| m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ | 104.21.76.37 | 301 Moved Permanently | 0 B |
URL HTTP/1.1m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ IP104.21.76.37:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ HTTP/1.1
Host: m.cima4uu.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 11:11:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 06 Oct 2022 12:11:21 GMT
Location: https://m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mjx18r9PGQg1Z7Od3xmlK%2FkyHRRs6wzdNJfjzm1GtRgOIBFJIPhXRbDqyNLWJTZ8sSwjJAYhdUTSn1qZudO9ZXfNzO4pi5VDjuvfHSc%2FcB%2F86pnF65iUOXVghS4RcOriZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755df4af29810b59-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ | 54.230.111.7 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.7:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _4TbU80IpfWB_tHEel-tHZw7sL7jIDP5jCmerT9064q2os-guiEjrQ==
Age: 69843
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash282f6e1328452c1cb41f6a6272fff757 20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262 6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5344
Expires: Thu, 06 Oct 2022 12:40:25 GMT
Date: Thu, 06 Oct 2022 11:11:21 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 54.230.111.14 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP54.230.111.14:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9jSS1xySls-7R6FJFnW-6a2kjoUBj0F2BVi8NJ-hWj7RSvLwaXjtrA==
age: 25729
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| m.cima4uu.club/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=755df4b10ff0b4e8 | 172.67.186.152 | 200 OK | 42 B |
URL HTTP/2m.cima4uu.club/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=755df4b10ff0b4e8 IP172.67.186.152:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=755df4b10ff0b4e8 HTTP/1.1
Host: m.cima4uu.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:22 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 04 Oct 2022 15:37:48 GMT
etag: "633c534c-2a"
server: cloudflare
cf-ray: 755df4b34b98b4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 06 Oct 2022 13:11:22 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.7 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.7:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 10:29:41 GMT
Expires: Thu, 06 Oct 2022 10:49:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LE3wJrGaHv5b9Rn7T-ADqoM2eiast1-894smfq9E9FOXB1mPefhjjw==
Age: 2501
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash8be5570b9a5ca76c580da007a824b029 38840f2ac6476bdd5608121c5653e338c7ad9715 0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3222
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:22 GMT
Last-Modified: Thu, 06 Oct 2022 10:17:40 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.43.61.95 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.43.61.95:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LaqLcZcyUnT5b9rPvCqkpg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XkjySCga3AB0P3JO+YQeTz72Gto=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 4.4 kB |
IP142.250.74.3:0
File typegzip compressed data, from Unix\012- data Hashfb1da14da25109bf43ff60be7609daef 527cf54c216c02d851a51c2565febe7e9741f382 486d79ea94ffe360741f1ba74ceff2cd0df5ea3f6cfa378d61b6fa8b63d34467
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 632 B |
IP142.250.74.3:0
Hashf69cc0bb573bf0bc17b3390a84e9ed35 81bbe0f755e9e965925e90a7e1a99db8451240ca b96584202849c5f9a029600e1aef5830440ee966e43878036a1776932b3968f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb0e8a79f3e381ab34a44278947ac7c7e 70d01e6fdc8565c661b6ae8c5a043ddf2da16530 885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb0e8a79f3e381ab34a44278947ac7c7e 70d01e6fdc8565c661b6ae8c5a043ddf2da16530 885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb0e8a79f3e381ab34a44278947ac7c7e 70d01e6fdc8565c661b6ae8c5a043ddf2da16530 885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic | 142.250.74.10 | 200 OK | 819 B |
URL HTTP/2fonts.googleapis.com/css?family=Tajawal:500,800&subset=arabic IP142.250.74.10:0
Hash7c739446260e755c76cda6593cf1a6d7 761e3d7206991317196c7e18e763d69a9753db60 b376e3ed7b23b2ccf2ca13f83470200bf231f6fddff566759b2e65f70dcdd99d
GET /css?family=Tajawal:500,800&subset=arabic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 11:11:23 GMT
date: Thu, 06 Oct 2022 11:11:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| kit-pro.fontawesome.com/releases/v5.11.2/css/pro.min.css | 104.18.22.52 | 200 OK | 180 kB |
URL HTTP/2kit-pro.fontawesome.com/releases/v5.11.2/css/pro.min.css IP104.18.22.52:0
Size180 kB (180307 bytes) Hashfb366df35279f142459a444e0ffb6cde c8543f38d4f834dfba95c7bf5ed1cbe56723f50e 9fa289c776a64613d2f934fa3fa91ca8b63e8a44444db03f4722ca52fdf2575a
GET /releases/v5.11.2/css/pro.min.css HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:23 GMT
content-type: text/css
x-amz-id-2: hPTp4yBNGhCZo2oBzaoSxpHIiDWvrvABg1MP9eVpl3MG8FbPSh3fgE7zJiuLgq4WDqczwQLhl5A=
x-amz-request-id: WDRNEBQBJN18JN2G
last-modified: Thu, 01 Jul 2021 19:31:53 GMT
etag: W/"eec1b37ae29d7e4462d925398e6230ea"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 7804905
expires: Fri, 06 Oct 2023 17:00:09 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 755df4bd1fc2b50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashff5f22aafa6751c60631736c305a4c7c 278b89e5c1a978e070be4b66bb780862894b8504 b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12716
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 11:11:24 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12716
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 11:11:24 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe238ccaa3b9fa88476a8514855e8232f 447cbf348ef10d0136a1811e843c46937defbba1 43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 47548
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe5a5ee14d41747f46e71f04782e1a3d3 b0205176a58913f57056b91674097bfb58046e97 b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: 7ada8e43-9cb5-4793-9289-e308e9565e7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZoF7aIAMF43A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-73da01595d32809e08b93a83;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 14qQi5wDI-_EgyghHCMjRtdZliSj3L6veSqIeBoEjCTfdZfrKb-UzA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
age: 48858
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9e520f87cae411cfc2ed1c8a14184385 69ad212cb7ae309d4f02019552887135bfae67da 723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 48858
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha7bcc50ecfeeca47de68cb437e966f29 e98c870fd29b56fa4c3847008bedc0f01f222744 47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8360
x-amzn-requestid: c1f21bfa-3ceb-4661-97b8-0d7475f0e911
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlLG0joAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ed-43993b1377e9fbaf4e9443d2;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kyp8p-Jm92bA3VDbsKDiD_JnS2eekJFUkMjYXquZ1D15WthqXoSlsA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:57:01 GMT
age: 47663
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2277f8f2d93b4bc3b05d348343177892 531d9e4ec9078cd2d7376a19fcb287084af36c82 62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 48716
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash70ea26af79226e9ff06d6198e2c019dc ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57 f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 22027
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js | 104.17.25.14 | 200 OK | 10 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (31997) Hashda09af9c30411ac4ea58fa932c2bcdf1 3021a222be0168efcad5db279a305485935aeff5 19e819601b91eb75c0609dd6343a344f280a94b83e06e58595bafff5b12ca7f4
GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 10158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8098799
expires: Tue, 26 Sep 2023 11:11:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyW0bT3dT2CunVmuCxKWtN6JNw8kFERk41Geb9SIel11dsHMy2wFjICbx7la7ApKV%2FHoNN0mlJclY%2Fho%2BwzfQzDgxO%2B6hn1%2FTAHh3Q1hCnLb8Ykfzq8fttSGDyP7SFSwHYrllUYH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755df4c17f5db50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2 | 216.58.207.195 | 200 OK | 8.7 kB |
URL HTTP/2fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 8724, version 1.0\012- data Hash20217aa9d3eaac472e24b02bcdcd6c9b ee278f79d297f09fd3bf15fe453332649b1aa69e 1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
GET /s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:10:34 GMT
expires: Tue, 03 Oct 2023 20:10:34 GMT
cache-control: public, max-age=31536000
age: 226850
last-modified: Wed, 27 Apr 2022 16:06:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (65451) Hash391678ecd81abb89d767676563d04a0d ca95c965bf5453f22a77969f650d82cc0495aedc 0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8098709
expires: Tue, 26 Sep 2023 11:11:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M41t9ukN%2FZ5dk76jloaVgeMQZ%2FOuc7522C3StOGIS1zG73gBhfqsbrCHmcx23LhxXfnJPPKYduL996yGKXFHK%2BC%2BZvCbRdkJn%2BzS0TimCT%2FtZdW7aPqn010zc8nSby222k2pkDDX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755df4c17f5fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashf763a685d14b05b6ced9792151da30b8 b25be5359245be857ffa1bddcb197cb771a36a45 505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2 | 216.58.207.195 | 200 OK | 8.7 kB |
URL HTTP/2fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 8712, version 1.0\012- data Hasha560bce992322f72d6abc068846a3f93 869883a30861df05f8402581fb89560aef96b221 328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 20:05:56 GMT
expires: Thu, 05 Oct 2023 20:05:56 GMT
cache-control: public, max-age=31536000
age: 54328
last-modified: Wed, 27 Apr 2022 16:11:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2 | 216.58.207.195 | 200 OK | 10 kB |
URL HTTP/2fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 9996, version 1.0\012- data Hashe9c38c1110be8eac901fbe1fa4dff374 aba40d14b54e93d55124da50975b075c28969a41 de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9996
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:53:55 GMT
expires: Thu, 05 Oct 2023 19:53:55 GMT
cache-control: public, max-age=31536000
age: 55049
last-modified: Wed, 27 Apr 2022 16:11:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/righteous/v8/1cXxaUPXBpj2rGoU7C9WiHGF.woff2 | 216.58.207.195 | 200 OK | 13 kB |
URL HTTP/2fonts.gstatic.com/s/righteous/v8/1cXxaUPXBpj2rGoU7C9WiHGF.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 12608, version 1.0\012- data Hash2669249f36607a740d21ff026caca825 fad0f311506b84e078d7be1554706e09b16abf43 99ac2accca3d9670c1fd8f197db636fec37cecfa403150f78cc1107c047e1ef6
GET /s/righteous/v8/1cXxaUPXBpj2rGoU7C9WiHGF.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 10:32:15 GMT
expires: Wed, 04 Oct 2023 10:32:15 GMT
cache-control: public, max-age=31536000
age: 175149
last-modified: Tue, 16 Jul 2019 23:53:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.7.0.woff2 | 104.21.54.58 | 200 OK | 5.0 kB |
URL HTTP/2kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.7.0.woff2 IP104.21.54.58:0
File typeWeb Open Font Format (Version 2), TrueType, length 4968, version 330.15728\012- data Hashcb141c427b7f70db02d7d3d1ac41f07e ba296db0734ca7d64961462353628399a5e287ec aedd07affce985a3c2ae93c7bfc0ba06c4d91e03541e42861f1b1c90ddaae32a
GET /algo/2/webfonts/fa-solid-900-free-5.7.0.woff2 HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: font/woff2
content-length: 4968
x-amz-id-2: OzAP+ncP9EjBUKr74/UHF2EH1a9Cljsae8UvAMag+EHC12oiEU9cw/HU4SZojvW9EqCONr1ES6o=
x-amz-request-id: YJ0TMM5MZFBWX8Q1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 07 Jul 2021 19:59:07 GMT
etag: "cb141c427b7f70db02d7d3d1ac41f07e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 56733
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpemF2tHBuhmzTOKjD9hIsfzOf1YHfdkCsEvXvgTsBbx7ly8nssQ0x%2Fdp4cHEzNXu0tTbPeytJzVvbfE1cksoaI5UNnbsO%2FumZzxfGQUkWLRqT1gb82DRuLZhL5Q8UzqIOcNA%2FxRYtSRFBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755df4c1ea391c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.0.11.woff2 | 104.21.54.58 | 200 OK | 3.2 kB |
URL HTTP/2kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.0.11.woff2 IP104.21.54.58:0
File typeWeb Open Font Format (Version 2), TrueType, length 3156, version 330.15728\012- data Hash178c5c42a9af2f720e092d79646ca237 f55b0ea9acef5450e328d3287df22eff6ad39853 a50fb34a972f2ef82f74919940ab70c726358f3a870da2167cea3a1d1f49d301
GET /algo/2/webfonts/fa-solid-900-free-5.0.11.woff2 HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: font/woff2
content-length: 3156
x-amz-id-2: gG7uSP/bqusptxSgtSZL7go4GJ2CToUJYqtjOg1WxWDr8oQdgbFb0YdIKhFExjEOUUgwbcc+ceg=
x-amz-request-id: NXF44QSPT91XT0MW
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 07 Jul 2021 19:59:05 GMT
etag: "178c5c42a9af2f720e092d79646ca237"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1169072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57nVxEOj7iHrCw6OHOvDC5JwtWpAU8XMngCXX0CNlH%2BaBAnWlymgQaEo7d%2BUq%2But8IHqv4Y0I36CSHORjaBVxUGKNtJ1t4z2S5KCBVWzmI0%2BfXC0gRg5gTp4L4cKNfXjrYuYdcKJyA6wjJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755df4c1ea3a1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.11.0.woff2 | 104.21.54.58 | 200 OK | 9.9 kB |
URL HTTP/2kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.11.0.woff2 IP104.21.54.58:0
File typeWeb Open Font Format (Version 2), TrueType, length 9944, version 330.32505\012- data Hasha0cf41e3832384decb11ec78086cb766 6defc97b1d7b412933382e7bd7276964b5af2b8d 25d334ebfbd3c6ee9fcb55bef73dc82e6140af00999ba2d15ff859bf3604f6fb
GET /algo/2/webfonts/fa-solid-900-free-5.11.0.woff2 HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: font/woff2
content-length: 9944
x-amz-id-2: i1J2rvu9wVcC+nj2Az3AK16/NEnVBXg+9QA3YgxG8CLJRCb5+xDiKCBQi8MTNsd89onn57YuKM0=
x-amz-request-id: QWKAZ8ENEAAQ4TRD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 07 Jul 2021 19:59:06 GMT
etag: "a0cf41e3832384decb11ec78086cb766"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 50361
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9FCzjzVdXEXf93NU%2FhFqdnMTUj2%2F9xifs%2FkKP%2FqHnxiqAoyhBCtfCQV53P%2B%2F5lr58vdclgfS1U%2FzQSATC1jzXPD8sXO3XXtDAbNo7uxpYXbo8G27x6MPyRIo4WaSQtPvDAtZUr6XsK0z0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755df4c1da361c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kit-pro.fontawesome.com/algo/2/webfonts/fa-light-300-pro-5.0.0.woff2 | 104.18.22.52 | 200 OK | 35 kB |
URL HTTP/2kit-pro.fontawesome.com/algo/2/webfonts/fa-light-300-pro-5.0.0.woff2 IP104.18.22.52:0
File typeWeb Open Font Format (Version 2), TrueType, length 34916, version 330.15728\012- data Hash9b574a26613c424d33442cc50714ee1e b7f74fb1085d2cd5976051d9caefc794778bb17d c2b70cf353add78df6c24210970074cb9f0a3da5982a51e8a702d39f7a10ed54
GET /algo/2/webfonts/fa-light-300-pro-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: font/woff2
content-length: 34916
x-amz-id-2: QpaJCdsrTtBo3zfdO46HHuwspW2Y9jHpfVrxnr4i3kVSKg5OCj06bavCmy0OlTjb7VKCGF+P/gU=
x-amz-request-id: 7KJBYKJ4KSD6TFWP
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 19:11:10 GMT
etag: "9b574a26613c424d33442cc50714ee1e"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 1135335
expires: Fri, 06 Oct 2023 17:00:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 755df4c1daf80b41-OSL
X-Firefox-Spdy: h2
|
|
| kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.10.2.woff2 | 104.21.54.58 | 200 OK | 9.3 kB |
URL HTTP/2kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.10.2.woff2 IP104.21.54.58:0
File typeWeb Open Font Format (Version 2), TrueType, length 9292, version 330.15859\012- data Hashd5e4cc61221a06476ed0445d41458d37 4c6af909562a705a216b62188c5c4db384b6e604 c71e12651534bbb867165f6d48c7545ad60666d243d32fdf739a84c433de5776
GET /algo/2/webfonts/fa-solid-900-free-5.10.2.woff2 HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: font/woff2
content-length: 9292
x-amz-id-2: EMEB6QzG4cab4MpFqVm1Txq5ZF+jY3vQ1bScdi8zx5nZXS4j9z/NwPWKL92jpUZ5acz/A1a7n+tfu62zaSWVcA==
x-amz-request-id: WTTCCBY10ST8X8EP
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 07 Jul 2021 19:59:06 GMT
etag: "d5e4cc61221a06476ed0445d41458d37"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1171482
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjoNV8YBKaXkHNFGtx8J7VQYkrKkpBNkz%2Fvh3wdqKiMv7S8b3UYxJJUt8DUdNxNJzoM2RebNth84ul7%2FbeQVCZ8%2BKJgeVcZNUNclK%2FdkFX3P3cXt6eXFHwTlKPYsJfA4e79NIXK9RTFm6ig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755df4c1ea381c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.0.0.woff2 | 104.21.54.58 | 200 OK | 23 kB |
URL HTTP/2kit-free.fontawesome.com/algo/2/webfonts/fa-solid-900-free-5.0.0.woff2 IP104.21.54.58:0
File typeWeb Open Font Format (Version 2), TrueType, length 22764, version 330.15728\012- data Hashf129d0c4dd6eaf78df7164f8d1ddbc91 88d00093183494f25892de7bd3be7363a9fd6f72 5d0c2d7c6d457b00c8667e0e7a134baf25a430bdb140a6f950ef9c364029020a
GET /algo/2/webfonts/fa-solid-900-free-5.0.0.woff2 HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: font/woff2
content-length: 22764
x-amz-id-2: 2LtO86vxj5a/CVaV3NiAEvZH7cF9sCYA5D8y56MfV0HfTTCz3mLufqFuUqpOPdKTgiLdnNqs09E=
x-amz-request-id: YJ0RZ9C3YT902N75
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 07 Jul 2021 19:59:05 GMT
etag: "f129d0c4dd6eaf78df7164f8d1ddbc91"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 56733
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ1oy9SxZYPEeoFyofSyL1zAsLv%2FNPTasMQeCAbHb4bcGUF2X4xkOihWdsTgJ8L9nZ9zEV%2FhiUopfFqE9SrQFyWzE6u%2FmV1Z0lFlWm1ZVcbFDmfbVKR1mqaJci%2FHAk3I7cH7eNohUSqkNNE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755df4c1ea3e1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kit-pro.fontawesome.com/algo/2/webfonts/fa-light-300-pro-5.10.2.woff2 | 104.18.22.52 | 200 OK | 18 kB |
URL HTTP/2kit-pro.fontawesome.com/algo/2/webfonts/fa-light-300-pro-5.10.2.woff2 IP104.18.22.52:0
File typeWeb Open Font Format (Version 2), TrueType, length 18312, version 330.15859\012- data Hash1e2e401c1738fa204417d8c8fcc3a23c ba116305c11a75914f86a0ac97071918c450ba12 d7379d495e161b7e82e5804fc73f43a25c663a296c3060ee7d17c78d55d7eebb
GET /algo/2/webfonts/fa-light-300-pro-5.10.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: font/woff2
content-length: 18312
x-amz-id-2: Lt089CYmG38TECqbNyfk4Nbrm/ku1IW3N8XpcIVHVQPLh8VGjwimziCz3DbpNLRHyrLLHZNh4QY=
x-amz-request-id: 7KJ0B4DA82K3QQBH
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 19:11:11 GMT
etag: "1e2e401c1738fa204417d8c8fcc3a23c"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 958952
expires: Fri, 06 Oct 2023 17:00:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 755df4c1dafb0b41-OSL
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-GMP47XXS7E | 142.250.74.168 | 200 OK | 75 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-GMP47XXS7E IP142.250.74.168:0
File typeASCII text, with very long lines (21373) Hash4d7707110a0dec7cd7b33c183fece8fc 4b042fa19db666ba113dc13b09a5d7be36338115 8b1f0d701987ba15e67d62cec9909bd6ed3fbfa9227cf72665c83da2b2c4c186
GET /gtag/js?id=G-GMP47XXS7E HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 11:11:24 GMT
expires: Thu, 06 Oct 2022 11:11:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashf763a685d14b05b6ced9792151da30b8 b25be5359245be857ffa1bddcb197cb771a36a45 505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 11:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4e77840d6f41c898d7bf3f0121444a4d 91d19607c6b4e9dce4d0c85fa52adf27924fa204 65c0d938db80de1ff618e64a659ca0c27d452d6e8e137fda330f5c3c115d3f4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65C0D938DB80DE1FF618E64A659CA0C27D452D6E8E137FDA330F5C3C115D3F4E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7559
Expires: Thu, 06 Oct 2022 13:17:23 GMT
Date: Thu, 06 Oct 2022 11:11:24 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash46a76c6bf42123fb5026c0837ccf41d4 ac48d05e561faa9d13ad2f383bc8aefb970f820e daf8f61fa5b1b459b0fb1d69955439477c78774ec64a2d7de192c686fe07cd76
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAF8F61FA5B1B459B0FB1D69955439477C78774EC64A2D7DE192C686FE07CD76"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11944
Expires: Thu, 06 Oct 2022 14:30:28 GMT
Date: Thu, 06 Oct 2022 11:11:24 GMT
Connection: keep-alive
|
|
| kit-pro.fontawesome.com/algo/2/webfonts/fa-regular-400-pro-5.0.0.woff2 | 104.18.22.52 | 200 OK | 27 kB |
URL HTTP/2kit-pro.fontawesome.com/algo/2/webfonts/fa-regular-400-pro-5.0.0.woff2 IP104.18.22.52:0
File typeWeb Open Font Format (Version 2), TrueType, length 27056, version 330.15728\012- data Hashaa2d06ff3fb9d99eff2307847b48a51c e46d2c8322d480c881314eaf0bec83a427fc50d2 5c91ff9a7451504ea206079ad27c9aca4676a09a1faa2faf99152b3ec6ecab43
GET /algo/2/webfonts/fa-regular-400-pro-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://kit-pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: font/woff2
content-length: 27056
x-amz-id-2: x+EthsYXw0HQhlstBZf4YSbrIYeUvdNv94EHNh5/ab8Q/tevlTlx+e5NsBJS4PaxAWBhjDe7KDY=
x-amz-request-id: P7F0HYQ2ZA9TSVA7
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 19:11:14 GMT
etag: "aa2d06ff3fb9d99eff2307847b48a51c"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 1135334
expires: Fri, 06 Oct 2023 17:00:10 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 755df4c51d760b41-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc35ee8f2b6756aa23653ad1daa8cf75c 927b0b4f9caeeb8c5dc6e6868cc064ffb30a0604 279f4b5e0fda39b8908bacbd47dcd544a30a66c14f593f4db9a793d2d042438e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "279F4B5E0FDA39B8908BACBD47DCD544A30A66C14F593F4DB9A793D2D042438E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10966
Expires: Thu, 06 Oct 2022 14:14:11 GMT
Date: Thu, 06 Oct 2022 11:11:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc35ee8f2b6756aa23653ad1daa8cf75c 927b0b4f9caeeb8c5dc6e6868cc064ffb30a0604 279f4b5e0fda39b8908bacbd47dcd544a30a66c14f593f4db9a793d2d042438e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "279F4B5E0FDA39B8908BACBD47DCD544A30A66C14F593F4DB9A793D2D042438E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10966
Expires: Thu, 06 Oct 2022 14:14:11 GMT
Date: Thu, 06 Oct 2022 11:11:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc35ee8f2b6756aa23653ad1daa8cf75c 927b0b4f9caeeb8c5dc6e6868cc064ffb30a0604 279f4b5e0fda39b8908bacbd47dcd544a30a66c14f593f4db9a793d2d042438e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "279F4B5E0FDA39B8908BACBD47DCD544A30A66C14F593F4DB9A793D2D042438E"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10966
Expires: Thu, 06 Oct 2022 14:14:11 GMT
Date: Thu, 06 Oct 2022 11:11:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash110370e0bf98d7de8c31df064df23fa5 83cfb6731296db17985aab3184a29063072dad75 f8bb2c85048fb94b1ebb1ef51cd32919575c9835aab53e8a7962b60be695c4c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8BB2C85048FB94B1EBB1EF51CD32919575C9835AAB53E8A7962B60BE695C4C0"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13952
Expires: Thu, 06 Oct 2022 15:03:57 GMT
Date: Thu, 06 Oct 2022 11:11:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash91f65d2387525a13af45d775863e600d e0b93e81700967f3133a89f6aa31826a5db538ab b9e47d1b31bd02933770726baeed9f0f889c66ad9b517e7bf091f3f988c3ee04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9E47D1B31BD02933770726BAEED9F0F889C66AD9B517E7BF091F3F988C3EE04"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13209
Expires: Thu, 06 Oct 2022 14:51:34 GMT
Date: Thu, 06 Oct 2022 11:11:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash740b2469b2120f12aab4ca53ec3a088b 92c1ac6901c501f5de875264e66fa7dd6e0b0284 2511f60a97b0a7ab1faeddc4856a9c00f509ab1af0d37d99c57095896608477d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2511F60A97B0A7AB1FAEDDC4856A9C00F509AB1AF0D37D99C57095896608477D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5579
Expires: Thu, 06 Oct 2022 12:44:24 GMT
Date: Thu, 06 Oct 2022 11:11:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5b09fd9a71a5164924cd2302892d7258 aa856dd966275f1a1be9759b6734ae010b31f8fb 797c47f35dda6fd47b927d7b79ec0cc5839dbf46470fb37386f01f2cdf0c11d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "797C47F35DDA6FD47B927D7B79EC0CC5839DBF46470FB37386F01F2CDF0C11D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7456
Expires: Thu, 06 Oct 2022 13:15:41 GMT
Date: Thu, 06 Oct 2022 11:11:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5b09fd9a71a5164924cd2302892d7258 aa856dd966275f1a1be9759b6734ae010b31f8fb 797c47f35dda6fd47b927d7b79ec0cc5839dbf46470fb37386f01f2cdf0c11d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "797C47F35DDA6FD47B927D7B79EC0CC5839DBF46470FB37386F01F2CDF0C11D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7456
Expires: Thu, 06 Oct 2022 13:15:41 GMT
Date: Thu, 06 Oct 2022 11:11:25 GMT
Connection: keep-alive
|
|
| ledrapti.net/tag.min.js | 139.45.197.238 | 200 OK | 23 kB |
IP139.45.197.238:0
File typeASCII text, with very long lines (65536), with no line terminators Hash475fe72306987212afa61d6ddd01043f 7b82b5387d0dc1279ced204b3f181af417e68ea1 f187e1acfd027b65659d5d3173e9c5a834ebe34a25f98e68c3d3bad3a9b44d2c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /tag.min.js HTTP/1.1
Host: ledrapti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 22987
content-encoding: br
x-trace-id: 369fc9221b2c364c8df68133150de05c
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 05 Oct 2022 15:41:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| alpidoveon.com/tag.min.js | 139.45.197.237 | 200 OK | 23 kB |
URL HTTP/2alpidoveon.com/tag.min.js IP139.45.197.237:0
File typeASCII text, with very long lines (65536), with no line terminators Hash475fe72306987212afa61d6ddd01043f 7b82b5387d0dc1279ced204b3f181af417e68ea1 f187e1acfd027b65659d5d3173e9c5a834ebe34a25f98e68c3d3bad3a9b44d2c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /tag.min.js HTTP/1.1
Host: alpidoveon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 22987
content-encoding: br
x-trace-id: a9a3f5846d56d53188278a4b53938c02
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 05 Oct 2022 15:42:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ledrapti.net/tag.min.js | 139.45.197.238 | 200 OK | 23 kB |
IP139.45.197.238:0
File typeASCII text, with very long lines (65536), with no line terminators Hash475fe72306987212afa61d6ddd01043f 7b82b5387d0dc1279ced204b3f181af417e68ea1 f187e1acfd027b65659d5d3173e9c5a834ebe34a25f98e68c3d3bad3a9b44d2c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /tag.min.js HTTP/1.1
Host: ledrapti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 22987
content-encoding: br
x-trace-id: d6f969de43138dd901205e73cf7ea4eb
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 05 Oct 2022 15:40:22 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash0a25532c4133886e22a425cacca9c027 41a1b476967aed6ac227717098cd8be3209b45b3 f50b860d2b3b4d59df90ad6b36c84639141ca9dd9530a74e07fd79fd9387f52e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 11:11:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 06:25:20 GMT
Expires: Mon, 10 Oct 2022 06:25:19 GMT
Etag: "41a1b476967aed6ac227717098cd8be3209b45b3"
Cache-Control: max-age=327833,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755df4c8cffbb523-OSL
|
|
| my.rtmark.net/gid.js?userId=8967f277cc034be09f726f4ae338d3a7 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=8967f277cc034be09f726f4ae338d3a7 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash84fcb9edceceae2ff6864cebb86952ba 2c066a3f8caee3f21acf527fca4ebf895e5623f6 6fbea7336073a62eeb2a5d76299fac79e384efa22834561021fb268d9ab57858
GET /gid.js?userId=8967f277cc034be09f726f4ae338d3a7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8967f277cc034be09f726f4ae338d3a7; expires=Fri, 06 Oct 2023 11:11:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-GMP47XXS7E>m=2oea50&_p=1714270357&cid=1070738315.1665054685&ul=en-us&sr=1280x1024&_s=1&sid=1665054685&sct=1&seg=0&dl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&dr=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&dt=%D9%81%D9%8A%D9%84%D9%85%20Exploits%20of%20a%20Young%20Don%20Juan%201986%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85%20%7C%20%D8%A7%D9%84%D8%B3%D9%8A%D9%86%D9%85%D8%A7%20%D9%84%D9%84%D8%AC%D9%85%D9%8A%D8%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-GMP47XXS7E>m=2oea50&_p=1714270357&cid=1070738315.1665054685&ul=en-us&sr=1280x1024&_s=1&sid=1665054685&sct=1&seg=0&dl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&dr=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&dt=%D9%81%D9%8A%D9%84%D9%85%20Exploits%20of%20a%20Young%20Don%20Juan%201986%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85%20%7C%20%D8%A7%D9%84%D8%B3%D9%8A%D9%86%D9%85%D8%A7%20%D9%84%D9%84%D8%AC%D9%85%D9%8A%D8%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GMP47XXS7E>m=2oea50&_p=1714270357&cid=1070738315.1665054685&ul=en-us&sr=1280x1024&_s=1&sid=1665054685&sct=1&seg=0&dl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&dr=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&dt=%D9%81%D9%8A%D9%84%D9%85%20Exploits%20of%20a%20Young%20Don%20Juan%201986%20%D9%85%D8%AA%D8%B1%D8%AC%D9%85%20%7C%20%D8%A7%D9%84%D8%B3%D9%8A%D9%86%D9%85%D8%A7%20%D9%84%D9%84%D8%AC%D9%85%D9%8A%D8%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://m1.cima4uu.club
date: Thu, 06 Oct 2022 11:11:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc7ca5d148840f1aacae5466951dc17db d99acacb061a975a4fe7e86fe503d389a320e948 e184ac291b48736115cc8e081952c8f8bc6af05ca7686025efbf933a74a5daf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E184AC291B48736115CC8E081952C8F8BC6AF05CA7686025EFBF933A74A5DAF5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=951
Expires: Thu, 06 Oct 2022 11:27:17 GMT
Date: Thu, 06 Oct 2022 11:11:26 GMT
Connection: keep-alive
|
|
| tzegilo.com/stattag.js | 104.21.84.149 | 200 OK | 12 kB |
IP104.21.84.149:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (32771), with no line terminators Hashb76b52a7158bba7e336ced7fd5226383 e682036a6263102fa3573249924c4ec733b9a1ea 65dbde9089735d20dfe886a2fe1517f1f6210180d4be8966bc9c22f3cdf02696
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfgpleGPH5v4PzBPROTd8s6%2BI%2F1oElnjgKKrPAK2%2BSuoYiWJKUowk2O6qlXEre9gX933JJCN9ayzgyIxTs0QEXJgR6qMHZZ%2Bv9b%2BBMztPujsKbAmuUxqGNwlHvyvOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755df4c80f79b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| agaenteitor.com/500/5106145?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.239 | 200 OK | 973 B |
URL HTTP/2agaenteitor.com/500/5106145?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.239:0
File typeJSON data\012- , ASCII text, with very long lines (973), with no line terminators Hash78e081bb2c1c5d9455e3ad26e5f9b341 bdc3ab19ffdadfe9dde61f28d09f64a2c0f37e2d 0053925b594379e526b09c96e9cda8164d1f967bb572ab5635a20ab501c0a6b2
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /500/5106145?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: agaenteitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Cookie: OAID=f16fb62804084cc4bcc915c4340d5a28
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:26 GMT
content-type: application/javascript
content-length: 973
x-trace-id: 9fe4febcd292571a9ff1a84ce7bde627
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://m1.cima4uu.club
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=8967f277cc034be09f726f4ae338d3a7; expires=Fri, 06 Oct 2023 11:11:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/ea48a7eb5e5072a8a9fbf615651c4463.png | 104.22.32.172 | 200 OK | 8.4 kB |
URL HTTP/2offerimage.com/www/images/ea48a7eb5e5072a8a9fbf615651c4463.png IP104.22.32.172:0
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hashea48a7eb5e5072a8a9fbf615651c4463 9b947afd1ffbb9a3430e32058afb989ce1d9792e b28524b667e9a99a99de75770facc06b4c656f24d78e3c074dbd29c5df08cf8d
GET /www/images/ea48a7eb5e5072a8a9fbf615651c4463.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:26 GMT
content-type: image/png
content-length: 8366
last-modified: Fri, 30 Sep 2022 14:30:14 GMT
etag: "6336fd76-20ae"
expires: Fri, 07 Oct 2022 09:46:32 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 5093
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755df4cddb77993e-ARN
X-Firefox-Spdy: h2
|
|
| onmarshtompor.com/?rb=HpgDMqwYpX6aEHGiTasNTdGX3nm9ht3wBwooGPnt_RC4dxrH0REyym64N2hWDBeTGFtOn8KWSEg6l-4HObMyA5gDxZoHsoebn4xV97NvhDCGfKzjg44Y716dxUNOijAbUXTJFIZafPok-2paScmpJGPS0pl_imTQGR6TyOFsqybPCjbh8D5uGHBrLyumVWnkGNn6lwgeGKJ2FDZs0Ygyd-hlewo%3D&request_ab2=0&zoneid=5106139&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=9869ee4e-5b85-40f9-9c0f-9d3735ee1bed&userId=8967f277cc034be09f726f4ae338d3a7&m=link | 139.45.197.243 | 200 OK | 2.2 kB |
URL HTTP/2onmarshtompor.com/?rb=HpgDMqwYpX6aEHGiTasNTdGX3nm9ht3wBwooGPnt_RC4dxrH0REyym64N2hWDBeTGFtOn8KWSEg6l-4HObMyA5gDxZoHsoebn4xV97NvhDCGfKzjg44Y716dxUNOijAbUXTJFIZafPok-2paScmpJGPS0pl_imTQGR6TyOFsqybPCjbh8D5uGHBrLyumVWnkGNn6lwgeGKJ2FDZs0Ygyd-hlewo%3D&request_ab2=0&zoneid=5106139&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=9869ee4e-5b85-40f9-9c0f-9d3735ee1bed&userId=8967f277cc034be09f726f4ae338d3a7&m=link IP139.45.197.243:0
File typeJSON data\012- , ASCII text, with very long lines (2805), with no line terminators Hashc88ef86a9e2a17be10b513d15b1f724e 06961386224a625dc4c286dcc3f26533930cfc55 713a270ea0d32446612ca19d2f6b38931601a292d8c52a1200b03febb45ecf16
GET /?rb=HpgDMqwYpX6aEHGiTasNTdGX3nm9ht3wBwooGPnt_RC4dxrH0REyym64N2hWDBeTGFtOn8KWSEg6l-4HObMyA5gDxZoHsoebn4xV97NvhDCGfKzjg44Y716dxUNOijAbUXTJFIZafPok-2paScmpJGPS0pl_imTQGR6TyOFsqybPCjbh8D5uGHBrLyumVWnkGNn6lwgeGKJ2FDZs0Ygyd-hlewo%3D&request_ab2=0&zoneid=5106139&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=9869ee4e-5b85-40f9-9c0f-9d3735ee1bed&userId=8967f277cc034be09f726f4ae338d3a7&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:26 GMT
content-type: application/json
x-trace-id: 8371707bc6e049f33f5478ea92ba088d
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8967f277cc034be09f726f4ae338d3a7; expires=Fri, 06 Oct 2023 11:11:26 GMT; path=/; secure; SameSite=None
oaidts=1665054686; expires=Fri, 06 Oct 2023 11:11:26 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 13 Oct 2022 11:11:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| alpidoveon.com/5/5106135/?oo=1&aab=1 | 139.45.197.237 | 200 OK | 1.8 kB |
URL HTTP/2alpidoveon.com/5/5106135/?oo=1&aab=1 IP139.45.197.237:0
Hashd90aff60c54f67358c7dc3dd265ea822 8cad3a37795181f917e132db39c84aef84bfe9f0 ed3e31e210ff55f3f3bdcd3639f6f23546f7011233a4137c3f0edad96fb47f05
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /5/5106135/?oo=1&aab=1 HTTP/1.1
Host: alpidoveon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/json
x-trace-id: 57bde74a6ba5319afb108c6bf431eea8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=13e896cd47dc48ce9568a24752e655a8; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
oaidts=1665054685; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f | 139.45.195.254 | 200 OK | 12 B |
URL HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f IP139.45.195.254:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Origin: https://m1.cima4uu.club
Content-Length: 2404
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 06 Oct 2022 11:11:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://m1.cima4uu.club
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| onmarshtompor.com/?rb=_uwU7rt5JkOcMFVhedBIld0HKBApLnCCanMUXtobrnhvV_-TsBSMv3aV8pg-R7ZmaOj2qaKUmf26PAJxOfLBYq4XZkcuKOVyD4pCzP2BNwoFMr6th95RVNAGOHOYayJrHUPUvvVzA8a7PyQEkPZrtbVR50I2t1q4HeTALTBhTXkD0ZfTS3nUAqy9LnwLI-x-V-eMb8iDvaJEXbojluI5KdwXe9A%3D&request_ab2=0&zoneid=5106141&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=123a4d20-2ba5-485b-a670-8dc8c0e5dec1&userId=8967f277cc034be09f726f4ae338d3a7&m=link | 139.45.197.243 | 200 OK | 3.2 kB |
URL HTTP/2onmarshtompor.com/?rb=_uwU7rt5JkOcMFVhedBIld0HKBApLnCCanMUXtobrnhvV_-TsBSMv3aV8pg-R7ZmaOj2qaKUmf26PAJxOfLBYq4XZkcuKOVyD4pCzP2BNwoFMr6th95RVNAGOHOYayJrHUPUvvVzA8a7PyQEkPZrtbVR50I2t1q4HeTALTBhTXkD0ZfTS3nUAqy9LnwLI-x-V-eMb8iDvaJEXbojluI5KdwXe9A%3D&request_ab2=0&zoneid=5106141&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=123a4d20-2ba5-485b-a670-8dc8c0e5dec1&userId=8967f277cc034be09f726f4ae338d3a7&m=link IP139.45.197.243:0
Hash72d3558bec0c84426c2935c50ad8111c 1de7cee84200a1e230f65ca6619400defb7d1c3f 59159fad8b42a307cdac6955bd2b642346e7eba74b23a3b165f8ad4a2ff7982f
GET /?rb=_uwU7rt5JkOcMFVhedBIld0HKBApLnCCanMUXtobrnhvV_-TsBSMv3aV8pg-R7ZmaOj2qaKUmf26PAJxOfLBYq4XZkcuKOVyD4pCzP2BNwoFMr6th95RVNAGOHOYayJrHUPUvvVzA8a7PyQEkPZrtbVR50I2t1q4HeTALTBhTXkD0ZfTS3nUAqy9LnwLI-x-V-eMb8iDvaJEXbojluI5KdwXe9A%3D&request_ab2=0&zoneid=5106141&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=123a4d20-2ba5-485b-a670-8dc8c0e5dec1&userId=8967f277cc034be09f726f4ae338d3a7&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:26 GMT
content-type: application/json
x-trace-id: 9ec63fa7756d90541446e5cb58c3338a
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8967f277cc034be09f726f4ae338d3a7; expires=Fri, 06 Oct 2023 11:11:26 GMT; path=/; secure; SameSite=None
oaidts=1665054686; expires=Fri, 06 Oct 2023 11:11:26 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 13 Oct 2022 11:11:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| waitheja.net/500/5106131?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.236 | 200 OK | 0 B |
URL HTTP/2waitheja.net/500/5106131?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /500/5106131?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: waitheja.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://m1.cima4uu.club/
Origin: https://m1.cima4uu.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:26 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| waitheja.net/500/5106131?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.236 | 200 OK | 967 B |
URL HTTP/2waitheja.net/500/5106131?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.236:0
File typeJSON data\012- , ASCII text, with very long lines (967), with no line terminators Hash93533c424b312859c63bf6a7379da1d2 b237e9e362be26da230495b93e5d313e04a8fd32 28a6562e262f57c7180a345fc5df6cf3808bdf2322c5edafbec635af869112d5
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /500/5106131?excludes=&oaid=8967f277cc034be09f726f4ae338d3a7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: waitheja.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Cookie: OAID=c82d51592a0444a6b222e64f6ded1ec5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:26 GMT
content-type: application/javascript
content-length: 967
x-trace-id: bf030a084996a02c57abf118419b7dd1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://m1.cima4uu.club
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=8967f277cc034be09f726f4ae338d3a7; expires=Fri, 06 Oct 2023 11:11:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Righteous&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Righteous&display=swap IP142.250.74.10:0
GET /css2?family=Righteous&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 11:11:23 GMT
date: Thu, 06 Oct 2022 11:11:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| inklinkor.com/tag.min.js | 172.67.211.29 | 200 OK | 0 B |
IP172.67.211.29:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:24 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 44ba68a69e78aab0959195eea6af4c93
cache-control: max-age=86400
last-modified: Wed, 05 Oct 2022 15:41:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 07 Oct 2022 09:55:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4529
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPq5%2BgJo4fTdAJxEbJRliGbre7ATj4JtSzI6Co9rOFMY%2FbxnZ6aZUWqFSL4K8eU0%2Fm%2FJKKg5RcEDZDrvROX%2FcKtWDzx6XuzJJP4SERWvuPzrXaGVurIcj7Q44gIun8dY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755df4c51bb3b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| punoocke.com/400/5106133 | 139.45.197.236 | 200 OK | 0 B |
IP139.45.197.236:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /400/5106133 HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/javascript
x-trace-id: c700e3ac94d1abb929f9cd145b23f0d3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a3a11f506740402184a8ea199079be51; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ledrapti.net/5/5106114/?oo=1&aab=1 | 139.45.197.238 | 200 OK | 0 B |
URL HTTP/2ledrapti.net/5/5106114/?oo=1&aab=1 IP139.45.197.238:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /5/5106114/?oo=1&aab=1 HTTP/1.1
Host: ledrapti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/json
x-trace-id: acc4aee18cc9a1d1fa1f90fdf59b8149
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e2e8ebfe8f30476a93fbe9385755fe3d; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
oaidts=1665054685; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ledrapti.net/5/5106114/?oo=1&aab=1 | 139.45.197.238 | 200 OK | 0 B |
URL HTTP/2ledrapti.net/5/5106114/?oo=1&aab=1 IP139.45.197.238:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /5/5106114/?oo=1&aab=1 HTTP/1.1
Host: ledrapti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/json
x-trace-id: a47e19ed0d44049f447700e7468557b2
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=afd17d997514421d81efd022b2be2bc3; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
oaidts=1665054685; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Fredoka+One&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Fredoka+One&display=swap IP142.250.74.10:0
GET /css2?family=Fredoka+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 11:11:23 GMT
date: Thu, 06 Oct 2022 11:11:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| m.cima4uu.club/cdn-cgi/styles/challenges.css | 172.67.186.152 | 200 OK | 0 B |
URL HTTP/2m.cima4uu.club/cdn-cgi/styles/challenges.css IP172.67.186.152:0
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: m.cima4uu.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:22 GMT
content-type: text/css
last-modified: Tue, 04 Oct 2022 15:37:48 GMT
etag: W/"633c534c-1896"
server: cloudflare
cf-ray: 755df4b2dadeb4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 06 Oct 2022 13:11:22 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| m.cima4uu.club/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=755df4b10ff0b4e8 | 172.67.186.152 | 200 OK | 0 B |
URL HTTP/2m.cima4uu.club/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=755df4b10ff0b4e8 IP172.67.186.152:0
GET /cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=755df4b10ff0b4e8 HTTP/1.1
Host: m.cima4uu.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/?__cf_chl_rt_tk=DSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 11:11:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq3pPQrrSMi6GbATCgLX%2BzgJ8ZcCUjC%2F5KZzkxY50ubR3zm4%2Bid7QD6FPS7YuJ%2FtxU%2Bq7auxrUfh4FC9ZNv21%2FuhKsrt9iRW2tvj%2FUQCA7vfYhngSja%2BP8RGhk3ec0KmvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755df4b36bafb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| agaenteitor.com/400/5106145 | 139.45.197.239 | 200 OK | 0 B |
URL HTTP/2agaenteitor.com/400/5106145 IP139.45.197.239:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /400/5106145 HTTP/1.1
Host: agaenteitor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/javascript
x-trace-id: 7a04d4fb56c497bc98a401290222db15
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f16fb62804084cc4bcc915c4340d5a28; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| waitheja.net/400/5106131 | 139.45.197.236 | 200 OK | 0 B |
IP139.45.197.236:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /400/5106131 HTTP/1.1
Host: waitheja.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/javascript
x-trace-id: 6a544479d667e93afdb1620ea0b8a7a1
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c82d51592a0444a6b222e64f6ded1ec5; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/5/5106141/?oo=1&js_build=iclick-v1.433.0 | 139.45.197.234 | 200 OK | 0 B |
URL HTTP/2bedrapiona.com/5/5106141/?oo=1&js_build=iclick-v1.433.0 IP139.45.197.234:0
GET /5/5106141/?oo=1&js_build=iclick-v1.433.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/json
x-trace-id: 0fef80964bd2b68c05c833723423cf84
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=92657f1784544bbb9cfedd9140f80a5b; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
oaidts=1665054685; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| alpidoveon.com/?rb=8FwprwY7WugsAAG0mgIbQf85gEkPGuG7kuIyA-hzT_dIFS27AGhKw2iXHY7G2wIhG5bKDrf6kMrP8Fzn2GcpRFQHtLkcQnRQV1i1OtjrMpSEZICTBtLCfo9wr4OnFkITBOPLDVw5DKXKh62HHHsOgoUL6msOJscqy-O2zq_QSfsAXvQ7xkjRMwgf-ixmqEbvTMclnr2roLwmR2DMPSyapJSUSrY%3D&request_ab2=0&zoneid=5106135&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=40f07c14-6b68-4092-9373-01a206596573&userId=8967f277cc034be09f726f4ae338d3a7&m=link | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2alpidoveon.com/?rb=8FwprwY7WugsAAG0mgIbQf85gEkPGuG7kuIyA-hzT_dIFS27AGhKw2iXHY7G2wIhG5bKDrf6kMrP8Fzn2GcpRFQHtLkcQnRQV1i1OtjrMpSEZICTBtLCfo9wr4OnFkITBOPLDVw5DKXKh62HHHsOgoUL6msOJscqy-O2zq_QSfsAXvQ7xkjRMwgf-ixmqEbvTMclnr2roLwmR2DMPSyapJSUSrY%3D&request_ab2=0&zoneid=5106135&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=40f07c14-6b68-4092-9373-01a206596573&userId=8967f277cc034be09f726f4ae338d3a7&m=link IP139.45.197.237:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /?rb=8FwprwY7WugsAAG0mgIbQf85gEkPGuG7kuIyA-hzT_dIFS27AGhKw2iXHY7G2wIhG5bKDrf6kMrP8Fzn2GcpRFQHtLkcQnRQV1i1OtjrMpSEZICTBtLCfo9wr4OnFkITBOPLDVw5DKXKh62HHHsOgoUL6msOJscqy-O2zq_QSfsAXvQ7xkjRMwgf-ixmqEbvTMclnr2roLwmR2DMPSyapJSUSrY%3D&request_ab2=0&zoneid=5106135&js_build=iclick-v1.433.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fm1.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F&drf=https%3A%2F%2Fm.cima4uu.club%2F%25D8%25A7%25D9%2581%25D9%2584%25D8%25A7%25D9%2585-%25D8%25A7%25D8%25AC%25D9%2586%25D8%25A8%25D9%2589%2F%25D9%2581%25D9%258A%25D9%2584%25D9%2585-exploits-of-a-young-don-juan-1986-%25D9%2585%25D8%25AA%25D8%25B1%25D8%25AC%25D9%2585%2F%3F__cf_chl_tk%3DDSixd62cz8iY8ZtcJHpJRyJd1AqWF4SIZsA8ox_GzOE-1665054681-0-gaNycGzNCCU&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.433.0&bs=40f07c14-6b68-4092-9373-01a206596573&userId=8967f277cc034be09f726f4ae338d3a7&m=link HTTP/1.1
Host: alpidoveon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Cookie: OAID=13e896cd47dc48ce9568a24752e655a8; oaidts=1665054685
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/json
x-trace-id: ec0eb1019c0adef65a3f314a02d487fb
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=8967f277cc034be09f726f4ae338d3a7; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
oaidts=1665054685; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 13 Oct 2022 11:11:25 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ | 172.67.186.152 | 503 Service Unavailable | 0 B |
URL HTTP/2m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ IP172.67.186.152:0
GET /%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/ HTTP/1.1
Host: m.cima4uu.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 503 Service Unavailable
date: Thu, 06 Oct 2022 11:11:21 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referer-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFidWLIuxRv6EQWH9EaXoAefdxy5qVIlTA7UoRtDO2Y3aWAV894MMeUYRAKRmXfO8VJyWaW7cZftC%2Bp%2BRRTHJkIg%2FCWt9vIa9vJF6FFMIM7%2Bj8lpA2VKb1zUa0tpVakPJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755df4b10ff0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| m.cima4uu.club/favicon.ico | 172.67.186.152 | 503 Service Unavailable | 0 B |
URL HTTP/2m.cima4uu.club/favicon.ico IP172.67.186.152:0
GET /favicon.ico HTTP/1.1
Host: m.cima4uu.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.cima4uu.club/%D8%A7%D9%81%D9%84%D8%A7%D9%85-%D8%A7%D8%AC%D9%86%D8%A8%D9%89/%D9%81%D9%8A%D9%84%D9%85-exploits-of-a-young-don-juan-1986-%D9%85%D8%AA%D8%B1%D8%AC%D9%85/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 503 Service Unavailable
date: Thu, 06 Oct 2022 11:11:22 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referer-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqTkYbk1wELRV%2FZCBn6hJU7Nt%2Ff1l2kDDJpYKHDv7Jc%2FhegEPZ3QiFPnH3HvkTGaP4lhEYLjHFMp0Lo7Si%2F5yX6Mh9Tlz0AYjFTceZdLAtYsAZlhLj3Qh48vkomi1UgX2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755df4b2dae1b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Tajawal:wght@200;300;400;500;700;800;900&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Tajawal:wght@200;300;400;500;700;800;900&display=swap IP142.250.74.10:0
GET /css2?family=Tajawal:wght@200;300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 11:11:23 GMT
date: Thu, 06 Oct 2022 11:11:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/5/5106139/?oo=1&js_build=iclick-v1.433.0 | 139.45.197.234 | 200 OK | 0 B |
URL HTTP/2bedrapiona.com/5/5106139/?oo=1&js_build=iclick-v1.433.0 IP139.45.197.234:0
GET /5/5106139/?oo=1&js_build=iclick-v1.433.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m1.cima4uu.club
Connection: keep-alive
Referer: https://m1.cima4uu.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 11:11:25 GMT
content-type: application/json
x-trace-id: a0a40c29129bf6c20455c4e08b1d9d2d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://m1.cima4uu.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8967f277cc034be09f726f4ae338d3a7; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
oaidts=1665054685; expires=Fri, 06 Oct 2023 11:11:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|