ko9noSS5Ys8lC3uOsLjodjsyV%2FCL58B8AAAD%2F%2FwEAAP%2F%2FiOwCSl0EAAA%3D
209.192.156.116200 OK 7 B URL HTTP/1.1 reapinject.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9L4kguFLqooIySwWZvDe%2Fxy6KMUZC06a2Sl2p99dMrrnv3ce9786bZBUsSpfjf%2FByJmmsFlFwa5VJsYuA0OdCsjD%2FgQsRunIhMw2OfvD4znnnLM73fffzfX9GQnh6unrV7Cqt6XKzGlZe%2FSCKLlU2VOKHlWGn9VGrcaliB290W9Xwtco7km%2Bb5VoYhWEURpU1ZWXPDJenIlR6vxtVu2G1UatGzQaG9v%2Fc%2BQCOBhCDM%2FIClCiXHgYXoPgESfztqnTbmUlffzv2mmbGYiCO3k%2B2E5MniOewZwP0kqNzN4x7vPYAJjmcxYUZ%2FGtkqiTBowdgydF5SLDBwSwn05AJmHgO%2BWACqSdQdAJubkOJxwTgAtc2kcR3rxmb052nKp2qJVl68hdUXpKl3y8gib9Z0WpYuWm0z5RJHIa9Amo4gepPkPpjZLsLUPkxePYplPiFLD%2FZQBIfbDptoEQxm12pCVRvAi1HoC6An34qgO8F8GmAWJxWeBRF7VBwGna6nNdFW7KWCCPa7kU0ClsdeD6NN0KWjsD1CNzuIbV72FYjWP8T3FYBJwK4rCTBu3sYiAK5JMgdQU4JckWQZwT5oDgU2tVccVdo51l03mvnvV6MTdbfp4cm68uE7Kdn5PnpXoJnflvFtjytRJ1moyZaYTeSotsRtS5vUsZlp1Wr1zuM1%2BBUAeUWZqPuqpIsbf2IVJVk4crPYPQYTh%2BDqxdB%2Fcug%2BbhdC0G3xo1OiN3kS7dlclmNJYQpkGZLyHaCfX1GLs5uU7%2F1ByQ%2Fufwxu1r%2Bee9vcFsgtQU%2BUQ8J%2BvrO%2BIbJycENkzvy3WaaqVjt0undbmY0k4tfXZE7ubFifdWN7r3Jp8IU3n9PumyDJkIlfUe%2BXlFCSLtmLJfkh3V3S7Lr3m2teJv4dOP6W2vrcWqlc8okE1BVEvLoBFyV5NnvD2dP8qXPcig7gfUFYn9CzgvKHIOne3DpPL8zi7B67mFpgNwXY1tj859aEWg555QVcP%2FhbI733R307Sug2W0kcYGBLTDQBagewfnFcZbak8u%2F1mcFpoMx0zY4YNrqL54u16nTSj0UbSZ7ss1ko9noSS5Ys8lC3uOsLjodjsyV%2FCL58B8AAAD%2F%2FwEAAP%2F%2FiOwCSl0EAAA%3D
IP 209.192.156.116:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9L4kguFLqooIySwWZvDe%2Fxy6KMUZC06a2Sl2p99dMrrnv3ce9786bZBUsSpfjf%2FByJmmsFlFwa5VJsYuA0OdCsjD%2FgQsRunIhMw2OfvD4znnnLM73fffzfX9GQnh6unrV7Cqt6XKzGlZe%2FSCKLlU2VOKHlWGn9VGrcaliB290W9Xwtco7km%2Bb5VoYhWEURpU1ZWXPDJenIlR6vxtVu2G1UatGzQaG9v%2Fc%2BQCOBhCDM%2FIClCiXHgYXoPgESfztqnTbmUlffzv2mmbGYiCO3k%2B2E5MniOewZwP0kqNzN4x7vPYAJjmcxYUZ%2FGtkqiTBowdgydF5SLDBwSwn05AJmHgO%2BWACqSdQdAJubkOJxwTgAtc2kcR3rxmb052nKp2qJVl68hdUXpKl3y8gib9Z0WpYuWm0z5RJHIa9Amo4gepPkPpjZLsLUPkxePYplPiFLD%2FZQBIfbDptoEQxm12pCVRvAi1HoC6An34qgO8F8GmAWJxWeBRF7VBwGna6nNdFW7KWCCPa7kU0ClsdeD6NN0KWjsD1CNzuIbV72FYjWP8T3FYBJwK4rCTBu3sYiAK5JMgdQU4JckWQZwT5oDgU2tVccVdo51l03mvnvV6MTdbfp4cm68uE7Kdn5PnpXoJnflvFtjytRJ1moyZaYTeSotsRtS5vUsZlp1Wr1zuM1%2BBUAeUWZqPuqpIsbf2IVJVk4crPYPQYTh%2BDqxdB%2Fcug%2BbhdC0G3xo1OiN3kS7dlclmNJYQpkGZLyHaCfX1GLs5uU7%2F1ByQ%2Fufwxu1r%2Bee9vcFsgtQU%2BUQ8J%2BvrO%2BIbJycENkzvy3WaaqVjt0undbmY0k4tfXZE7ubFifdWN7r3Jp8IU3n9PumyDJkIlfUe%2BXlFCSLtmLJfkh3V3S7Lr3m2teJv4dOP6W2vrcWqlc8okE1BVEvLoBFyV5NnvD2dP8qXPcig7gfUFYn9CzgvKHIOne3DpPL8zi7B67mFpgNwXY1tj859aEWg555QVcP%2FhbI733R307Sug2W0kcYGBLTDQBagewfnFcZbak8u%2F1mcFpoMx0zY4YNrqL54u16nTSj0UbSZ7ss1ko9noSS5Ys8lC3uOsLjodjsyV%2FCL58B8AAAD%2F%2FwEAAP%2F%2FiOwCSl0EAAA%3D HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: u_pl=17160004; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec18542d6091ed98d29c5abce862338bc2=[3364845]
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 20:34:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 580480942e30dc0b70012d9c38737a06
Strict-Transport-Security: max-age=0; includeSubdomains
static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
194.242.11.186200 OK 16 kB URL HTTP/2 static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (34291)
Hash d523f2af73c2383c60f08ffd6c7d5896
080c6625fd117dfbc8cf73a857e379ca13ff29cc
85b7b429689c2b281aecfc03c59ee3d71698f170e828b77252a02c6528808012
GET /widget/js/vendors~widget-sc-client.js?35fccb86 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-09-07T20:34:29.563Z%22%2C%22dismissedAt%22:null}
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"fa12476f8ee3c92b8369e0c9d3b915f9"
last-modified: Fri, 22 Jul 2022 23:08:54 GMT
x-amz-id-2: gO56M4SIXfLCyIfgDnIkEYznO/aSxbiWzPzBnkEFGYql1RoX90Evh/ZoIMm/6C+bN1XQIlxZGrE=
x-amz-request-id: HMFZR25VHVX61V98
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/25/2022 16:03:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: af815fdc71109f6516079caa767e5661
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
strn.pl/ipfs/QmUT8dzrsw7iwyhreVrwoeuzGv2NSncNmuckeB63tH14Qj?clientId=7d5888dd-e688-4957-83dd-da8643d260bd
37.19.222.215200 OK 8.3 MB URL HTTP/2 strn.pl/ipfs/QmUT8dzrsw7iwyhreVrwoeuzGv2NSncNmuckeB63tH14Qj?clientId=7d5888dd-e688-4957-83dd-da8643d260bd
IP 37.19.222.215:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=4280, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2408], baseline, precision 8, 2408x3588, components 3\012- data
Size 8.3 MB (8255624 bytes)
Hash f13210f6aea917a53ef7c07d168ac0b5
bcd12a6d2e9703a6f1075a147e1213173018dde6
078b8ec5f3b96e07741b0ee2fef607c9ef0dcb7226a5f43dc060dcf5caa32f7b
GET /ipfs/QmUT8dzrsw7iwyhreVrwoeuzGv2NSncNmuckeB63tH14Qj?clientId=7d5888dd-e688-4957-83dd-da8643d260bd HTTP/1.1
Host: strn.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 20:34:39 GMT
content-type: image/jpeg
content-length: 8255624
cache-control: public, max-age=29030400, immutable
saturn-node-id: e44da331-851c-4786-b630-8e600f8ac2f3
saturn-node-version: 342_6a9edb9
etag: "QmUT8dzrsw7iwyhreVrwoeuzGv2NSncNmuckeB63tH14Qj"
x-ipfs-path: /ipfs/QmUT8dzrsw7iwyhreVrwoeuzGv2NSncNmuckeB63tH14Qj
x-ipfs-roots: QmUT8dzrsw7iwyhreVrwoeuzGv2NSncNmuckeB63tH14Qj
x-ipfs-datasize: 8255624
saturn-cache-status: HIT
saturn-transfer-id: cf1d55f8497da116c2d3d4fbf2d2f885
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
static.arc.io/widget/js/core.js?62de60f
194.242.11.186200 OK 106 kB URL HTTP/2 static.arc.io/widget/js/core.js?62de60f
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Size 106 kB (105811 bytes)
Hash c398fbc0a13222e8d21b2f0440174cb9
47b186a0895f0219464c5bf0e9fbab7986937891
70f20412687f93d36634538d9881134a1d714bb07305871653576f0a213d47b1
GET /widget/js/core.js?62de60f HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"221fea69c747706b7c477846921a5dac"
last-modified: Wed, 07 Sep 2022 18:01:07 GMT
x-amz-id-2: 4UCGz3OJT0wrXRCfVgAJ2kEWv05mhCVHZdN6LM9Iew1itSYwIurHv+JtDa6C1USS1rT0903LxTw=
x-amz-request-id: A3FM3PB0Z2KGKXK4
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/07/2022 18:32:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bb73c02ca67c4b4495b468736763b49c
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws/
52.33.242.31200 OK 0 B URL HTTP/1.1 afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws/
IP 52.33.242.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 961
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:34:41 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
x-amzn-RequestId: a20d87a1-c7d5-4df6-aa26-9facdc2e5ce1
Access-Control-Allow-Origin: https://c1ne.co
Vary: Origin
X-Amzn-Trace-Id: root=1-63190061-42b2c2eb7e34436611a7e54a;sampled=0
Access-Control-Allow-Credentials: true
warden.arc.io/mailbox/statusReport
18.223.141.84204 No Content 0 B URL HTTP/2 warden.arc.io/mailbox/statusReport
IP 18.223.141.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mailbox/statusReport HTTP/1.1
Host: warden.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 946
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 20:34:42 GMT
access-control-allow-origin: *
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
c1ne.co/perfumed-nightmare-1977/
104.21.235.213200 OK 0 B URL HTTP/2 c1ne.co/perfumed-nightmare-1977/
IP 104.21.235.213:0
GET /perfumed-nightmare-1977/ HTTP/1.1
Host: c1ne.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:35 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://c1ne.co/wp-json/>; rel="https://api.w.org/", <https://c1ne.co/wp-json/wp/v2/posts/81758>; rel="alternate"; type="application/json"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-litespeed-cache: hit
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SKV997GbLDhFb4GDTOLWNVhyl2nWUwywc3KUFGEm0rLF8ZrFHFQm8FOw66wUwYLvjHgG%2F0S8egiOXmHsR0%2FVuKxmDIPI%2BFYhYCIiF72zfYhpiO4VLC8qFGd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747239d97ae272a0-LHR
content-encoding: br
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html
172.67.74.218200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html
IP 172.67.74.218:0
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: text/html
last-modified: Thu, 10 Feb 2022 09:30:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 109712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VqePhdo1hB2cXE5UT%2BzL9JsCdPf4zcUz7EPTevnSA42jWOPUuEOUT0UPPBY0U1JQg%2Bzmii7VCp3JUexBigZ%2FRa2oqMQ35nVtI6R6cgiLKpHVSlh49Iw6hPiwCXZBETjQgD5wXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747239ed5e7db515-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.arc.io/broker/js/broker.b281d075.js
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/broker/js/broker.b281d075.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /broker/js/broker.b281d075.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"8c5f6da1d62d33cc4c32a8ce63be2bf6"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 15mXd8XH2lx2CE03B29NPUH0DZY/LOqIKeKzeLqmQNgXs1snFjVDp9XICA09Vhudm/HuQ+kRbm0=
x-amz-request-id: 1BTZ9YPB4J9E9E0X
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/14/2022 14:32:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3906cf4d744acea12fb7c8fa83fbba23
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css
172.67.183.56200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css
IP 172.67.183.56:0
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 09:30:57 GMT
etag: W/"6204db51-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 109711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SspkKqeyHcCHUenkVeS%2BesOXBDhGX1dxL20g5GwfUmip1th38za7nXZX466KmQSHe669qGJQPdXvsOsIUvUtY3kNC7LiSTYWx950mHfFbfk%2FSqD7nJiPnOUbaeAM8HBtIz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747239ee3b56b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=6.0.2
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=6.0.2
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css?ver=6.0.2 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:35 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/12/2022 14:32:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: ec1206c2a47aeda2610124b4ef59cfba
cdn-cache: HIT
cf-cache-status: HIT
age: 808235
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 747239dbaef90b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.panji.me/umami.js
88.198.66.217200 OK 0 B IP 88.198.66.217:0
ASN #24940 Hetzner Online GmbH
GET /umami.js HTTP/1.1
Host: stats.panji.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-security-policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
content-type: application/javascript; charset=UTF-8
date: Wed, 07 Sep 2022 20:34:35 GMT
etag: W/"a99-1828eb7f220"
last-modified: Thu, 11 Aug 2022 21:03:16 GMT
server: Caddy
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
static.arc.io/broker/js/chunk-vendors.5e1d8045.js
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/broker/js/chunk-vendors.5e1d8045.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /broker/js/chunk-vendors.5e1d8045.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: Lg09pm0SMLA2gDpgvbsYLOJ6t8VM7iye6bHwugpdkzqKL5tqPfuDc6xQsPbM2BumjX36g9SpKpc=
x-amz-request-id: K2YYHZ7GZXR992N5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 06/29/2022 22:31:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 74ab8eaad600ca4d39cd32eb3c14d7dc
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
gateway.arc.io/cdnConfig/mb7VPPwa
194.242.11.186200 OK 0 B URL HTTP/2 gateway.arc.io/cdnConfig/mb7VPPwa
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /cdnConfig/mb7VPPwa HTTP/1.1
Host: gateway.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c1ne.co/
Origin: https://c1ne.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 786568
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=1800, stale-while-revalidate=604800
etag: W/"b6-9Vp+KuMOgBcRdOzwmeXYC4CkXfM"
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/07/2022 19:52:03
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7e922715cea460e3de09e7d0a5a42a70
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css
172.67.183.56200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css
IP 172.67.183.56:0
GET /sb/interstitial/utility/default/blog/flip_icon_fullpage/16/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c1ne.co
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://c1ne.co/
Connection: keep-alive
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:38 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 09:30:56 GMT
etag: W/"6204db50-15b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 109711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKYPfj8T0rXZBs9CZhvote0d4Eb%2FTZ%2FStFNJQkRg2oRq2RUn4OHxQf5BWb5CZ1jsRQZZA76VH%2F%2BZjE11wqe8kwXMgF%2FVV%2Bhf%2FdtcIw1SPtwBqPdChPOAkDDP2PAhxizBiso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747239ee3b5ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.arc.io/broker/js/lazy-modules.a169b1ec.js
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/broker/js/lazy-modules.a169b1ec.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /broker/js/lazy-modules.a169b1ec.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 1HPOvli1UWDpUZXFWu6CwdlYyQUcdV4wPGgPy4nfB7B6fDlC7Q604ob7CUR3XzVeynp2AAE8mww=
x-amz-request-id: ST1DTDBD2C8CBP39
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2022 07:43:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 009beb39de62810fe233faaad5f52470
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.arc.io/widget/js/widget-ui.js?784632c0
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/js/widget-ui.js?784632c0
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/js/widget-ui.js?784632c0 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1ne.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 20:34:36 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"7b9dc001ae1d02594045f630c0c9760a"
last-modified: Thu, 01 Sep 2022 19:21:28 GMT
x-amz-id-2: sso+CjRy526e+aJLRNdKq8RjhZ6KoGwR6Y604T67KYRlvAXyQ4xEXLctgzgvzzy4W5PmUrRFebM=
x-amz-request-id: 0RKQT4A1JEK82HB5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/01/2022 19:27:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 380755eca811863df7ba5b3202e09b8d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2