Report - 31.groovinews.com/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=0&mrc=2&fsc=0&zoneid=1912302&tburl=lkcupid.com/dszkZs

Report Overview

Submitted URL
31.groovinews.com/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=0&mrc=2&fsc=0&zoneid=1912302&tburl=lkcupid.com/dszkZs
IP
45.133.44.21
ASN
#39572 DataWeb Global Group B.V.
Submitted
2023-02-03 18:32:50
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
0821.groovinews.com	unknown			622 B	5.1 kB	45.133.44.20
lkcupid.com	unknown	2017-04-20T23:47:06Z	2023-03-08T13:01:22Z	469 B	953 B	5.63.153.25
datingszone.life	unknown	2022-07-18T14:21:45Z	2023-01-17T03:16:48Z	5.2 kB	475 kB	116.202.1.47
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	956 B	48 kB	142.250.74.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
2818.selornews.com	639044	2021-07-07T23:09:34Z	2023-03-13T08:27:46Z	1.6 kB	60 kB	45.133.44.20
31.groovinews.com	unknown			488 B	5.2 kB	45.133.44.21
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	3.7 kB	11 kB	172.64.155.188
321.selornews.com	931933	2021-07-07T23:09:34Z	2023-03-13T08:27:46Z	14 kB	120 kB	45.133.44.20
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.7 kB	3.5 kB	142.250.74.163
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.227.105.139
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	70 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	531 B	630 B	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-03 18:33:12	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-02-03 18:33:12	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	lkcupid.com/dszkZs	Phishing
2023-02-03	medium	datingszone.life/media/exit-new/exit1.js	Phishing
2023-02-03	medium	datingszone.life/cookie/js.cookie.js	Phishing
2023-02-03	medium	datingszone.life/util/utils.js	Phishing
2023-02-03	medium	datingszone.life/media/bb.js	Phishing
2023-02-03	medium	datingszone.life/media/dating/toon2/js/jquery-2.2.4.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	lkcupid.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	datingszone.life/media/bb.js	639 B	2023-03-07	2024-04-24
Pretty URL datingszone.life/media/bb.js IP 116.202.1.47 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-24 11:45:44 Times Seen13485 Hash 0d553e4bac91c74bfee2dbabba61e99e 5af71e2377c9c012a7826a695f2724901941b19b 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68 Loading...

	31.groovinews.com/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=0&mrc=2&fsc=0&zoneid=1912302&tburl=https://lkcupid.com/dszkZs	140 B	2023-03-07	2023-04-05
Pretty URL 31.groovinews.com/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=0&mrc=2&fsc=0&zoneid=1912302&tburl=https://lkcupid.com/dszkZs IP 45.133.44.21 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:24 Last Seen2023-04-05 02:09:06 Times Seen26 Hash d5247a46d4b777cbdcd2b91d90b89d43 bf30f153f4ff2ad88dfc01edf9c11d164c85ac37 cce915a5cb317f8728c3ba508110aa72ddfc8f0104ba0507696515937b6ed5a4 Loading...

	2818.selornews.com/script.js?slug=common-adult-player	6.4 kB	2023-03-13	2023-03-14
Pretty URL 2818.selornews.com/script.js?slug=common-adult-player IP 45.133.44.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:00:25 Last Seen2023-03-14 08:25:24 Times Seen1 Hash 2b06cef4d3a63f6b060b2f0f477b3831 9b762b7f3cc5477cf5c966cef720e5a903c1529f cf8e60e8a37c4d4d84e8d7d03555f3ed9fede6ecd4218271a881241f313c873b Loading...

	datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1	467 B	2023-03-13	2023-03-13
Pretty URL datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1 IP 116.202.1.47 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:00:25 Last Seen2023-03-13 16:00:25 Times Seen1 Hash b465f3a789fe7d24e6f93162feb0f119 ac71f470d53580d079ad87e8013954b35a04323a 259748f5a859a71c27066590f60e07dd30097719cd0d9df470482819012eb099 Loading...

	datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1	311 B	2023-03-07	2023-12-04
Pretty URL datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1 IP 116.202.1.47 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:35:36 Last Seen2023-12-04 22:58:34 Times Seen256 Hash 35bd4aa2b5c5961688fa9add64b0d579 181145d4e43eb12d4e23adb29c5649c602a7902c cb2b611dccd8aefaa4e0645fb6e75d5585c34ddffbdaceb66828389357b9e571 Loading...

	datingszone.life/media/exit-new/exit1.js	3.5 kB	2023-03-07	2024-04-24
Pretty URL datingszone.life/media/exit-new/exit1.js IP 116.202.1.47 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-24 11:45:44 Times Seen13158 Hash 625e5e2950612f771e246beb33c9ea61 e4fc251c6c000496c285f8dc3fa097040b031681 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46 Loading...

	datingszone.life/util/utils.js	7.5 kB	2023-03-07	2024-04-24
Pretty URL datingszone.life/util/utils.js IP 116.202.1.47 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-24 11:45:44 Times Seen20592 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	datingszone.life/cookie/js.cookie.js	4.3 kB	2023-03-07	2024-04-24
Pretty URL datingszone.life/cookie/js.cookie.js IP 116.202.1.47 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-24 11:39:18 Times Seen7555 Hash a7e9883924072f15259de6888d5ef515 7f4f6e5938e68f55aef81e0cd0145f008cd28382 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c Loading...

	datingszone.life/media/dating/toon2/js/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-04-24
Pretty URL datingszone.life/media/dating/toon2/js/jquery-2.2.4.min.js IP 116.202.1.47 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 13:00:36 Times Seen383356 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

HTTP Transactions (90)

URL IP Response Size

31.groovinews.com/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=0&mrc=2&fsc=0&zoneid=1912302&tburl=https://lkcupid.com/dszkZs

45.133.44.21

200 OK

4.3 kB

URL HTTP/1.1
31.groovinews.com/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=0&mrc=2&fsc=0&zoneid=1912302&tburl=https://lkcupid.com/dszkZs
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
4.3 kB (4256 bytes)
Hash
ec8ade6e16e7f72f2ef4c1e4df97d8e5
f503808072a96f59944d1bd6b9d2ec67561057e6
dc391410e12fd14b262beb4436338bc988df29983960e40a71b23c62b09fc372

HTTP Headers

GET /common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=0&mrc=2&fsc=0&zoneid=1912302&tburl=https://lkcupid.com/dszkZs HTTP/1.1
Host: 31.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4256
Connection: keep-alive
Server: nginx/1.22.0
Cache-Control: max-age=172800
Etag: ec8ade6e16e7f72f2ef4c1e4df97d8e5
Last-Modified: Wed, 22 Dec 2021 15:19:04 GMT
X-Timestamp: 1640186343.78856
X-Trans-Id: tx98699a6b7eaa44cb91699-0063a457ca
X-Openstack-Request-Id: tx98699a6b7eaa44cb91699-0063a457ca
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
Access-Control-Expose-Headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
Expires: Sun, 05 Feb 2023 18:32:38 GMT
Vary: Accept-Encoding
X-Proxy-Cache: HIT
Accept-Ranges: bytes

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18196
Expires: Fri, 03 Feb 2023 23:35:55 GMT
Date: Fri, 03 Feb 2023 18:32:39 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20706
Expires: Sat, 04 Feb 2023 00:17:45 GMT
Date: Fri, 03 Feb 2023 18:32:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 17:36:11 GMT
content-type: application/json
age: 3388
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15565
Expires: Fri, 03 Feb 2023 22:52:04 GMT
Date: Fri, 03 Feb 2023 18:32:39 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DYrTDqfX/msHzgfILjMxLeKYPlkICh41MjUtkLRM7xprnkhlhpOwBrJgqaNw7ffujRehls8j3Js=
x-amz-request-id: 8PJF7PV3W9Y2EHRC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 17:52:30 GMT
age: 2409
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d401eac5a1bfa-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d401ebb3cb515-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d401edd1f1c0a-OSL

321.selornews.com/dannig/common-adult-player/img/player-ui-l.png

45.133.44.20

200 OK

663 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/player-ui-l.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 144 x 100, 8-bit gray+alpha, non-interlaced\012- data
Size
663 B (663 bytes)
Hash
5159265d4e4ecc1bfa2e8b028fc0534d
443e7f825760d81906a5c1a4ca660e0385b435fe
46a01582282a1e9326a84e445ba3da470e059b5d091d326e45271b698d6d62a1

HTTP Headers

GET /dannig/common-adult-player/img/player-ui-l.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/png
content-length: 663
server: nginx/1.22.0
etag: 5159265d4e4ecc1bfa2e8b028fc0534d
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.13124
x-trans-id: txad3525ab6af343da841b6-0063a457cf
x-openstack-request-id: txad3525ab6af343da841b6-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/views.png

45.133.44.20

200 OK

461 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/views.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 32 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
461 B (461 bytes)
Hash
0ad8de150ced2f4ab8828c02c23ab95c
b7620db8dc0ef0075c79de9c0f3409d292413b80
efb233df0a528dd04d7b9725ad679738f043478ced654fe0e9a9b59b205d447b

HTTP Headers

GET /dannig/common-adult-player/img/views.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/png
content-length: 461
server: nginx/1.22.0
etag: 0ad8de150ced2f4ab8828c02c23ab95c
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.98953
x-trans-id: tx273bbf170265463eb2b6f-0063a457cf
x-openstack-request-id: tx273bbf170265463eb2b6f-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

2818.selornews.com/script.js?slug=common-adult-player

45.133.44.20

200 OK

6.4 kB

URL HTTP/2
2818.selornews.com/script.js?slug=common-adult-player
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
C source, ASCII text, with very long lines (349)
Size
6.4 kB (6400 bytes)
Hash
2b06cef4d3a63f6b060b2f0f477b3831
9b762b7f3cc5477cf5c966cef720e5a903c1529f
cf8e60e8a37c4d4d84e8d7d03555f3ed9fede6ecd4218271a881241f313c873b

HTTP Headers

GET /script.js?slug=common-adult-player HTTP/1.1
Host: 2818.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 6400
server: nginx/1.22.1
cache-control: max-age=172800
etag: 2b06cef4d3a63f6b060b2f0f477b3831
last-modified: Fri, 03 Feb 2023 17:01:30 GMT
x-timestamp: 1675443689.24582
x-trans-id: tx13a7811209f04fad8e01d-0063dd3e19
x-openstack-request-id: tx13a7811209f04fad8e01d-0063dd3e19
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/player-ui-r.png

45.133.44.20

200 OK

1.1 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/player-ui-r.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 226 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1118 bytes)
Hash
74174fa53d52a184fa0a586f988f0d94
6fc2f64667c7cfabd7ae7a2409d20de7a501d9a3
4e0fbe743a42b8a641daec0745e3a80e22ed9df424b7e0e0c852ba27b9b409d3

HTTP Headers

GET /dannig/common-adult-player/img/player-ui-r.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/png
content-length: 1118
server: nginx/1.22.0
etag: 74174fa53d52a184fa0a586f988f0d94
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.19318
x-trans-id: tx33d9d9f91a314c64b2fc9-0063a457cf
x-openstack-request-id: tx33d9d9f91a314c64b2fc9-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/pics-1.jpg

45.133.44.20

200 OK

9.4 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/pics-1.jpg
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data\012- data
Size
9.4 kB (9415 bytes)
Hash
0fdbe8ac7fda89d3ed4d0845d4f86384
b14ff199e53771631d302442b22ecdd1867c88e4
733eb3487f5a82cdb71eda01d36247bf57ad107ee3be967d6561fa7f2f78664e

HTTP Headers

GET /dannig/common-adult-player/img/pics-1.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/jpeg
content-length: 9415
server: nginx/1.22.0
etag: 0fdbe8ac7fda89d3ed4d0845d4f86384
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.61753
x-trans-id: tx0e602b2d4dce4c06afadd-0063a457cf
x-openstack-request-id: tx0e602b2d4dce4c06afadd-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/stars.png

45.133.44.20

200 OK

589 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/stars.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 169 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
589 B (589 bytes)
Hash
586e70ae8cf2f823dc7876917d90be92
33d61043ae53a9377ad37bfd5b84c73f770c4105
894bcd381abf4e10bbbe8802a7c52396d8b6b73cdf9d2837caf8f6a0d7aea707

HTTP Headers

GET /dannig/common-adult-player/img/stars.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/png
content-length: 589
server: nginx/1.22.0
etag: 586e70ae8cf2f823dc7876917d90be92
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.28164
x-trans-id: txd7818eaca93d496495344-0063a457d0
x-openstack-request-id: txd7818eaca93d496495344-0063a457d0
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/pics-3.jpg

45.133.44.20

200 OK

9.2 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/pics-3.jpg
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data\012- data
Size
9.2 kB (9158 bytes)
Hash
5f69e27fa1a7f979ca9e375da09d24dc
22699243d1b2bb1da09e8db42cb4f7cdccb71820
d775a68996acfd4e425c30b5ecb82549361b9f18fadea8509c312b4f420d3634

HTTP Headers

GET /dannig/common-adult-player/img/pics-3.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/jpeg
content-length: 9158
server: nginx/1.22.0
etag: 5f69e27fa1a7f979ca9e375da09d24dc
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.34062
x-trans-id: tx0f9ba977223c4caea7ccd-0063a457cf
x-openstack-request-id: tx0f9ba977223c4caea7ccd-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

2818.selornews.com/common-adult-player/css/style.css

45.133.44.20

200 OK

22 kB

URL HTTP/2
2818.selornews.com/common-adult-player/css/style.css
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (2400)
Size
22 kB (21671 bytes)
Hash
526b5851d4063923ccfbe471143f0932
2b9f3bc80dd94e6d68d642bf68a5cc0d39085b9e
6ac4c4456c0595d52dfd20d83cd869c60dd1eeeead30b078f65d7d2dc1f33f4c

HTTP Headers

GET /common-adult-player/css/style.css HTTP/1.1
Host: 2818.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: text/css
content-length: 21671
server: nginx/1.22.0
etag: 526b5851d4063923ccfbe471143f0932
last-modified: Thu, 22 Jul 2021 14:54:56 GMT
x-timestamp: 1626965695.66426
x-trans-id: tx9a75eda1e48c45e58cc2e-0063a457d2
x-openstack-request-id: tx9a75eda1e48c45e58cc2e-0063a457d2
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/pics-2.jpg

45.133.44.20

200 OK

6.0 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/pics-2.jpg
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data\012- data
Size
6.0 kB (5972 bytes)
Hash
7ca024e2ee360dee3a5ed409d8694295
55ac5fb299e34092ec8323e8f32cba0f33fd4105
0e6b67b963746ceeb4785fe5041806aca4d98a6fce7a2585240d25e32b5fe999

HTTP Headers

GET /dannig/common-adult-player/img/pics-2.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/jpeg
content-length: 5972
server: nginx/1.22.0
etag: 7ca024e2ee360dee3a5ed409d8694295
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.64221
x-trans-id: tx5c314ff3b9e446879a638-0063a457d0
x-openstack-request-id: tx5c314ff3b9e446879a638-0063a457d0
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/logo.png

45.133.44.20

200 OK

7.2 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/logo.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 298 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7171 bytes)
Hash
9fa0c2649b56a64bf24ec059fd49b982
802c9d794cc845927439ce8a3077975199015ebb
a513d2e457125cd443461746199793cd61f2e4511a9acfcda504f70b5000c774

HTTP Headers

GET /dannig/common-adult-player/img/logo.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/png
content-length: 7171
server: nginx/1.22.0
etag: 9fa0c2649b56a64bf24ec059fd49b982
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.58541
x-trans-id: txcdc5f7ed98bf40aea4dd0-0063a457cf
x-openstack-request-id: txcdc5f7ed98bf40aea4dd0-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d401ebb1bb4fd-OSL

321.selornews.com/dannig/common-adult-player/img/pics-4.jpg

45.133.44.20

200 OK

9.7 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/pics-4.jpg
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data\012- data
Size
9.7 kB (9707 bytes)
Hash
bb74abbad9688a711d5c26b38a9836e3
8bec5939654c02d7b800c66547e1aa778c2d438c
3fb9e79f5a0a5fe0f0d466b9d715562c6abeed5b2b32dc4b9673b80494137dbe

HTTP Headers

GET /dannig/common-adult-player/img/pics-4.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/jpeg
content-length: 9707
server: nginx/1.22.0
etag: bb74abbad9688a711d5c26b38a9836e3
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.12202
x-trans-id: txcd31c6c611654081abb36-0063a457d0
x-openstack-request-id: txcd31c6c611654081abb36-0063a457d0
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/burger.png

45.133.44.20

200 OK

295 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/burger.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Size
295 B (295 bytes)
Hash
fdea660170d6a7330b24d167c2c3d1d6
c95db01c09abcd2c3b3375ea2baa1443d1473af0
415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8

HTTP Headers

GET /dannig/common-adult-player/img/burger.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/png
content-length: 295
server: nginx/1.22.0
etag: fdea660170d6a7330b24d167c2c3d1d6
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.21363
x-trans-id: tx6de8ad58f6314c93986e4-0063a457cf
x-openstack-request-id: tx6de8ad58f6314c93986e4-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/search-icon.png

45.133.44.20

200 OK

516 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/search-icon.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Size
516 B (516 bytes)
Hash
34123928575ef4cf3df12db2fa095e99
8d5873549768bcbf278e04c6baf6404c2971b07b
0ff5216f552496405eca9c9449f77dd8a913bce909fa9ae8662cb85969f96272

HTTP Headers

GET /dannig/common-adult-player/img/search-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/png
content-length: 516
server: nginx/1.22.0
etag: 34123928575ef4cf3df12db2fa095e99
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.90293
x-trans-id: tx98534dff1b34406db1648-0063a457cf
x-openstack-request-id: tx98534dff1b34406db1648-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/btn-icon.png

45.133.44.20

200 OK

395 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/btn-icon.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 52 x 56, 8-bit gray+alpha, non-interlaced\012- data
Size
395 B (395 bytes)
Hash
06f18f63c3036edde4e88c1d5f200104
33c1e2780dc0a6f595afc2d87ed438ccb3d8922b
005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d

HTTP Headers

GET /dannig/common-adult-player/img/btn-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: image/png
content-length: 395
server: nginx/1.22.0
etag: 06f18f63c3036edde4e88c1d5f200104
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.53964
x-trans-id: txdde7f5dceb7e439cb5311-0063a457cf
x-openstack-request-id: txdde7f5dceb7e439cb5311-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d401ecc83b51e-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 18:07:19 GMT
age: 1520
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5d106999e3bd3b0eba95018b954f9604
6f51a08ca6b3759ac26621f1df99e4e3f1ae7137
2d7d471bf6618bde2d8673e9e7ba7c9b81c5844e5abf95d775ddec04ac7b3de9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 15:45:29 GMT
Expires: Wed, 08 Feb 2023 15:45:28 GMT
Etag: "6f51a08ca6b3759ac26621f1df99e4e3f1ae7137"
Cache-Control: max-age=421368,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d40205e131bfa-OSL

0821.groovinews.com/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=1&mrc=2&fsc=0&zoneid=1912302&tburl=https://lkcupid.com/dszkZs&tbz=1762378

45.133.44.20

200 OK

4.3 kB

URL HTTP/2
0821.groovinews.com/common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=1&mrc=2&fsc=0&zoneid=1912302&tburl=https://lkcupid.com/dszkZs&tbz=1762378
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
4.3 kB (4256 bytes)
Hash
ec8ade6e16e7f72f2ef4c1e4df97d8e5
f503808072a96f59944d1bd6b9d2ec67561057e6
dc391410e12fd14b262beb4436338bc988df29983960e40a71b23c62b09fc372

HTTP Headers

GET /common-adult-player/index.html?var={your_source_subid}&ymid={your_clickid}&rc=1&mrc=2&fsc=0&zoneid=1912302&tburl=https://lkcupid.com/dszkZs&tbz=1762378 HTTP/1.1
Host: 0821.groovinews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:39 GMT
content-type: text/html; charset=utf-8
content-length: 4256
server: nginx/1.22.0
cache-control: max-age=172800
etag: ec8ade6e16e7f72f2ef4c1e4df97d8e5
last-modified: Wed, 22 Dec 2021 15:19:04 GMT
x-timestamp: 1640186343.78856
x-trans-id: tx98699a6b7eaa44cb91699-0063a457ca
x-openstack-request-id: tx98699a6b7eaa44cb91699-0063a457ca
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:39 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14456
Expires: Fri, 03 Feb 2023 22:33:36 GMT
Date: Fri, 03 Feb 2023 18:32:40 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517729,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d40228fd2b515-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517729,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d40228fdeb4fd-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517729,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d402289531c0a-OSL

2818.selornews.com/script.js?slug=common-adult-player

45.133.44.21

200 OK

6.4 kB

URL HTTP/2
2818.selornews.com/script.js?slug=common-adult-player
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
C source, ASCII text, with very long lines (349)
Size
6.4 kB (6400 bytes)
Hash
2b06cef4d3a63f6b060b2f0f477b3831
9b762b7f3cc5477cf5c966cef720e5a903c1529f
cf8e60e8a37c4d4d84e8d7d03555f3ed9fede6ecd4218271a881241f313c873b

HTTP Headers

GET /script.js?slug=common-adult-player HTTP/1.1
Host: 2818.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 6400
server: nginx/1.22.1
cache-control: max-age=172800
etag: 2b06cef4d3a63f6b060b2f0f477b3831
last-modified: Fri, 03 Feb 2023 17:01:30 GMT
x-timestamp: 1675443689.24582
x-trans-id: tx13a7811209f04fad8e01d-0063dd3e19
x-openstack-request-id: tx13a7811209f04fad8e01d-0063dd3e19
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/logo.png

45.133.44.21

200 OK

7.2 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/logo.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 298 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7171 bytes)
Hash
9fa0c2649b56a64bf24ec059fd49b982
802c9d794cc845927439ce8a3077975199015ebb
a513d2e457125cd443461746199793cd61f2e4511a9acfcda504f70b5000c774

HTTP Headers

GET /dannig/common-adult-player/img/logo.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 7171
server: nginx/1.22.0
etag: 9fa0c2649b56a64bf24ec059fd49b982
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.58541
x-trans-id: txcdc5f7ed98bf40aea4dd0-0063a457cf
x-openstack-request-id: txcdc5f7ed98bf40aea4dd0-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/pics-4.jpg

45.133.44.21

200 OK

9.7 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/pics-4.jpg
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data\012- data
Size
9.7 kB (9707 bytes)
Hash
bb74abbad9688a711d5c26b38a9836e3
8bec5939654c02d7b800c66547e1aa778c2d438c
3fb9e79f5a0a5fe0f0d466b9d715562c6abeed5b2b32dc4b9673b80494137dbe

HTTP Headers

GET /dannig/common-adult-player/img/pics-4.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/jpeg
content-length: 9707
server: nginx/1.22.0
etag: bb74abbad9688a711d5c26b38a9836e3
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.12202
x-trans-id: txcd31c6c611654081abb36-0063a457d0
x-openstack-request-id: txcd31c6c611654081abb36-0063a457d0
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/burger.png

45.133.44.21

200 OK

295 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/burger.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Size
295 B (295 bytes)
Hash
fdea660170d6a7330b24d167c2c3d1d6
c95db01c09abcd2c3b3375ea2baa1443d1473af0
415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8

HTTP Headers

GET /dannig/common-adult-player/img/burger.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 295
server: nginx/1.22.0
etag: fdea660170d6a7330b24d167c2c3d1d6
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.21363
x-trans-id: tx6de8ad58f6314c93986e4-0063a457cf
x-openstack-request-id: tx6de8ad58f6314c93986e4-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/search-icon.png

45.133.44.21

200 OK

516 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/search-icon.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Size
516 B (516 bytes)
Hash
34123928575ef4cf3df12db2fa095e99
8d5873549768bcbf278e04c6baf6404c2971b07b
0ff5216f552496405eca9c9449f77dd8a913bce909fa9ae8662cb85969f96272

HTTP Headers

GET /dannig/common-adult-player/img/search-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 516
server: nginx/1.22.0
etag: 34123928575ef4cf3df12db2fa095e99
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.90293
x-trans-id: tx98534dff1b34406db1648-0063a457cf
x-openstack-request-id: tx98534dff1b34406db1648-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/btn-icon.png

45.133.44.21

200 OK

395 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/btn-icon.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 52 x 56, 8-bit gray+alpha, non-interlaced\012- data
Size
395 B (395 bytes)
Hash
06f18f63c3036edde4e88c1d5f200104
33c1e2780dc0a6f595afc2d87ed438ccb3d8922b
005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d

HTTP Headers

GET /dannig/common-adult-player/img/btn-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 395
server: nginx/1.22.0
etag: 06f18f63c3036edde4e88c1d5f200104
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.53964
x-trans-id: txdde7f5dceb7e439cb5311-0063a457cf
x-openstack-request-id: txdde7f5dceb7e439cb5311-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/player-ui-l.png

45.133.44.21

200 OK

663 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/player-ui-l.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 144 x 100, 8-bit gray+alpha, non-interlaced\012- data
Size
663 B (663 bytes)
Hash
5159265d4e4ecc1bfa2e8b028fc0534d
443e7f825760d81906a5c1a4ca660e0385b435fe
46a01582282a1e9326a84e445ba3da470e059b5d091d326e45271b698d6d62a1

HTTP Headers

GET /dannig/common-adult-player/img/player-ui-l.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 663
server: nginx/1.22.0
etag: 5159265d4e4ecc1bfa2e8b028fc0534d
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.13124
x-trans-id: txad3525ab6af343da841b6-0063a457cf
x-openstack-request-id: txad3525ab6af343da841b6-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/views.png

45.133.44.21

200 OK

461 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/views.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 32 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
461 B (461 bytes)
Hash
0ad8de150ced2f4ab8828c02c23ab95c
b7620db8dc0ef0075c79de9c0f3409d292413b80
efb233df0a528dd04d7b9725ad679738f043478ced654fe0e9a9b59b205d447b

HTTP Headers

GET /dannig/common-adult-player/img/views.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 461
server: nginx/1.22.0
etag: 0ad8de150ced2f4ab8828c02c23ab95c
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.98953
x-trans-id: tx273bbf170265463eb2b6f-0063a457cf
x-openstack-request-id: tx273bbf170265463eb2b6f-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

2818.selornews.com/common-adult-player/css/style.css

45.133.44.21

200 OK

22 kB

URL HTTP/2
2818.selornews.com/common-adult-player/css/style.css
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (2400)
Size
22 kB (21671 bytes)
Hash
526b5851d4063923ccfbe471143f0932
2b9f3bc80dd94e6d68d642bf68a5cc0d39085b9e
6ac4c4456c0595d52dfd20d83cd869c60dd1eeeead30b078f65d7d2dc1f33f4c

HTTP Headers

GET /common-adult-player/css/style.css HTTP/1.1
Host: 2818.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: text/css
content-length: 21671
server: nginx/1.22.0
etag: 526b5851d4063923ccfbe471143f0932
last-modified: Thu, 22 Jul 2021 14:54:56 GMT
x-timestamp: 1626965695.66426
x-trans-id: tx9a75eda1e48c45e58cc2e-0063a457d2
x-openstack-request-id: tx9a75eda1e48c45e58cc2e-0063a457d2
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/player-ui-r.png

45.133.44.21

200 OK

1.1 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/player-ui-r.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 226 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1118 bytes)
Hash
74174fa53d52a184fa0a586f988f0d94
6fc2f64667c7cfabd7ae7a2409d20de7a501d9a3
4e0fbe743a42b8a641daec0745e3a80e22ed9df424b7e0e0c852ba27b9b409d3

HTTP Headers

GET /dannig/common-adult-player/img/player-ui-r.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 1118
server: nginx/1.22.0
etag: 74174fa53d52a184fa0a586f988f0d94
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.19318
x-trans-id: tx33d9d9f91a314c64b2fc9-0063a457cf
x-openstack-request-id: tx33d9d9f91a314c64b2fc9-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/pics-1.jpg

45.133.44.21

200 OK

9.4 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/pics-1.jpg
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data\012- data
Size
9.4 kB (9415 bytes)
Hash
0fdbe8ac7fda89d3ed4d0845d4f86384
b14ff199e53771631d302442b22ecdd1867c88e4
733eb3487f5a82cdb71eda01d36247bf57ad107ee3be967d6561fa7f2f78664e

HTTP Headers

GET /dannig/common-adult-player/img/pics-1.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/jpeg
content-length: 9415
server: nginx/1.22.0
etag: 0fdbe8ac7fda89d3ed4d0845d4f86384
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.61753
x-trans-id: tx0e602b2d4dce4c06afadd-0063a457cf
x-openstack-request-id: tx0e602b2d4dce4c06afadd-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/stars.png

45.133.44.21

200 OK

589 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/stars.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 169 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
589 B (589 bytes)
Hash
586e70ae8cf2f823dc7876917d90be92
33d61043ae53a9377ad37bfd5b84c73f770c4105
894bcd381abf4e10bbbe8802a7c52396d8b6b73cdf9d2837caf8f6a0d7aea707

HTTP Headers

GET /dannig/common-adult-player/img/stars.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 589
server: nginx/1.22.0
etag: 586e70ae8cf2f823dc7876917d90be92
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.28164
x-trans-id: txd7818eaca93d496495344-0063a457d0
x-openstack-request-id: txd7818eaca93d496495344-0063a457d0
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517729,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d40229995b51e-OSL

321.selornews.com/dannig/common-adult-player/img/burger.png

45.133.44.20

200 OK

295 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/burger.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Size
295 B (295 bytes)
Hash
fdea660170d6a7330b24d167c2c3d1d6
c95db01c09abcd2c3b3375ea2baa1443d1473af0
415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8

HTTP Headers

GET /dannig/common-adult-player/img/burger.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 295
server: nginx/1.22.0
etag: fdea660170d6a7330b24d167c2c3d1d6
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.21363
x-trans-id: tx6de8ad58f6314c93986e4-0063a457cf
x-openstack-request-id: tx6de8ad58f6314c93986e4-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/search-icon.png

45.133.44.20

200 OK

516 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/search-icon.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Size
516 B (516 bytes)
Hash
34123928575ef4cf3df12db2fa095e99
8d5873549768bcbf278e04c6baf6404c2971b07b
0ff5216f552496405eca9c9449f77dd8a913bce909fa9ae8662cb85969f96272

HTTP Headers

GET /dannig/common-adult-player/img/search-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 516
server: nginx/1.22.0
etag: 34123928575ef4cf3df12db2fa095e99
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.90293
x-trans-id: tx98534dff1b34406db1648-0063a457cf
x-openstack-request-id: tx98534dff1b34406db1648-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/btn-icon.png

45.133.44.20

200 OK

395 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/btn-icon.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 52 x 56, 8-bit gray+alpha, non-interlaced\012- data
Size
395 B (395 bytes)
Hash
06f18f63c3036edde4e88c1d5f200104
33c1e2780dc0a6f595afc2d87ed438ccb3d8922b
005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d

HTTP Headers

GET /dannig/common-adult-player/img/btn-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 395
server: nginx/1.22.0
etag: 06f18f63c3036edde4e88c1d5f200104
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.53964
x-trans-id: txdde7f5dceb7e439cb5311-0063a457cf
x-openstack-request-id: txdde7f5dceb7e439cb5311-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2978aa14d1f3becc3e7e1f86a24a84eb
f7a666e9df7fc4da99947e7690814211a86a6134
453634700dc373ccc902845f491c29234c92a6ef38fc70ed0272a60c2850defb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 18:31:31 GMT
Expires: Thu, 09 Feb 2023 18:31:30 GMT
Etag: "f7a666e9df7fc4da99947e7690814211a86a6134"
Cache-Control: max-age=517729,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793d402298341bfa-OSL

321.selornews.com/dannig/common-adult-player/img/pics-4.jpg

45.133.44.20

200 OK

9.7 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/pics-4.jpg
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data\012- data
Size
9.7 kB (9707 bytes)
Hash
bb74abbad9688a711d5c26b38a9836e3
8bec5939654c02d7b800c66547e1aa778c2d438c
3fb9e79f5a0a5fe0f0d466b9d715562c6abeed5b2b32dc4b9673b80494137dbe

HTTP Headers

GET /dannig/common-adult-player/img/pics-4.jpg HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/jpeg
content-length: 9707
server: nginx/1.22.0
etag: bb74abbad9688a711d5c26b38a9836e3
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.12202
x-trans-id: txcd31c6c611654081abb36-0063a457d0
x-openstack-request-id: txcd31c6c611654081abb36-0063a457d0
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.227.105.139

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.227.105.139:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +yx8UT4utWJjTXiUqc/dTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uajq4CRCRpSl8DukPXdw1jgUYts=

321.selornews.com/dannig/common-adult-player/img/burger.png

45.133.44.20

200 OK

295 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/burger.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Size
295 B (295 bytes)
Hash
fdea660170d6a7330b24d167c2c3d1d6
c95db01c09abcd2c3b3375ea2baa1443d1473af0
415ba400194f72a1511c8cd22b4bfe13acfeebbf3e9ff958d1e39cbb738d07c8

HTTP Headers

GET /dannig/common-adult-player/img/burger.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 295
server: nginx/1.22.0
etag: fdea660170d6a7330b24d167c2c3d1d6
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.21363
x-trans-id: tx6de8ad58f6314c93986e4-0063a457cf
x-openstack-request-id: tx6de8ad58f6314c93986e4-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/search-icon.png

45.133.44.20

200 OK

516 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/search-icon.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 56 x 50, 8-bit gray+alpha, non-interlaced\012- data
Size
516 B (516 bytes)
Hash
34123928575ef4cf3df12db2fa095e99
8d5873549768bcbf278e04c6baf6404c2971b07b
0ff5216f552496405eca9c9449f77dd8a913bce909fa9ae8662cb85969f96272

HTTP Headers

GET /dannig/common-adult-player/img/search-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 516
server: nginx/1.22.0
etag: 34123928575ef4cf3df12db2fa095e99
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.90293
x-trans-id: tx98534dff1b34406db1648-0063a457cf
x-openstack-request-id: tx98534dff1b34406db1648-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/btn-icon.png

45.133.44.20

200 OK

395 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/btn-icon.png
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 52 x 56, 8-bit gray+alpha, non-interlaced\012- data
Size
395 B (395 bytes)
Hash
06f18f63c3036edde4e88c1d5f200104
33c1e2780dc0a6f595afc2d87ed438ccb3d8922b
005e42b95bb1fef26b792467deeba4e0aeadc51bb9726d20dc301c1c80d99d2d

HTTP Headers

GET /dannig/common-adult-player/img/btn-icon.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 395
server: nginx/1.22.0
etag: 06f18f63c3036edde4e88c1d5f200104
last-modified: Mon, 23 Nov 2020 19:23:44 GMT
x-timestamp: 1606159423.53964
x-trans-id: txdde7f5dceb7e439cb5311-0063a457cf
x-openstack-request-id: txdde7f5dceb7e439cb5311-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/player-ui-r.png

45.133.44.21

200 OK

1.1 kB

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/player-ui-r.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 226 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1118 bytes)
Hash
74174fa53d52a184fa0a586f988f0d94
6fc2f64667c7cfabd7ae7a2409d20de7a501d9a3
4e0fbe743a42b8a641daec0745e3a80e22ed9df424b7e0e0c852ba27b9b409d3

HTTP Headers

GET /dannig/common-adult-player/img/player-ui-r.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 1118
server: nginx/1.22.0
etag: 74174fa53d52a184fa0a586f988f0d94
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.19318
x-trans-id: tx33d9d9f91a314c64b2fc9-0063a457cf
x-openstack-request-id: tx33d9d9f91a314c64b2fc9-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/views.png

45.133.44.21

200 OK

461 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/views.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 32 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
461 B (461 bytes)
Hash
0ad8de150ced2f4ab8828c02c23ab95c
b7620db8dc0ef0075c79de9c0f3409d292413b80
efb233df0a528dd04d7b9725ad679738f043478ced654fe0e9a9b59b205d447b

HTTP Headers

GET /dannig/common-adult-player/img/views.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 461
server: nginx/1.22.0
etag: 0ad8de150ced2f4ab8828c02c23ab95c
last-modified: Mon, 23 Nov 2020 19:23:50 GMT
x-timestamp: 1606159429.98953
x-trans-id: tx273bbf170265463eb2b6f-0063a457cf
x-openstack-request-id: tx273bbf170265463eb2b6f-0063a457cf
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/common-adult-player/img/stars.png

45.133.44.21

200 OK

589 B

URL HTTP/2
321.selornews.com/dannig/common-adult-player/img/stars.png
IP
45.133.44.21:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 169 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
589 B (589 bytes)
Hash
586e70ae8cf2f823dc7876917d90be92
33d61043ae53a9377ad37bfd5b84c73f770c4105
894bcd381abf4e10bbbe8802a7c52396d8b6b73cdf9d2837caf8f6a0d7aea707

HTTP Headers

GET /dannig/common-adult-player/img/stars.png HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0821.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/png
content-length: 589
server: nginx/1.22.0
etag: 586e70ae8cf2f823dc7876917d90be92
last-modified: Mon, 23 Nov 2020 19:23:45 GMT
x-timestamp: 1606159424.28164
x-trans-id: txd7818eaca93d496495344-0063a457d0
x-openstack-request-id: txd7818eaca93d496495344-0063a457d0
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

321.selornews.com/dannig/kl1788616/files/v_F.ico

45.133.44.20

200 OK

1.2 kB

URL HTTP/2
321.selornews.com/dannig/kl1788616/files/v_F.ico
IP
45.133.44.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
980036f765553010aef1091b9f35fc2c
44dc856cebd04eed72c818f2f82ac3f1d2f1757e
b09d778fcdb390d13abd8e529004ba61fe8114b5f7232fad6e7296ec97ccea36

HTTP Headers

GET /dannig/kl1788616/files/v_F.ico HTTP/1.1
Host: 321.selornews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:32:40 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
server: nginx/1.22.0
etag: 980036f765553010aef1091b9f35fc2c
last-modified: Fri, 20 Nov 2020 17:09:54 GMT
x-timestamp: 1605892193.71696
x-trans-id: txcb8d1f40d6d4404fb2355-0063a457d0
x-openstack-request-id: txcb8d1f40d6d4404fb2355-0063a457d0
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 05 Feb 2023 18:32:40 GMT
cache-control: max-age=172800
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58900ccae44587c0f37c36513501e938
d77f50de0763a35ccbd19292237f44bd3c0d1c0b
cedd31bae65afdaa4bba5d7b68a9bb36542884ce616ef2c02af674618b8a2eae

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEDD31BAE65AFDAA4BBA5D7B68A9BB36542884CE616EF2C02AF674618B8A2EAE"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Sat, 04 Feb 2023 00:32:01 GMT
Date: Fri, 03 Feb 2023 18:32:40 GMT
Connection: keep-alive

lkcupid.com/dszkZs

5.63.153.25

302 Found

0 B

URL HTTP/1.1
lkcupid.com/dszkZs
IP
5.63.153.25:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /dszkZs HTTP/1.1
Host: lkcupid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://31.groovinews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 03 Feb 2023 18:32:40 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Fri, 03 Feb 2023 18:32:40 GMT
Location: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Pragma: no-cache
Set-Cookie: _subid=s8hnpa236qm1;Expires=Monday, 06-Mar-2023 18:32:40 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa236qm1_s8hnpa236qm163dd5348d6aa10.46955628;Expires=Monday, 06-Mar-2023 18:32:40 GMT;Max-Age=2678400;Path=/
e13ae=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3MjlcIjoxNjc1NDQ5MTYwfSxcImNhbXBhaWduc1wiOntcIjQwMFwiOjE2NzU0NDkxNjB9LFwidGltZVwiOjE2NzU0NDkxNjB9In0.bdrOknLNGj7GVgE9-24GJPE3sQbk7e8xiS9_MD3g7z0;Expires=Monday, 09-Mar-2076 13:05:20 GMT;Max-Age=1675535560;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cce4c6397a79e14a4f29b0b9602f31d1
00e826fb920fc35031f97818754728927695f73b
6e42290ebe7feb3bc039b97f94bd7606725a331db2707f25fc82617c3f118c2e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E42290EBE7FEB3BC039B97F94BD7606725A331DB2707F25FC82617C3F118C2E"
Last-Modified: Thu, 02 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 00:32:41 GMT
Date: Fri, 03 Feb 2023 18:32:41 GMT
Connection: keep-alive

datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1

116.202.1.47

200 OK

7.1 kB

URL HTTP/1.1
datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (480), with CRLF line terminators
Size
7.1 kB (7148 bytes)
Hash
8ce2c35f65df24a286cff634d0c3ad53
4d96d3ed3353d33a5161cb24a8d53178ecbcbe3b
1a32f3f34a3fe320a5fa530726e5cf425f52fbe670b8e8498a07d8b6b71a4214

HTTP Headers

GET /?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1 HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://31.groovinews.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: text/html
Content-Length: 7148
Connection: keep-alive
set-cookie: sid=t1~bblegpjocg3kwywvpumzlxd4; path=/
cache-control: private, no-transform

datingszone.life/media/dating/toon2/css/animate.min.css

116.202.1.47

200 OK

53 kB

URL HTTP/1.1
datingszone.life/media/dating/toon2/css/animate.min.css
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (52592)
Size
53 kB (52789 bytes)
Hash
178b651958ceff556cbc5f355e08bbf1
97afa151569f046b2e01f27c1871646e9cd87caf
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

HTTP Headers

GET /media/dating/toon2/css/animate.min.css HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: text/css
Content-Length: 52789
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "178b651958ceff556cbc5f355e08bbf1"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174062EDED0AA8BC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

datingszone.life/media/exit-new/exit1.js

116.202.1.47

200 OK

3.5 kB

URL HTTP/1.1
datingszone.life/media/exit-new/exit1.js
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
3.5 kB (3473 bytes)
Hash
625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/exit-new/exit1.js HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: application/javascript
Content-Length: 3473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Wed, 31 Aug 2022 09:34:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174062FD0FCC761B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

datingszone.life/media/dating/toon2/css/style.css

116.202.1.47

200 OK

8.6 kB

URL HTTP/1.1
datingszone.life/media/dating/toon2/css/style.css
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
8.6 kB (8608 bytes)
Hash
549edaff59c582a6a3ca91f95c60ea71
a9edcba7d667efcfd812bcd413ccbdcb2b67cc88
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

HTTP Headers

GET /media/dating/toon2/css/style.css HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: text/css
Content-Length: 8608
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "549edaff59c582a6a3ca91f95c60ea71"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174062EDF753D253
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

datingszone.life/cookie/js.cookie.js

116.202.1.47

200 OK

4.3 kB

URL HTTP/1.1
datingszone.life/cookie/js.cookie.js
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1709), with CRLF line terminators
Size
4.3 kB (4264 bytes)
Hash
a7e9883924072f15259de6888d5ef515
7f4f6e5938e68f55aef81e0cd0145f008cd28382
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cookie/js.cookie.js HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: application/javascript
Content-Length: 4264
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a7e9883924072f15259de6888d5ef515"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174062F3F7C279D5
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

datingszone.life/util/utils.js

116.202.1.47

200 OK

7.5 kB

URL HTTP/1.1
datingszone.life/util/utils.js
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174063CC2FE80B04
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

datingszone.life/media/bb.js

116.202.1.47

200 OK

639 B

URL HTTP/1.1
datingszone.life/media/bb.js
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (639), with no line terminators
Size
639 B (639 bytes)
Hash
0d553e4bac91c74bfee2dbabba61e99e
5af71e2377c9c012a7826a695f2724901941b19b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/bb.js HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17406406F1110DBD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:32:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15213
Expires: Fri, 03 Feb 2023 22:46:14 GMT
Date: Fri, 03 Feb 2023 18:32:41 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15213
Expires: Fri, 03 Feb 2023 22:46:14 GMT
Date: Fri, 03 Feb 2023 18:32:41 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15213
Expires: Fri, 03 Feb 2023 22:46:14 GMT
Date: Fri, 03 Feb 2023 18:32:41 GMT
Connection: keep-alive

datingszone.life/media/dating/toon2/js/jquery-2.2.4.min.js

116.202.1.47

200 OK

86 kB

URL HTTP/1.1
datingszone.life/media/dating/toon2/js/jquery-2.2.4.min.js
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/toon2/js/jquery-2.2.4.min.js HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: application/javascript
Content-Length: 85578
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2f6b11a7e914718e0290410e85366fe9"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174062EDF7C80028
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10971 bytes)
Hash
24261df857fd20898ed41615ff44efd2
5ebaae7786e95f6daf7e837ce741f96611a64335
b947696fced12e35736691fb27c5cc4ddb28e4b4781cfbb69b8b4011b84aca5b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10971
x-amzn-requestid: 87d6a618-4ddf-4e40-aaeb-f6e38c274c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feH0jHisoAMFgpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58683-2de413f446505ec44ab2a390;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:33:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSK5RmNEDZxTn_J6zk6eGwhUexiPYxHRnvs7h0DtRM-fXMJ1QsmtHw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 09:43:13 GMT
age: 31768
etag: "5ebaae7786e95f6daf7e837ce741f96611a64335"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14071 bytes)
Hash
9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aTs6L8dJENFRdtBn7ggAbY5yaYRAzSY2B0bmElV4YNPrJg-KRDAyNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 74745
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 65257
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 49160
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10166 bytes)
Hash
2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 72288
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 72231
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:32:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

datingszone.life/media/dating/toon2/images/123.jpg

116.202.1.47

200 OK

179 kB

URL HTTP/1.1
datingszone.life/media/dating/toon2/images/123.jpg
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1069, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=620], progressive, precision 8, 620x1032, components 3\012- data
Size
179 kB (179176 bytes)
Hash
a2d245e1c43c61ca34bea001510dd6d9
7a7e0dbf8bb132958fecd093e6741ffe49d060b5
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

HTTP Headers

GET /media/dating/toon2/images/123.jpg HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: image/jpeg
Content-Length: 179176
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a2d245e1c43c61ca34bea001510dd6d9"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174062EDFC8563EF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:32:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

datingszone.life/media/dating/toon2/images/bg.jpg

116.202.1.47

200 OK

120 kB

URL HTTP/1.1
datingszone.life/media/dating/toon2/images/bg.jpg
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=660, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1279], progressive, precision 8, 1279x660, components 3\012- data
Size
120 kB (119754 bytes)
Hash
842a5629f17ec8342230aa12ea32291a
0f2390a3eda1a71d676f1cd1866956fef8e77090
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

HTTP Headers

GET /media/dating/toon2/images/bg.jpg HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/media/dating/toon2/css/style.css
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Content-Type: image/jpeg
Content-Length: 119754
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "842a5629f17ec8342230aa12ea32291a"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174062EE0B1F6F41
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 03 Feb 2024 18:32:41 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:32:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.35

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datingszone.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:25:03 GMT
expires: Mon, 29 Jan 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 461258
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datingszone.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:29:08 GMT
expires: Wed, 31 Jan 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 309813
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:32:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

datingszone.life/favicon.ico

116.202.1.47

204 No Content

0 B

URL HTTP/1.1
datingszone.life/favicon.ico
IP
116.202.1.47:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: datingszone.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/?u=0l0ktee&o=1grpx9q&t=0&cid=s8hnpa236qm1
Cookie: sid=t1~bblegpjocg3kwywvpumzlxd4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 03 Feb 2023 18:32:41 GMT
Connection: keep-alive
Cache-Control: no-transform

fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datingszone.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 18:32:41 GMT
date: Fri, 03 Feb 2023 18:32:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML