urlquery - report: syndication.exdynsrv.com/splash.php?cat=&idzone=4734030&type=8&p=tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-08 17:14:01 UTC	34.117.237.239
ocsp.pki.goog (4)	175	2017-06-14 07:23:31 UTC	2022-12-08 17:12:01 UTC	216.58.211.3
main.realsrv.com (2)	91110	2019-02-11 13:11:59 UTC	2022-12-08 22:46:48 UTC	95.211.229.247
syndication.exoclick.com (4)	22750	2012-05-21 08:27:02 UTC	2022-12-08 19:45:14 UTC	95.211.229.247
simplewebanalysis.com (2)	0	2022-02-25 04:06:25 UTC	2022-12-08 17:33:26 UTC	18.185.190.54	Unknown ranking
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2022-12-08 17:12:32 UTC	35.241.9.150
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-12-08 17:20:00 UTC	52.42.148.177
status.thawte.com (1)	5123	2017-11-27 12:33:51 UTC	2022-12-08 17:15:52 UTC	93.184.220.29
twistconcept.com (1)	0	2020-08-23 14:56:06 UTC	2022-12-08 12:38:48 UTC	172.67.215.17	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-12-08 17:21:04 UTC	34.160.144.191
lostincunt.com (1)	0	2022-03-28 10:51:13 UTC	2022-12-07 10:55:19 UTC	172.67.215.107	Unknown ranking
tsyndicate.com (1)	13042	2017-03-16 09:04:54 UTC	2022-12-08 18:23:37 UTC	162.55.130.248
my.rtmark.net (3)	9054	2015-02-04 09:54:57 UTC	2022-12-08 17:42:48 UTC	139.45.195.8
a.exoclick.com (1)	71579	2019-05-20 13:17:49 UTC	2022-12-08 18:08:23 UTC	205.185.216.42
ocsp.digicert.com (11)	86	2012-05-21 07:02:23 UTC	2022-12-08 17:15:52 UTC	93.184.220.29
fonts.gstatic.com (1)	0	2014-04-02 10:51:04 UTC	2022-12-08 17:14:55 UTC	216.58.207.227	Domain (gstatic.com) ranked at: 540
d39iocnrk5rxnb.cloudfront.net (1)	0	2014-04-30 09:54:06 UTC	2022-12-06 19:56:25 UTC	54.230.245.148	Unknown ranking
runative-syndicate.com (1)	31587	2019-03-19 12:21:36 UTC	2022-12-08 14:00:37 UTC	136.243.43.25
professionalswebcheck.com (1)	0	2022-04-01 22:47:29 UTC	2022-12-08 12:38:48 UTC	18.185.190.54	Unknown ranking
offers.hooligapps.com (1)	456812	2018-10-18 20:01:57 UTC	2022-12-06 19:55:20 UTC	172.67.172.137
fonts.googleapis.com (1)	8877	2012-05-23 12:41:44 UTC	2022-12-08 17:12:12 UTC	142.250.74.106
main.exoclick.com (2)	33599	2015-09-01 10:25:49 UTC	2022-12-08 16:42:29 UTC	95.211.229.247
s.opoxv.com (2)	53756	2019-12-13 09:21:20 UTC	2022-12-08 18:16:16 UTC	95.211.229.246
syndication.traffichaus.com (1)	53588	2016-11-06 03:07:53 UTC	2022-12-07 15:11:06 UTC	66.254.114.233
faptitans.com (9)	353083	2016-11-05 21:53:08 UTC	2022-12-08 22:48:54 UTC	138.201.149.27
iadoremakingpics.com (1)	170567	2021-04-24 00:00:33 UTC	2022-12-06 19:56:25 UTC	104.21.65.147
ocsp.sca1b.amazontrust.com (1)	1015	2016-02-14 02:37:56 UTC	2019-03-27 04:05:54 UTC	54.230.245.110
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-12-08 15:50:00 UTC	34.120.237.76
syndication.exdynsrv.com (3)	34243	2016-04-20 18:35:15 UTC	2022-12-08 14:42:33 UTC	95.211.229.246
goplayhere.com (1)	0	2016-01-26 12:17:53 UTC	2022-12-09 03:19:02 UTC	172.67.187.242	Unknown ranking
r3.o.lencr.org (11)	344	2020-12-02 08:52:13 UTC	2022-12-08 17:12:06 UTC	23.36.76.226
syndication.exdynsrv.com (3)	34243	2016-04-20 18:35:15 UTC	2022-12-08 14:42:33 UTC	95.211.229.247
cdn.faptitans.com (3)	0	2018-06-29 15:38:27 UTC	2022-11-29 02:03:45 UTC	104.19.254.19	Domain (faptitans.com) ranked at: 353083
e1.o.lencr.org (2)	6159	2021-08-20 07:36:30 UTC	2022-12-08 17:11:00 UTC	23.36.76.226
epoch.com (1)	178156	2012-05-23 03:00:56 UTC	2022-12-08 21:17:58 UTC	104.18.4.99
syndication.realsrv.com (2)	9112	2019-07-03 21:39:52 UTC	2022-12-08 17:34:22 UTC	95.211.229.246
rivne.space (1)	778292	2019-09-13 06:18:38 UTC	2022-12-07 12:10:22 UTC	104.21.47.163

Scan Date	Severity	Indicator	Comment
2022-12-09	2	simplewebanalysis.com/px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706	Malware
2022-12-09	2	simplewebanalysis.com/px.gif?akey=4bd743ddcc79bd80ae00a9d22a3fcb14	Malware

Date	UQ / IDS / BL	URL	IP
2023-01-28 03:36:14 +0000	0 - 0 - 4	syndication.exdynsrv.com/splash.php?cat=&idzo (...)	95.211.229.246
2022-12-09 03:43:10 +0000	0 - 0 - 2	syndication.exdynsrv.com/splash.php?cat=&idzo (...)	95.211.229.246
2022-12-09 03:42:57 +0000	0 - 0 - 1	syndication.exdynsrv.com/splash.php?cat=&idzo (...)	95.211.229.246
2022-11-05 19:49:14 +0000	0 - 0 - 3	syndication.optimizesrv.com/d.php?z=6301	95.211.229.246

Date	UQ / IDS / BL	URL	IP
2023-02-03 19:51:50 +0000	0 - 0 - 2	gtlbin.pro/play-2	82.192.82.228
2023-02-03 19:21:27 +0000	0 - 0 - 5	filefactory.com/file/5cxxweil2zoh/sft18FM2316 (...)	95.211.200.52
2023-02-03 19:21:19 +0000	0 - 0 - 1	thehammocksource.msnd40.com/tracking/lc/b34db (...)	212.32.243.39
2023-02-03 19:09:37 +0000	0 - 2 - 5	knjghuig.biz/gydfw	5.79.71.205
2023-02-03 18:32:25 +0000	0 - 1 - 0	extreme-ip-lookup.com/	37.48.65.182

Date	UQ / IDS / BL	URL	IP
2023-01-28 03:36:14 +0000	0 - 0 - 4	syndication.exdynsrv.com/splash.php?cat=&idzo (...)	95.211.229.246
2022-12-12 13:24:07 +0000	0 - 0 - 1	syndication.exdynsrv.com/splash.php?cat=&idzo (...)	95.211.229.247
2022-12-09 03:43:10 +0000	0 - 0 - 2	syndication.exdynsrv.com/splash.php?cat=&idzo (...)	95.211.229.246
2022-12-09 03:42:57 +0000	0 - 0 - 1	syndication.exdynsrv.com/splash.php?cat=&idzo (...)	95.211.229.246
2022-09-28 17:35:44 +0000	0 - 0 - 0	syndication.exdynsrv.com	95.211.229.245

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8377 Expires: Fri, 09 Dec 2022 06:02:35 GMT Date: Fri, 09 Dec 2022 03:42:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f2acd891dc6eb1f09f57a2b086791781 Sha1: 1e2088306501a61edcca1ade62c4d54f23b3b083 Sha256: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5869 Expires: Fri, 09 Dec 2022 05:20:47 GMT Date: Fri, 09 Dec 2022 03:42:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aea93551fa9deb76ae49a3b4019d64fe Sha1: e3b8862057ebe839959228e42246d7b1807fc90c Sha256: 7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 09 Dec 2022 03:08:17 GMT age: 2081 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA" Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5534 Expires: Fri, 09 Dec 2022 05:15:12 GMT Date: Fri, 09 Dec 2022 03:42:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4ee537977be9c03702f8ffe0025bf1fe Sha1: 21637881c4aa34c4add703f8bff4eff573159f45 Sha256: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: eH/y6VommAtFe9HyRbXSspcjx8xNE3+XQVbhGSJDXimvgnW2RoMm5VneukyI1VTHOEtFkVa4cmHLpRmR29Joyg== x-amz-request-id: 9RVQKBYZ2TCP512B content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 09 Dec 2022 02:48:09 GMT age: 3289 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /splash.php?cat=&idzone=4734030&type=8&p=https://tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2 HTTP/1.1 Host: syndication.exdynsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: syndication.exdynsrv.com/splash.php?cat=&idzone=4734030 (...) FQDN: syndication.exdynsrv.com IP: 95.211.229.247 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 95.211.229.247 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:42:58 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226392aec25d8610.956298012409665413%22%3B%7D; expires=Sun, 08 Dec 2024 03:42:58 GMT; path=; domain=.exdynsrv.com; impressions=cmmsxrbonxgxameexmllsgeicmmsxaeenxgxamecmrmabgeimacslbecnxgxaaabssxamgeislsaroornxgxamercxaxlgeicxbmsbxcnxgxaallaccblgeioslmrxlrnxgxamecmscacgeiccmmlmlcnxgxameomroeegeialbsereanxgxaalrollmegeioslmrxbrnxgxamercxaxlgeicxbmsbcenxgxaallsbmbbgeioslmrxlsnxgxamercolsxgeicxbmsbocnxgxaallcccaogeicxbmsboenxgxaalbaaamegeiclsmarcanxgxaaallsxlcgeiclsmrrmanxgxaaallsxlcgeirbabxabbnxgxameexmllsgeiccmmlleanxgxameexmerxgeimcrxsbcenxgxaameollsmgeimreaoboenxgxaameollsmgeimcclosscnxgxaalccxmexgeimacslbeenxgxaaboslelageioslmroemnxgxamecmrmabgeioslmrxbmnxgxamesrlmlogeicaxsscmbnxgxamexrbcemgeicaormlxonxgxaamealeoegeicaormbmcnxgxaamealeoegeimcclsxscnxgxaamsmxlcageimccloscanxgxaallmalxmgeimreaomxenxgxaamelbbsbgeimreaobscnxgxaamelbbsbgeimcclosconxgxaallsbmbbgeimcclsoeonxgxaamxaacblgeimacslbeonxgxaaloesaslgeimcclsxsanxgxaamsmxlcageimcclsxlbnxgxaamssmcolgeimaecseaonxgxaamssmcolgeimaecsxeonxgxaamssmcolgeimaecseronxgxaamssmcolgeimrblelrenxgxaamssmcolgeiccmmllebnxgxameoxbrrrgeimcclsxlonxgxaamcsebsxgeimcclsoeenxgxaamcrclalgeimcclsxsbnxgxaamcrclalgeimcclossbnxgxaalbexcrageimcclsxlcnxgxaamrscxmxgeimaecseranxgxaabrlemaegeimcclosccnxgxaamrscxmxgeicaormlxcnxgxaalbxrlcegeicaormbmbnxgxaalrexasogeiclsmrbsenxgxaamaxcsxcgeialbserebnxgxamexsrmoogeimcclsxconxgxamecabelcgeimcclsxmenxgxamecabelcgeialbserxonxgxaalbcxbsageimccloscenxgxaalmlsmmcgeimcclsxxonxgxameexxllrgeimcclsxbcnxgxameomoscbgeicaormlxanxgxaammacmrxgeimcclsxaonxgxamesemoslgeimrblxxxbnxgxaambboecmgeimrblxelcnxgxaambboecmgeimrblxxrbnxgxaambboecmgeialbserxenxgxamexmlmxxgeimacslbeanxgxaablxaelxgeialbserecnxgxameoxbrrrgeiccmmllecnxgxamexsrmoogeisaeeasslnxgxaabrbeccogeimcclossanxgxaabrlemaegeimcclsxronxgxamesemoslgeimaecseabnxgxaabrlemaegeimrblelrcnxgxaabrlemaegeimrblxemonxgxaabrlemaegeimcclsxcanxgxaalrlccrxgeimaecsxoonxgxaabmalbxxgeircsxcxscnxgxaabbxeomsgeicaormbbenxgxaalexxbcxgeiabeocmconxgxaablxrcmmgeimcclsxxcnxgxaalesmxrsgeimrblxeeanxgxaablsaloageimaecsemanxgxaalmmeabageimaecselonxgxaaloaroaageimcclsxacnxgxameolxrmmgeimcclselenxgxamecrasabgeimaecsxronxgxaalxmmoorgeimaecsxsenxgxaalxmmoorgeimaecsercnxgxaalxmmoorgeimaecsembnxgxaalxmmoorgeimaecselenxgxaalxmmoorgeimaecobobnxgxaalsmleergeimaecomoanxgxaalsbbboageimrblxxoenxgxaalsbmacmgeimaecobsbnxgxaalsbbboageimrblxosonxgxaalsbbboageimcclsxmanxgxamecrasabgeimaecsxccnxgxaalmeeamageimrblxeecnxgxaalmeeamageimrblelronxgxaalmeeamageimrblelmonxgxaalmeeamageimaecseacnxgxaalmmeabageimaecsxxcnxgxaalmmeabageicaormbmanxgxaalbxrlcegeimaecsxocnxgxaalbrxssogeicaormlobnxgxaallcccaogeimaecomrenxgxameexxllcgeimrblxxxanxgxameexxllrgeimrblxosbnxgxameexxllrgeimaecomlonxgxameexxllrgeimcclselanxgxameobesbsgeimrblxoxenxgxameexmllsgeimaecomconxgxameexmllsgeiclsmrrrenxgxamexlcmeageiclsmarocnxgxamexlcmeageiclsmrbecnxgxamexlcmeageiclsmarcbnxgxamexlcmeageimmccrbeanxgxamecrasabgeimmccrlacnxgxamecmrmabgeimrblxeoenxgxamecrasabgeimmccrlaonxgxamecmscacgeimrxccosoncgxamecmselogxcceicloaxxacnxgxamecmselsgxcceixaoossalnsgxamecmselsgxcceimmccrbxenxgxamecbxbacgeimmcorsxonxgxamecmscacgxcceicmarxbbonsgxamecmscacgxcceialbmlesenxgxamecmcmrogxcceimrxmbarenxgxamecmcmrogxcceimxlbmoconcgxamecmrsbogxcceicloaxxaanxgxamecmmsrogxcceimraeelabnsgxamecmmcxsgxcceimrxccosancgxamecmmcsogxcceimxxerreonxgxamecmmcsogxcceiceecmorsnxgxamecmmcsogxcceimeembesonxgxamecmbbmegxcceimxxerrxenxgxamecmlbxegxcceimcssmlrensgxamecmlbxegxcceialbbebsbnxgxamecmlbxegxcceimmossscensgxamecmlbxegxcceimxxerrebnxgxamecbeobxgxcceimxlbalcenogxamecbeobogxcceimeembescnxgxamecbessmgxcceialrexeoonxgxamecbxmbmgxcceimmccrlaenxgxamercolsxgeimcoaxmxoncgxamecbsaregxcceimeembecenxgxamecbsaregxcceimasbmxconxgxamecbmrbsgxcceimxlbmosensgxamecbbmbcgxcceimmooobranogxamecloaaogxcceimeelaclonogxamecloaaogxcceimeelaclanxgxamecloaaogxcceicloaxxabnxgxameclomccgxcceimmcoaalenxgxameclcbsbgxcceimxlbmosanogxamerexxbogxcceimcoaxmxcncgxamereobergxcceimcssmlrcnsgxamereobergxcceimrceboxanxgxamerelarmgxcceimaoobbebnxgxamerelarmgxcceicloaecoanxgxamerelarmgxcceimmooobronogxamerelbregxcceimaabamcanxgxamerelbregxcceimxreaomcnxgxamerxslmbgxcceimmxerbocnxgxamerxslmlgxcceimmosssconsgxameroxoscgxcceimcssmlroncgxameroxoscgxcceimxlbmosonrgxameroxoscgxcceialbbebrenxgxameroxoscgxcceimmcaacrancgxameroxoscgxcceialrexexbnxgxameroxmargxcceimclsaoxbnmgxamerooesbgxcceimxxerrecnxgxamerooeslgxcceimexexabbnxgxamerooecxgxcceicxmecmcanxgxamerooecxgxcceimrbleaxonogxameroarrbgxcceimxlbmoobnogxamerssomrgxcceimxlbalscnxgxamerscassgxcceimmsoxrlenxgxamersreclgxcceimrxccoscnxgxamersrlacgxcceimxeoxsbenxgxamersblamgxcceimxlbmxbbnxgxamersblamgxcceimsacexoonxgxamersblamgxcceimmcorsebnxgxamersblamgxcceimxlbmxlonogxamercxaxlgxcceislmbeslrnxgxamercxaxlgxoaeimmcorsxanogxamercxaxlgxcceimxeoxsacnogxamercxaxlgxcceimaoolcoonxgxamercxmxcgxcceimmccrbebnxgxamercolsxgeimmxcxslenxgxamercolsxgxcceimmsoxrlonxgxamerccesxgxcceimmsxrlabnxgxamerccesxgxcceimaalslbanogxamerccesxgxcceimmsoxrlcnxgxamerccesxgxcceimrbxmxmanxgxamercbeblgxcceimmoabamcnogxamercbeblgxcceimaoobrbcnogxamercbeblgxcceimaooloranxgxamerrsxaagxcceimaoobrbanogxamerrsxaagxcceialbmmbbenxgxamerrsrbcgxcceimmooobrcnxgxamerrsrbcgxcceiaaxcambbnxgxamerrsrbcgxcceimromoslanxgxamerrsrbcgxcceimxlbmoscnxgxamerrsrbcgxcceimxeemleanxgxamerrsrbcgxcceimrcebeaenxgxamerrmsmbgxcce; expires=Sat, 10 Dec 2022 03:42:58 GMT; path=/; domain=.exdynsrv.com; c-tag=%7B%22tag-link%22%3A%22v3%7C%7CNOR%7C4734030%7C75408060%7C0%7C%7C517%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C%7C8eb713ec8cdc14035d0efbf4dd15f05c%7C0%7Ctioanime.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 10 Dec 2022 03:42:58 GMT; path=/; domain=.exdynsrv.com; Location: https://goplayhere.com/?5defa5d178518&ag_custom_domain=tioanime.com X-Robots-Tag: noindex, follow --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 09 Dec 2022 03:42:58 GMT content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 826 Cache-Control: max-age=129007 Date: Fri, 09 Dec 2022 03:42:58 GMT Etag: "63920077-118" Expires: Sat, 10 Dec 2022 15:33:05 GMT Last-Modified: Thu, 08 Dec 2022 15:19:19 GMT Server: ECS (amb/6BAC) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 07f4d799f20c86bc36a16a606fbed917 Sha1: e05f5cd071693de228d62d3e54b2626fcb3c9707 Sha256: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 826 Cache-Control: max-age=129007 Date: Fri, 09 Dec 2022 03:42:58 GMT Etag: "63920077-118" Expires: Sat, 10 Dec 2022 15:33:05 GMT Last-Modified: Thu, 08 Dec 2022 15:19:19 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 07f4d799f20c86bc36a16a606fbed917 Sha1: e05f5cd071693de228d62d3e54b2626fcb3c9707 Sha256: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 9d4addec8d3829b107682fbb2363b43cca5c0045bf5f29aa91e760d181a1469a 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9D4ADDEC8D3829B107682FBB2363B43CCA5C0045BF5F29AA91E760D181A1469A" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7612 Expires: Fri, 09 Dec 2022 05:49:51 GMT Date: Fri, 09 Dec 2022 03:42:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ebe0b335e4b0695680ce797853f3cc5f Sha1: 5e4885483eb193470edd22c9489717f39831f04b Sha256: 9d4addec8d3829b107682fbb2363b43cca5c0045bf5f29aa91e760d181a1469a
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 09 Dec 2022 03:07:55 GMT age: 2104 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /?utm_campaign=pu_exo_manga_na&utm_medium=click&utm_source=bn&utm_content=tioanime.com&bnid=direct&crID=4539&zID=95870&land=direct HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: faptitans.com/?utm_campaign=pu_exo_manga_na&utm_medium= (...) FQDN: faptitans.com IP: 138.201.149.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 138.201.149.27 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:42:59 GMT content-length: 0 location: /start/ vary: Accept-Language, Cookie content-language: en set-cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /start/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers	URL: faptitans.com/start/ FQDN: faptitans.com IP: 138.201.149.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 138.201.149.27 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:42:59 GMT content-length: 0 location: / vary: Accept-Language, Cookie content-language: en set-cookie: cook=6zesz82y062gso3nai25ngifug54540z; expires=Sat, 04-Nov-2023 03:42:59 GMT; HttpOnly; Max-Age=28512000; Path=/ sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3011 Cache-Control: max-age=108844 Date: Fri, 09 Dec 2022 03:42:59 GMT Etag: "6391a92c-1d7" Expires: Sat, 10 Dec 2022 09:57:03 GMT Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fd55f4aaaab6ec40bc7dc10252cd819a Sha1: a72523f60be265a391fa9edc43e0a93418ad1fd0 Sha256: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: TW1jXG2in6d4rB5FcMGrtw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.42.148.177 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.42.148.177 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ZtZCAxumguZ4lnBeGMuvtoo49wQ= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5ba69e6e9c1c4368a5d1968b57756d8d524c35af066470d3da5fc20d6100b996 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6251 Cache-Control: 'max-age=158059' Date: Fri, 09 Dec 2022 03:42:59 GMT Last-Modified: Fri, 09 Dec 2022 01:58:48 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 1e777091545c9c2ed462829dda2bd090 Sha1: dec7ade636f9a660f7c6ca0cff033f0a2ec845bc Sha256: 5ba69e6e9c1c4368a5d1968b57756d8d524c35af066470d3da5fc20d6100b996
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e17ae24c55d39a60c92944b0c9478eeaa128431c55266345806f75fbf613dc6c 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4552 Cache-Control: max-age=117961 Date: Fri, 09 Dec 2022 03:42:59 GMT Etag: "6391c6c4-117" Expires: Sat, 10 Dec 2022 12:29:00 GMT Last-Modified: Thu, 08 Dec 2022 11:13:08 GMT Server: ECS (amb/6BBC) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 2fb795cef147e72f70e3f4918bd8833c Sha1: 6b793cc5f43af30c5c28c14e4f6de9c24571d731 Sha256: e17ae24c55d39a60c92944b0c9478eeaa128431c55266345806f75fbf613dc6c
GET /xoffers_v2.js HTTP/1.1 Host: offers.hooligapps.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: offers.hooligapps.com/xoffers_v2.js FQDN: offers.hooligapps.com IP: 172.67.172.137 HASH: f9ee3cc09bd262346db6b27c715c09d018ad166efb50394f5662e13700f170cc 172.67.172.137 HTTP/2 200 OK content-type: application/javascript date: Fri, 09 Dec 2022 03:42:59 GMT last-modified: Mon, 19 Sep 2022 13:04:03 GMT etag: W/"632868c3-38d" strict-transport-security: max-age=15724800; includeSubDomains cache-control: max-age=14400 cf-cache-status: HIT age: 6832 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jqWcrOXj0ElPJK7ewglFpNWGCcC7ZyYFPl%2FcMidgRGALAJY1A%2FC%2F1G0m3dlyh%2FfhqOuArDqhpeIDLNUCXqtjrdZmDhZPwxu7%2BPA%2BFf2If0qweokqx0UFRQ48CuI7q9%2Fqz9IO2HP9bY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 776abbe73a6ab523-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2130), with no line terminators Size: 1162 Md5: 9d0138b74e21985d09ee3cf6473e01eb Sha1: b21b1c1a06cfc03c379ceae4d974aa6f92badd59 Sha256: f9ee3cc09bd262346db6b27c715c09d018ad166efb50394f5662e13700f170cc
GET /s1//rc/fap-splash-xmas-web.jpg HTTP/1.1 Host: cdn.faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	URL: cdn.faptitans.com/s1//rc/fap-splash-xmas-web.jpg FQDN: cdn.faptitans.com IP: 104.19.254.19 HASH: f7cbd6b92b499de1bfd83b8ab4e0a58ee38a21463f9e790e6c1a31e194a4a43e 104.19.254.19 HTTP/2 200 OK content-type: image/jpeg date: Fri, 09 Dec 2022 03:42:59 GMT content-length: 383182 access-control-allow-origin: * cache-control: public, max-age=315360000 cf-bgj: h2pri etag: "63908758-5d8ce" expires: Mon, 06 Dec 2032 03:42:59 GMT last-modified: Wed, 07 Dec 2022 12:30:16 GMT cf-cache-status: HIT age: 140531 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 776abbe77cf0b515-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, progressive, precision 8, 1200x640, components 3\012- data Size: 383182 Md5: 95c3734f9ecaf27619cff0a6cdacba1b Sha1: fe19e2262e136e0c099c076412209f878ee7ad14 Sha256: f7cbd6b92b499de1bfd83b8ab4e0a58ee38a21463f9e790e6c1a31e194a4a43e
GET /s1/__1152/boot.js HTTP/1.1 Host: cdn.faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	URL: cdn.faptitans.com/s1/__1152/boot.js FQDN: cdn.faptitans.com IP: 104.19.254.19 HASH: 0172b73a915474c2e2e6088e2e86b8f92f1f42a0f989c1886428e02eae6be4a9 104.19.254.19 HTTP/2 200 OK content-type: application/javascript date: Fri, 09 Dec 2022 03:42:59 GMT last-modified: Mon, 05 Dec 2022 11:59:01 GMT etag: W/"638ddd05-1fa6" expires: Mon, 06 Dec 2032 03:42:59 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT age: 140532 vary: Accept-Encoding server: cloudflare cf-ray: 776abbe74cd6b515-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 3586 Md5: f75262dce758b01ba69618f6c1b63f67 Sha1: 36b34e88da4a9dd3bae5a0815ac9deb9319fd0e6 Sha256: 0172b73a915474c2e2e6088e2e86b8f92f1f42a0f989c1886428e02eae6be4a9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7b8c1870f03a90aac6370fc69516f95f Sha1: 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4de2d31db5fd266497999335be56a012920f543a663ada471e32c7268a408f05 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 313089 Md5: e6d2f674d8ba4ac9c276a2fc3a07daf9 Sha1: e63e2b8171960dc181c9370965954f235627d74f Sha256: 4de2d31db5fd266497999335be56a012920f543a663ada471e32c7268a408f05
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c8a1ee09c2186f992a0cef14bd7024bcc3e4b1a17bff6b5bf9b8834cba78c83c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 267103 Md5: 1ec07a33ae774e07f776fb4159891a59 Sha1: 67a952693df730b323b132d72ad7acd0402eac78 Sha256: c8a1ee09c2186f992a0cef14bd7024bcc3e4b1a17bff6b5bf9b8834cba78c83c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f2473b15711152203cf06156427cf5da094f20511bd078fa0067d823a79c7e34 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 502407 Md5: 3a7b5fed23d53a0eaf94f7dded6a88bf Sha1: 0f818d5b711469f89686bc9e78ee18d231b9831e Sha256: f2473b15711152203cf06156427cf5da094f20511bd078fa0067d823a79c7e34
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 040a8d801e0c573f07af591d078e3d07ae79a1acff5fba775d56724abb540ba3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 693409 Md5: 2ecadf5e9bd055e59c5e50f2227517e6 Sha1: 2903fc79c1551c62d7fe1f2e253bd5fd7c0bed86 Sha256: 040a8d801e0c573f07af591d078e3d07ae79a1acff5fba775d56724abb540ba3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7557 x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctlz5EISoAMFdWw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 07:15:07 GMT age: 73673 etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7557 Md5: 5de5d319f43d9c9c641419d96655541f Sha1: cde4c7fa0145d3645af17e34c83c63c08f76a076 Sha256: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7897 x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cwVM_F51IAMFunw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Fri, 09 Dec 2022 03:38:26 GMT age: 274 etag: "7558222788f06623ddae6e883413e38e1146281e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7897 Md5: 8c3214044657f3b876d1f1848bca5684 Sha1: 7558222788f06623ddae6e883413e38e1146281e Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12748 x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cjuciEptIAMFj9A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 18:34:32 GMT age: 32908 etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12748 Md5: 730ba1a8edb79ba6f83b46d1ba5aed7b Sha1: 55a236fedf6f5f7ca2bb88ae13e20846a50fd36d Sha256: f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8204 x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cjtKfEiToAMFSXA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 15:50:07 GMT age: 42773 etag: "6cee6b1828c709f68b995197ca943a5c393f86fb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8204 Md5: 9cb76c68a8cd472600106cc118067868 Sha1: 6cee6b1828c709f68b995197ca943a5c393f86fb Sha256: 009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8345 x-amzn-requestid: b1cf2094-2cf5-4e19-9ed7-4d7e220c93cd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: czUoREPoIAMF4hg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6391349b-1b78fe0a155179643ae2aeed;Sampled=0 x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:31 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: YMFI6I2o0A4rGZTluooPsDLGNRRY9kSAfDAFrwzXhIG4HC_W-hFIoQ== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 11:31:33 GMT age: 58287 etag: "4792b0893827924e84cc51450012407717da4d2b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8345 Md5: 659b6eb1f1c430e2780758c7787b9a23 Sha1: 4792b0893827924e84cc51450012407717da4d2b Sha256: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7960 x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctEd8HC0oAMFUag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ== via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 05:44:09 GMT age: 79131 etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7960 Md5: eb00a2a503a690cee3e4dd729b5bc9bd Sha1: cfb1e5bcab2148a777889680e6e36b9d7e8917ec Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 03:43:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 6ec5f6261a8262e9f94b29627f54cefe Sha1: 7ac766cf2ac8c2d960ec033388a767ff8a7d45e2 Sha256: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 03:43:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 6ec5f6261a8262e9f94b29627f54cefe Sha1: 7ac766cf2ac8c2d960ec033388a767ff8a7d45e2 Sha256: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 151 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 HASH: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:01 GMT content-length: 16 vary: Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:01 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 16 Md5: c08db8689029b24432b3283bb558d25f Sha1: 70431d464d9ec8b326e809c3438b47f6d1bf4465 Sha256: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f
GET /css?family=Roboto&subset=latin,latin-ext,cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn.faptitans.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Roboto&subset=latin,lat (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: f56edc82574d307d4c388d711cd9e8a4ed10a39a3492c804876c8ff3a2fcaec6 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 09 Dec 2022 03:43:01 GMT date: Fri, 09 Dec 2022 03:43:01 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 12753 Md5: 3217ca548056d862160d26e3f2ab451e Sha1: 054e07327c568e63f2753dd1b9cf8ee341aa5b0e Sha256: f56edc82574d307d4c388d711cd9e8a4ed10a39a3492c804876c8ff3a2fcaec6
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6f422d3c21f4b4af8fe81eafff36f4f0d8c0e55ba98c06ce7579ce9e2ef44ee7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5389 Cache-Control: max-age=135735 Date: Fri, 09 Dec 2022 03:43:01 GMT Etag: "639208ef-1d7" Expires: Sat, 10 Dec 2022 17:25:16 GMT Last-Modified: Thu, 08 Dec 2022 15:55:27 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1840aeb34fdf302c4b0279cff88a3fff Sha1: b6269311d6e4f3a0d1ca7ae4a19b626d9c8a9c39 Sha256: 6f422d3c21f4b4af8fe81eafff36f4f0d8c0e55ba98c06ce7579ce9e2ef44ee7
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 184 Cache-Control: max-age=152807 Date: Fri, 09 Dec 2022 03:43:01 GMT Etag: "63925ff4-116" Expires: Sat, 10 Dec 2022 22:09:48 GMT Last-Modified: Thu, 08 Dec 2022 22:06:44 GMT Server: ECS (amb/6B83) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 9c88a0dc24f35af394824eb79bb4ed55 Sha1: 5a6a71e6a36d83cb2b351912e531fd33c487b1ce Sha256: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5
POST / HTTP/1.1 Host: status.thawte.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: status.thawte.com/ FQDN: status.thawte.com IP: 93.184.220.29 HASH: 28ee1e33d02fc5c68ab1d51073777afd2157d8911b8ef08fc6b7e1f65fa1f1ae 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5035 Cache-Control: max-age=125984 Date: Fri, 09 Dec 2022 03:43:01 GMT Etag: "6391e43a-1d7" Expires: Sat, 10 Dec 2022 14:42:45 GMT Last-Modified: Thu, 08 Dec 2022 13:18:50 GMT Server: ECS (amb/6B83) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 651b6978fe0c454b7c799a257073e03d Sha1: 1c135ed1e0f7bebd3ce45cfad7301103b93b81e3 Sha256: 28ee1e33d02fc5c68ab1d51073777afd2157d8911b8ef08fc6b7e1f65fa1f1ae
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 185 Cache-Control: max-age=152807 Date: Fri, 09 Dec 2022 03:43:02 GMT Etag: "63925ff4-116" Expires: Sat, 10 Dec 2022 22:09:49 GMT Last-Modified: Thu, 08 Dec 2022 22:06:44 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 9c88a0dc24f35af394824eb79bb4ed55 Sha1: 5a6a71e6a36d83cb2b351912e531fd33c487b1ce Sha256: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5
GET /iframe/5e2ae7bb31e93?iframe&xapp=faptitans&xuid=237039754&time=1075.669677734375&ag_custom_domain=faptitans.com HTTP/1.1 Host: lostincunt.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: lostincunt.com/iframe/5e2ae7bb31e93?iframe&xapp=faptita (...) FQDN: lostincunt.com IP: 172.67.215.107 HASH: 6429861256e336022d10e452e8070db22924b633776f36411778380b56187a8b 172.67.215.107 HTTP/2 200 OK content-type: text/html date: Fri, 09 Dec 2022 03:43:02 GMT set-cookie: f_14737_96043_86400={"t":1670643782,"v":0}; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None c_18f247a59eab66606c6850df22169cc0=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None z_5c7db1b25c1c1ea3b02070bfbd4e66e9=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfhuCr5atj1ZlD0SceWYiKxjCRojDiU%2FxSndqF5b4vIKrEIYsClPnx2X7WNNU31G3cXlx%2BbHRCdC%2Ba5EvHuAT1nvUJcjZQfmBuxh%2F7KBTC%2BMOyq4m%2BS%2B8ezWICVaM%2BvCGw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 776abbf4ed48b511-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2283) Size: 5800 Md5: 6b4f298ccf85b92355803aaf5906d2cf Sha1: c86dc45a5233074adf86be0f04a7739637e89e23 Sha256: 6429861256e336022d10e452e8070db22924b633776f36411778380b56187a8b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 03:43:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0e9eef4ed41ef94e9ea175ad243e294e Sha1: b6f83e508270413dabe55e2884b5409ca7978e24 Sha256: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://faptitans.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 07 Dec 2022 19:33:54 GMT expires: Thu, 07 Dec 2023 19:33:54 GMT cache-control: public, max-age=31536000 age: 115748 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 81b7b344780f14e95e393fbc681173e64df6cfd065bf83f17281ffc5a66f232a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6289 Cache-Control: 'max-age=158059' Date: Fri, 09 Dec 2022 03:43:02 GMT Last-Modified: Fri, 09 Dec 2022 01:58:13 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: cecc392d07add9c5724f2cea41391984 Sha1: 389db162b9b5d7d13121268c5f59d2d125f24f92 Sha256: 81b7b344780f14e95e393fbc681173e64df6cfd065bf83f17281ffc5a66f232a
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "74A41CB73844D67C6BB09A04095878441A1B9D59CBCE67A7CA0CD7DD64F08354" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8131 Expires: Fri, 09 Dec 2022 05:58:33 GMT Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: 60f8362598607aac51bd2e40ae9c0801 Sha1: 4eddc9eefc8c181c23add2a7a44b22376844ab2e Sha256: 74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354
GET /compliance/epoch_descriptor.html? HTTP/1.1 Host: d39iocnrk5rxnb.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://faptitans.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: d39iocnrk5rxnb.cloudfront.net/compliance/epoch_descript (...) FQDN: d39iocnrk5rxnb.cloudfront.net IP: 54.230.245.148 HASH: e282575868c67d80a6931093daccaa645754d8d38766a373dc2eaa0e038f495b 54.230.245.148 HTTP/2 200 OK content-type: text/html content-length: 75 last-modified: Thu, 12 Jul 2018 16:17:26 GMT accept-ranges: bytes server: AmazonS3 date: Fri, 09 Dec 2022 03:28:21 GMT etag: "4c3b9b7df4a3326c84da0c4a89717fe4" x-cache: Hit from cloudfront via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: NvcNk_LvZuurlLFbR1wca-t461Z7ZVFraM5TrX_n3RfvO4fCNhSuOA== age: 882 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text Size: 75 Md5: 4c3b9b7df4a3326c84da0c4a89717fe4 Sha1: 3a9f58004f386d11e69aa2d0ed3d5b012fdfea2c Sha256: e282575868c67d80a6931093daccaa645754d8d38766a373dc2eaa0e038f495b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 03:43:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0e9eef4ed41ef94e9ea175ad243e294e Sha1: b6f83e508270413dabe55e2884b5409ca7978e24 Sha256: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4C0D144B20AB8CF7FEC972A66E08ED2B993121E9C4B6C88BBF0F3E7388F2B058" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5066 Expires: Fri, 09 Dec 2022 05:07:28 GMT Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: acea7cb44141792f5d84b0c9ab8c57e4 Sha1: 69f1e46739200324bd891063d17c7a7083f313b7 Sha256: 4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058
GET /bnr/4/03d/3bc890/03d3bc890345aa15462e9aa382d06217.jpg HTTP/1.1 Host: iadoremakingpics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: iadoremakingpics.com/bnr/4/03d/3bc890/03d3bc890345aa154 (...) FQDN: iadoremakingpics.com IP: 104.21.65.147 HASH: 8b11d96de3683db3bc15a4d91b22bc6584b9eb2185796e3ce5297353597ac1c7 104.21.65.147 HTTP/2 200 OK content-type: image/jpeg date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 76461 last-modified: Sun, 18 Aug 2019 08:40:36 GMT etag: "5d590f04-12aad" expires: Fri, 09 Dec 2022 13:31:04 GMT cache-control: max-age=1382400 cf-cache-status: HIT age: 51118 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZZqG7QQS0L2wd%2FOn3TOHvxkpr7zkDGR1Ii6yYg0dQ4LYBZtStS9EaDa8sfLeo1DG9kXvbyyoCX5rXsdzBvr%2FGX0ky6cQ74AsLPvpNNwLUP5ZgtIE2iM0PZS8iNRUpSUs3sA4E5gPQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 776abbf748f0b512-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 580x100, components 3\012- data Size: 76461 Md5: 03d3bc890345aa15462e9aa382d06217 Sha1: 639c121a5b621a9c908d7969763a8cca8e29861e Sha256: 8b11d96de3683db3bc15a4d91b22bc6584b9eb2185796e3ce5297353597ac1c7
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6252 Cache-Control: max-age=103466 Date: Fri, 09 Dec 2022 03:43:02 GMT Etag: "63918784-118" Expires: Sat, 10 Dec 2022 08:27:28 GMT Last-Modified: Thu, 08 Dec 2022 06:43:16 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 1748e389f833acab2befe35c8d932ccd Sha1: 83b505213038c09fb3bf22d227ad253dbb5cae10 Sha256: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "74A41CB73844D67C6BB09A04095878441A1B9D59CBCE67A7CA0CD7DD64F08354" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8131 Expires: Fri, 09 Dec 2022 05:58:33 GMT Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: 60f8362598607aac51bd2e40ae9c0801 Sha1: 4eddc9eefc8c181c23add2a7a44b22376844ab2e Sha256: 74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354
GET /index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1 Host: twistconcept.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: twistconcept.com/index.min.js?pk=068f30d41a2c432d6c8a96 (...) FQDN: twistconcept.com IP: 172.67.215.17 HASH: 31eb4bb3a3d8a6af7031683988b1cb0ca7cd8531bdf64863b4f9d8b438a79f1c 172.67.215.17 HTTP/2 200 OK content-type: application/javascript date: Fri, 09 Dec 2022 03:43:02 GMT last-modified: Thu, 07 Apr 2022 08:49:08 GMT etag: W/"624ea584-28c" cache-control: max-age=14400 cf-cache-status: HIT age: 4789 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WROjNeljdENjGKD0zIedDr9va1xPJp4Ec4Jit8hEkaYgdKbB%2Bhwg5fKGvMDRlSOzHin63MXGQ%2FFxck0XbK8aE4Z6W11hTrZ6SLNOoxeJpmmaCSoMIXFc%2Bo%2FOwD%2BUBnNCvkTN"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 776abbf7490b1c02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (651) Size: 637 Md5: 773bff652302ebbcfa93ea6a1384c5cc Sha1: 191549a3a45edf4e1a27b9f70d681bb397e8c840 Sha256: 31eb4bb3a3d8a6af7031683988b1cb0ca7cd8531bdf64863b4f9d8b438a79f1c
GET /api/v1/retargeting/set/cd5a54e9-d886-4c75-af65-8b819a80f59e HTTP/1.1 Host: tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: tsyndicate.com/api/v1/retargeting/set/cd5a54e9-d886-4c7 (...) FQDN: tsyndicate.com IP: 162.55.130.248 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 162.55.130.248 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 35 pragma: no-cache expires: 0 vary: * x-api-version: 1 x-request-id: f8448cf5d87077cf set-cookie: ts_rt_cd5a54e9-d886-4c75-af65-8b819a80f59e=AAMC; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; HttpOnly; secure; SameSite=None cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag: none, noindex, nofollow report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef HTTP/1.1 Host: runative-syndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: runative-syndicate.com/api/v1/retargeting/set/dedc7df9- (...) FQDN: runative-syndicate.com IP: 136.243.43.25 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 136.243.43.25 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 35 pragma: no-cache expires: 0 vary: * x-api-version: 1 x-request-id: 4ff300de58e768ae set-cookie: ts_rt_dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef=AAMC; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; HttpOnly; secure; SameSite=None cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag: none, noindex, nofollow report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /img.gif?f=sync&lr=1&partner=8c7c01962f4e2c3e4ed0abe5cbafc84289b3e8521c6f0b5a27c2e73ae5e07e86 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/img.gif?f=sync&lr=1&partner=8c7c01962f4e2 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1 Host: main.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: main.realsrv.com/tag.php?goal=c413c2e3b989836e2023687a6 (...) FQDN: main.realsrv.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1 Host: main.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: main.realsrv.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365 (...) FQDN: main.realsrv.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /compliance/epoch_descriptor.php?master_code=M-607000 HTTP/1.1 Host: epoch.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: epoch.com/compliance/epoch_descriptor.php?master_code=M (...) FQDN: epoch.com IP: 104.18.4.99 HASH: 8c47da3b8e619dc62809c276483967451c096d0c6869d3bc0eb8136ddddf0753 104.18.4.99 HTTP/2 301 Moved Permanently date: Fri, 09 Dec 2022 03:43:01 GMT location: https://d39iocnrk5rxnb.cloudfront.net/compliance/epoch_descriptor.html? cache-control: max-age=3600 expires: Fri, 09 Dec 2022 04:43:01 GMT vary: Accept-Encoding server: cloudflare cf-ray: 776abbf55849b51e-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 81798 Md5: dbac2121da5bc728d345778cf6649012 Sha1: 8d19919114b29987e65df040f0477126c7085bdf Sha256: 8c47da3b8e619dc62809c276483967451c096d0c6869d3bc0eb8136ddddf0753
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 152 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 HASH: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 16 vary: Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 16 Md5: c08db8689029b24432b3283bb558d25f Sha1: 70431d464d9ec8b326e809c3438b47f6d1bf4465 Sha256: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 54.230.245.110 HASH: 97c332fdd487c436d904a71199c2ea74f3fc3ceab35a20fcd708359590828b2a 54.230.245.110 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=123574 Date: Fri, 09 Dec 2022 03:43:02 GMT Etag: "6391e720-1d7" Expires: Sat, 10 Dec 2022 14:02:36 GMT Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT Server: ECS (nyb/1D32) X-Cache: Miss from cloudfront Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: MZTo2fvuUgNtqv1s28Am-nmhFGLTr4i1LQRABdlK_2BMtwgFwfnwrA== Age: 1884 --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 620 Md5: d234cf546b28bbe86f927337b91b55ba Sha1: f0f31551d755a5e86b8e6a6e8624edb17c1a4ef1 Sha256: 97c332fdd487c436d904a71199c2ea74f3fc3ceab35a20fcd708359590828b2a
GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1 Host: main.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: main.exoclick.com/tag.php?goal=c413c2e3b989836e2023687a (...) FQDN: main.exoclick.com IP: 95.211.229.247 HASH: 40d7917aa1f643b80d0c369ccf1d45ec007c158a3ea69e9fba176e6611d21d79 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 167 Md5: e67cb30efacc40cc78ef2aaa657d8dc7 Sha1: 79c9da5a6518c8f91c2e5e2db98daa9734cbb725 Sha256: 40d7917aa1f643b80d0c369ccf1d45ec007c158a3ea69e9fba176e6611d21d79
GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1 Host: syndication.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exoclick.com/tag.php?goal=c413c2e3b989836e2 (...) FQDN: syndication.exoclick.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 444c632c4522f8b2411d746de2390910a7b4c609da4762adce992ace746e8bbc 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "444C632C4522F8B2411D746DE2390910A7B4C609DA4762ADCE992ACE746E8BBC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11388 Expires: Fri, 09 Dec 2022 06:52:50 GMT Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4b1aeff1cd3c947c1be297cb88e0ee10 Sha1: bf0c86976f9184f96e493d0b18bfaa653415dcff Sha256: 444c632c4522f8b2411d746de2390910a7b4c609da4762adce992ace746e8bbc
GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1 Host: main.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: main.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc299b4c36 (...) FQDN: main.exoclick.com IP: 95.211.229.247 HASH: 5fca458804cd6707eda5ce9a40e10d15e5d658953c6c938c64e4688edea9a2c4 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (371), with no line terminators Size: 208 Md5: 06f8dd6acb4d5786786e1dc37cfc501c Sha1: 62b2c9b896130af5c379aabc35be6a18e6b7e400 Sha256: 5fca458804cd6707eda5ce9a40e10d15e5d658953c6c938c64e4688edea9a2c4
GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1 Host: syndication.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc2 (...) FQDN: syndication.exoclick.com IP: 95.211.229.247 HASH: 9ba775b34e013c3e98f14addc431074cab90df4ec942c0475376305fead0d4ad 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1374), with no line terminators Size: 396 Md5: 036235a963100a1195289e959dfe0c92 Sha1: 5837db4614f04439682123fadc7b2be6149b1f9d Sha256: 9ba775b34e013c3e98f14addc431074cab90df4ec942c0475376305fead0d4ad
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6252 Cache-Control: max-age=103466 Date: Fri, 09 Dec 2022 03:43:02 GMT Etag: "63918784-118" Expires: Sat, 10 Dec 2022 08:27:28 GMT Last-Modified: Thu, 08 Dec 2022 06:43:16 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 1748e389f833acab2befe35c8d932ccd Sha1: 83b505213038c09fb3bf22d227ad253dbb5cae10 Sha256: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a
GET /img.gif?f=sync&lr=1&partner=c7cc550860330813dd2414dae0e7ea3dc3bfcaa7a8158e4a67e8a192f5e622b3 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: ID=4b218c7483de4a3cb1d868748d8f26c3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/img.gif?f=sync&lr=1&partner=c7cc550860330 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&lr=1&partner=89796ae6f4f1656234dc83bc070b543763c33405da12904dd20ac99505a3d9d1 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: ID=4b218c7483de4a3cb1d868748d8f26c3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/img.gif?f=sync&lr=1&partner=89796ae6f4f16 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /tag_gen.js HTTP/1.1 Host: a.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: a.exoclick.com/tag_gen.js FQDN: a.exoclick.com IP: 205.185.216.42 HASH: c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f 205.185.216.42 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: Keep-Alive Content-Encoding: gzip Content-Length: 515 Accept-Ranges: bytes Cache-Control: max-age=10800 Server: nginx etag: W/"a56c0470b9aa925085e51a6271a" X-HW: 1670557382.dop232.sk1.t,1670557382.cds219.sk1.shn,1670557382.dop232.sk1.t,1670557382.cds251.sk1.c Access-Control-Allow-Origin: , --- Additional Info --- Magic: ASCII text, with very long lines (1030), with no line terminators Size: 515 Md5: 628e0302068ade64b5f411f39d5ce7e5 Sha1: ff1a609269f34bad5ae67ed1678df3f7b905d018 Sha256: c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 152 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 HASH: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 16 vary: Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 16 Md5: c08db8689029b24432b3283bb558d25f Sha1: 70431d464d9ec8b326e809c3438b47f6d1bf4465 Sha256: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f
GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1 Host: s.opoxv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: s.opoxv.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e FQDN: s.opoxv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1 Host: simplewebanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: simplewebanalysis.com/px.gif?akey=068f30d41a2c432d6c8a9 (...) FQDN: simplewebanalysis.com IP: 18.185.190.54 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.185.190.54 HTTP/2 307 Temporary Redirect content-type: image/gif date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 0 location: https://professionalswebcheck.com/dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk server: nginx/1.17.6 set-cookie: uid_id2=50148bac-d918-4719-8a67-de57481d74af:2:1; expires=Mon, 06 Dec 2032 03:43:02 GMT; secure; SameSite=None ak=29,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None expires: Fri, 09 Dec 2022 03:43:02 GMT cache-control: max-age=0, : no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1 Host: syndication.exdynsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exdynsrv.com/tag.php?goal=cdbcfa949fc6ffc29 (...) FQDN: syndication.exdynsrv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 Host: s.opoxv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: s.opoxv.com/tag.php?goal=170c73ca45ab90acc02e61427b768795 FQDN: s.opoxv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.realsrv.com/tag.php?goal=cdbcfa949fc6ffc294 (...) FQDN: syndication.realsrv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A2%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7Di%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 Host: syndication.exdynsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exdynsrv.com/tag.php?goal=170c73ca45ab90acc (...) FQDN: syndication.exdynsrv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.realsrv.com/tag.php?goal=170c73ca45ab90acc0 (...) FQDN: syndication.realsrv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A2%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7Di%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553 HTTP/1.1 Host: syndication.traffichaus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.traffichaus.com/adserve/r.php?k=GAME&adv_id (...) FQDN: syndication.traffichaus.com IP: 66.254.114.233 HASH: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 66.254.114.233 HTTP/1.1 200 OK content-type: image/png server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT transfer-encoding: chunked set-cookie: re_94511_R0FNRQ=eyJ0IjoiR0FNRSIsImEiOiI5NDUxMSIsImQiOiIiLCJkaCI6Ijk2OTIwNWIwMjQ3NzU0MjUwZDkyMWQ4ZGE0NTg3NWZhIiwiYmgiOiI0OGMwMTFkMjY0OGFmZTA0NTVkMjAzOTY3YWExMzBhNSIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZSI6MTY5NjQ3NzM4Mn0%3D; expires=Thu, 05-Oct-2023 03:43:02 GMT; Max-Age=25920000; path=/ RNLBSERVERID=ded5930; path=/ accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version x-request-id: 6392AEC6-42FE72E901BB2DE1-69D839E --- Additional Info --- Magic: PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Size: 95 Md5: 71a50dbba44c78128b221b7df7bb51f1 Sha1: 0ec63b140374ba704a58fa0c743cb357683313dd Sha256: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1 Host: syndication.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exoclick.com/tag.php?goal=cdbcfa949fc6ffc29 (...) FQDN: syndication.exoclick.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:03 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:03 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 Host: syndication.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exoclick.com/tag.php?goal=170c73ca45ab90acc (...) FQDN: syndication.exoclick.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:03 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:03 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /px.gif?akey=4bd743ddcc79bd80ae00a9d22a3fcb14 HTTP/1.1 Host: simplewebanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: simplewebanalysis.com/px.gif?akey=4bd743ddcc79bd80ae00a (...) FQDN: simplewebanalysis.com IP: 18.185.190.54 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.185.190.54 HTTP/2 307 Temporary Redirect content-type: image/gif date: Fri, 09 Dec 2022 03:43:03 GMT content-length: 0 location: https://professionalswebcheck.com/dbs?uuid=cf0fd4cc-2c35-4f02-a726-7e16eabeee08&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjI3OSI6MTY3MDU1NzM4Mn0sImFjY2wiOnsgIjIwLDEiOjE2NzA1NTczODJ9fQ.8wc-ZfZh77Bkqh-kiNOElHNF_z85bCzUfuYe6-u8bAo server: nginx/1.17.6 set-cookie: uid_id2=cf0fd4cc-2c35-4f02-a726-7e16eabeee08:1:1; expires=Mon, 06 Dec 2032 03:43:02 GMT; secure; SameSite=None ak=279,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None expires: Fri, 09 Dec 2022 03:43:03 GMT cache-control: max-age=0, : no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
GET /dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk HTTP/1.1 Host: professionalswebcheck.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lostincunt.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: professionalswebcheck.com/dbs?uuid=50148bac-d918-4719-8 (...) FQDN: professionalswebcheck.com IP: 18.185.190.54 HASH: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c 18.185.190.54 HTTP/2 200 OK content-type: image/gif date: Fri, 09 Dec 2022 03:43:03 GMT content-length: 7 server: nginx/1.17.6 set-cookie: uid_id2=50148bac-d918-4719-8a67-de57481d74af:2:1; expires=Mon, 06 Dec 2032 03:43:03 GMT; secure; SameSite=None ak=29,1670557382; expires=Thu, 09 Mar 2023 03:43:03 GMT; secure; SameSite=None acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:03 GMT; secure; SameSite=None expires: Fri, 09 Dec 2022 03:43:03 GMT cache-control: max-age=0, : no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 7 Md5: 132d6af1b46048b45cf86cdee7991d31 Sha1: eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 159 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 HASH: 4c8b8d6a0b8391fda97d33d9ecbede40324c8119affa134fd26ffe1d757597c3 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:03 GMT vary: Accept-Encoding, Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:03 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (621), with no line terminators Size: 187 Md5: 09a62a0d50ba06af6b74f88c71e89e46 Sha1: bee29df947b90fe9bf646f8e8c1f52605b6000ee Sha256: 4c8b8d6a0b8391fda97d33d9ecbede40324c8119affa134fd26ffe1d757597c3
GET /iframe/5d839cd6290ea?iframe HTTP/1.1 Host: rivne.space User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rivne.space/iframe/5d839cd6290ea?iframe FQDN: rivne.space IP: 104.21.47.163 104.21.47.163 HTTP/2 200 OK content-type: text/html date: Fri, 09 Dec 2022 03:43:02 GMT set-cookie: c_b3ffea71cc29f56d2fba269a968ef7d3=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=rivne.space; Path=/; Secure; SameSite=None z_c56a21bde062afcb1f0e6c38cce1c8f7=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=rivne.space; Path=/; Secure; SameSite=None cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqSSBVltZCsWs7v9pId0CeGejTQJI6IEQid71GvH%2BMpKXO8oSo7DOzPHPc7kTbQt4LF0YF89IBzXQsNHIabtoB5qUCHoMMlO4qRj%2Bq0x1Lr17DgDQ%2BhcfijiwDoyhQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 776abbf778fcb51e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 158 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:02 GMT vary: Accept-Encoding, Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 156 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:03 GMT vary: Accept-Encoding, Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:03 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /?5defa5d178518&ag_custom_domain=tioanime.com HTTP/1.1 Host: goplayhere.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: goplayhere.com/?5defa5d178518&ag_custom_domain=tioanime.com FQDN: goplayhere.com IP: 172.67.187.242 172.67.187.242 HTTP/2 302 Found content-type: text/html date: Fri, 09 Dec 2022 03:42:58 GMT location: https://faptitans.com/?utm_campaign=pu_exo_manga_na&utm_medium=click&utm_source=bn&utm_content=tioanime.com&bnid=direct&crID=4539&zID=95870&land=direct set-cookie: c_d2f51664adaebc60bcf55c028d773b61=1; Expires=Sat, 10-Dec-22 03:42:58 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None z_1ee83bf51fc9ae04880b726070ec8393=1; Expires=Sat, 10-Dec-22 03:42:58 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQXjAroAj%2FYkJ6lgTS8tCNQNnVjhF%2Bnt1h5dxhiMiO7iqEWpcJhqKsJ%2BHUWFgMJKHaEqwC0Fj8GlFIGZbganrvXl929aUasyrEDt52wsK74uzN%2FQjRHx%2BVXcUfWnzPyOeQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 776abbe15f20b503-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET / HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; cook=6zesz82y062gso3nai25ngifug54540z Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers	URL: faptitans.com/ FQDN: faptitans.com IP: 138.201.149.27 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:42:59 GMT vary: Accept-Encoding, Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:42:59 GMT; Max-Age=31449600; Path=/ sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/ strict-transport-security: max-age=43200 content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /s1/rc/favicon.ico HTTP/1.1 Host: cdn.faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	URL: cdn.faptitans.com/s1/rc/favicon.ico FQDN: cdn.faptitans.com IP: 104.19.254.19 104.19.254.19 HTTP/2 200 OK content-type: image/x-icon date: Fri, 09 Dec 2022 03:42:59 GMT last-modified: Mon, 14 Mar 2022 12:16:44 GMT etag: W/"622f322c-47e" expires: Mon, 06 Dec 2032 03:42:59 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT age: 16000657 vary: Accept-Encoding server: cloudflare cf-ray: 776abbe7bd77b515-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8377 

                                        
                                            
Expires: Fri, 09 Dec 2022 06:02:35 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 03:42:58 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f2acd891dc6eb1f09f57a2b086791781

                                                Sha1:   1e2088306501a61edcca1ade62c4d54f23b3b083

                                                Sha256: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 03:08:17 GMT 

                                        
                                            
age: 2081 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    14cd9a0afb6ba9a763651d5112760d1e

                                                Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa

                                                Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: eH/y6VommAtFe9HyRbXSspcjx8xNE3+XQVbhGSJDXimvgnW2RoMm5VneukyI1VTHOEtFkVa4cmHLpRmR29Joyg== 

                                        
                                            
x-amz-request-id: 9RVQKBYZ2TCP512B 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 02:48:09 GMT 

                                        
                                            
age: 3289 

                                        
                                            
last-modified: Wed, 30 Nov 2022 10:06:34 GMT 

                                        
                                            
etag: "53341dea33f4f3d9b4966f80589f429a" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    53341dea33f4f3d9b4966f80589f429a

                                                Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d

                                                Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 09 Dec 2022 03:42:58 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-expose-headers: content-type 

                                        
                                            
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 826 

                                        
                                            
Cache-Control: max-age=129007 

                                        
                                            
Date: Fri, 09 Dec 2022 03:42:58 GMT 

                                        
                                            
Etag: "63920077-118" 

                                        
                                            
Expires: Sat, 10 Dec 2022 15:33:05 GMT 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 15:19:19 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    07f4d799f20c86bc36a16a606fbed917

                                                Sha1:   e05f5cd071693de228d62d3e54b2626fcb3c9707

                                                Sha256: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 03:07:55 GMT 

                                        
                                            
age: 2104 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET /start/ HTTP/1.1 

                                        
                                            
Host: faptitans.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1 

                                        
                                            
TE: trailers

                                         138.201.149.27

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:42:59 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
location: / 

                                        
                                            
vary: Accept-Language, Cookie 

                                        
                                            
content-language: en 

                                        
                                            
set-cookie: cook=6zesz82y062gso3nai25ngifug54540z; expires=Sat, 04-Nov-2023 03:42:59 GMT; HttpOnly; Max-Age=28512000; Path=/
sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/ 

                                        
                                            
strict-transport-security: max-age=43200 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: TW1jXG2in6d4rB5FcMGrtw== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         52.42.148.177

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: ZtZCAxumguZ4lnBeGMuvtoo49wQ= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4552 

                                        
                                            
Cache-Control: max-age=117961 

                                        
                                            
Date: Fri, 09 Dec 2022 03:42:59 GMT 

                                        
                                            
Etag: "6391c6c4-117" 

                                        
                                            
Expires: Sat, 10 Dec 2022 12:29:00 GMT 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 11:13:08 GMT 

                                        
                                            
Server: ECS (amb/6BBC) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 279 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   279

                                                Md5:    2fb795cef147e72f70e3f4918bd8833c

                                                Sha1:   6b793cc5f43af30c5c28c14e4f6de9c24571d731

                                                Sha256: e17ae24c55d39a60c92944b0c9478eeaa128431c55266345806f75fbf613dc6c

                                        
                                            GET /s1//rc/fap-splash-xmas-web.jpg HTTP/1.1 

                                        
                                            
Host: cdn.faptitans.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://faptitans.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-site 

                                        
                                            
TE: trailers

                                         104.19.254.19

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:42:59 GMT 

                                        
                                            
content-length: 383182 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
cf-bgj: h2pri 

                                        
                                            
etag: "63908758-5d8ce" 

                                        
                                            
expires: Mon, 06 Dec 2032 03:42:59 GMT 

                                        
                                            
last-modified: Wed, 07 Dec 2022 12:30:16 GMT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 140531 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 776abbe77cf0b515-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, progressive, precision 8, 1200x640, components 3\012- data

                                                Size:   383182

                                                Md5:    95c3734f9ecaf27619cff0a6cdacba1b

                                                Sha1:   fe19e2262e136e0c099c076412209f878ee7ad14

                                                Sha256: f7cbd6b92b499de1bfd83b8ab4e0a58ee38a21463f9e790e6c1a31e194a4a43e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4069 

                                        
                                            
Expires: Fri, 09 Dec 2022 04:50:49 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7b8c1870f03a90aac6370fc69516f95f

                                                Sha1:   1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb

                                                Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4069 

                                        
                                            
Expires: Fri, 09 Dec 2022 04:50:49 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  gzip compressed data, from Unix\012- data

                                                Size:   267103

                                                Md5:    1ec07a33ae774e07f776fb4159891a59

                                                Sha1:   67a952693df730b323b132d72ad7acd0402eac78

                                                Sha256: c8a1ee09c2186f992a0cef14bd7024bcc3e4b1a17bff6b5bf9b8834cba78c83c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4069 

                                        
                                            
Expires: Fri, 09 Dec 2022 04:50:49 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  gzip compressed data, from Unix\012- data

                                                Size:   693409

                                                Md5:    2ecadf5e9bd055e59c5e50f2227517e6

                                                Sha1:   2903fc79c1551c62d7fe1f2e253bd5fd7c0bed86

                                                Sha256: 040a8d801e0c573f07af591d078e3d07ae79a1acff5fba775d56724abb540ba3

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7897 

                                        
                                            
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cwVM_F51IAMFunw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg== 

                                        
                                            
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 03:38:26 GMT 

                                        
                                            
age: 274 

                                        
                                            
etag: "7558222788f06623ddae6e883413e38e1146281e" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7897

                                                Md5:    8c3214044657f3b876d1f1848bca5684

                                                Sha1:   7558222788f06623ddae6e883413e38e1146281e

                                                Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8204 

                                        
                                            
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cjtKfEiToAMFSXA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw== 

                                        
                                            
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 15:50:07 GMT 

                                        
                                            
age: 42773 

                                        
                                            
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8204

                                                Md5:    9cb76c68a8cd472600106cc118067868

                                                Sha1:   6cee6b1828c709f68b995197ca943a5c393f86fb

                                                Sha256: 009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7960 

                                        
                                            
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ctEd8HC0oAMFUag= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ== 

                                        
                                            
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 05:44:09 GMT 

                                        
                                            
age: 79131 

                                        
                                            
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7960

                                                Md5:    eb00a2a503a690cee3e4dd729b5bc9bd

                                                Sha1:   cfb1e5bcab2148a777889680e6e36b9d7e8917ec

                                                Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:01 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    6ec5f6261a8262e9f94b29627f54cefe

                                                Sha1:   7ac766cf2ac8c2d960ec033388a767ff8a7d45e2

                                                Sha256: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

                                        
                                            GET /css?family=Roboto&subset=latin,latin-ext,cyrillic HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://cdn.faptitans.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.106

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Fri, 09 Dec 2022 03:43:01 GMT 

                                        
                                            
date: Fri, 09 Dec 2022 03:43:01 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   12753

                                                Md5:    3217ca548056d862160d26e3f2ab451e

                                                Sha1:   054e07327c568e63f2753dd1b9cf8ee341aa5b0e

                                                Sha256: f56edc82574d307d4c388d711cd9e8a4ed10a39a3492c804876c8ff3a2fcaec6

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 184 

                                        
                                            
Cache-Control: max-age=152807 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:01 GMT 

                                        
                                            
Etag: "63925ff4-116" 

                                        
                                            
Expires: Sat, 10 Dec 2022 22:09:48 GMT 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 22:06:44 GMT 

                                        
                                            
Server: ECS (amb/6B83) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 278 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   278

                                                Md5:    9c88a0dc24f35af394824eb79bb4ed55

                                                Sha1:   5a6a71e6a36d83cb2b351912e531fd33c487b1ce

                                                Sha256: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 185 

                                        
                                            
Cache-Control: max-age=152807 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Etag: "63925ff4-116" 

                                        
                                            
Expires: Sat, 10 Dec 2022 22:09:49 GMT 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 22:06:44 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 278 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   278

                                                Md5:    9c88a0dc24f35af394824eb79bb4ed55

                                                Sha1:   5a6a71e6a36d83cb2b351912e531fd33c487b1ce

                                                Sha256: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    0e9eef4ed41ef94e9ea175ad243e294e

                                                Sha1:   b6f83e508270413dabe55e2884b5409ca7978e24

                                                Sha256: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6289 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Last-Modified: Fri, 09 Dec 2022 01:58:13 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    cecc392d07add9c5724f2cea41391984

                                                Sha1:   389db162b9b5d7d13121268c5f59d2d125f24f92

                                                Sha256: 81b7b344780f14e95e393fbc681173e64df6cfd065bf83f17281ffc5a66f232a

                                        
                                            GET /compliance/epoch_descriptor.html? HTTP/1.1 

                                        
                                            
Host: d39iocnrk5rxnb.cloudfront.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://faptitans.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.230.245.148

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
content-length: 75 

                                        
                                            
last-modified: Thu, 12 Jul 2018 16:17:26 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Fri, 09 Dec 2022 03:28:21 GMT 

                                        
                                            
etag: "4c3b9b7df4a3326c84da0c4a89717fe4" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: NvcNk_LvZuurlLFbR1wca-t461Z7ZVFraM5TrX_n3RfvO4fCNhSuOA== 

                                        
                                            
age: 882 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text

                                                Size:   75

                                                Md5:    4c3b9b7df4a3326c84da0c4a89717fe4

                                                Sha1:   3a9f58004f386d11e69aa2d0ed3d5b012fdfea2c

                                                Sha256: e282575868c67d80a6931093daccaa645754d8d38766a373dc2eaa0e038f495b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4C0D144B20AB8CF7FEC972A66E08ED2B993121E9C4B6C88BBF0F3E7388F2B058" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5066 

                                        
                                            
Expires: Fri, 09 Dec 2022 05:07:28 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    acea7cb44141792f5d84b0c9ab8c57e4

                                                Sha1:   69f1e46739200324bd891063d17c7a7083f313b7

                                                Sha256: 4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6252 

                                        
                                            
Cache-Control: max-age=103466 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Etag: "63918784-118" 

                                        
                                            
Expires: Sat, 10 Dec 2022 08:27:28 GMT 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 06:43:16 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    1748e389f833acab2befe35c8d932ccd

                                                Sha1:   83b505213038c09fb3bf22d227ad253dbb5cae10

                                                Sha256: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a

                                        
                                            GET /index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1 

                                        
                                            
Host: twistconcept.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lostincunt.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         172.67.215.17

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
last-modified: Thu, 07 Apr 2022 08:49:08 GMT 

                                        
                                            
etag: W/"624ea584-28c" 

                                        
                                            
cache-control: max-age=14400 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 4789 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WROjNeljdENjGKD0zIedDr9va1xPJp4Ec4Jit8hEkaYgdKbB%2Bhwg5fKGvMDRlSOzHin63MXGQ%2FFxck0XbK8aE4Z6W11hTrZ6SLNOoxeJpmmaCSoMIXFc%2Bo%2FOwD%2BUBnNCvkTN"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 776abbf7490b1c02-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (651)

                                                Size:   637

                                                Md5:    773bff652302ebbcfa93ea6a1384c5cc

                                                Sha1:   191549a3a45edf4e1a27b9f70d681bb397e8c840

                                                Sha256: 31eb4bb3a3d8a6af7031683988b1cb0ca7cd8531bdf64863b4f9d8b438a79f1c

                                        
                                            GET /api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef HTTP/1.1 

                                        
                                            
Host: runative-syndicate.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lostincunt.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         136.243.43.25

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
content-length: 35 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: 0 

                                        
                                            
vary: * 

                                        
                                            
x-api-version: 1 

                                        
                                            
x-request-id: 4ff300de58e768ae 

                                        
                                            
set-cookie: ts_rt_dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef=AAMC; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; HttpOnly; secure; SameSite=None 

                                        
                                            
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform 

                                        
                                            
x-robots-tag: none, noindex, nofollow 

                                        
                                            
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   35

                                                Md5:    c2196de8ba412c60c22ab491af7b1409

                                                Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b

                                                Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

                                        
                                            GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1 

                                        
                                            
Host: main.realsrv.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lostincunt.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.211.229.247

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none 

                                        
                                            
X-Robots-Tag: noindex, follow 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   20

                                                Md5:    a4745abc5e7fdb89cc6df3069f3c6e69

                                                Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed

                                                Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

                                        
                                            GET /compliance/epoch_descriptor.php?master_code=M-607000 HTTP/1.1 

                                        
                                            
Host: epoch.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://faptitans.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.18.4.99

                                        
                                            HTTP/2 301 Moved Permanently

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:43:01 GMT 

                                        
                                            
location: https://d39iocnrk5rxnb.cloudfront.net/compliance/epoch_descriptor.html? 

                                        
                                            
cache-control: max-age=3600 

                                        
                                            
expires: Fri, 09 Dec 2022 04:43:01 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 776abbf55849b51e-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  gzip compressed data, from Unix\012- data

                                                Size:   81798

                                                Md5:    dbac2121da5bc728d345778cf6649012

                                                Sha1:   8d19919114b29987e65df040f0477126c7085bdf

                                                Sha256: 8c47da3b8e619dc62809c276483967451c096d0c6869d3bc0eb8136ddddf0753

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         54.230.245.110

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=123574 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Etag: "6391e720-1d7" 

                                        
                                            
Expires: Sat, 10 Dec 2022 14:02:36 GMT 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT 

                                        
                                            
Server: ECS (nyb/1D32) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: MZTo2fvuUgNtqv1s28Am-nmhFGLTr4i1LQRABdlK_2BMtwgFwfnwrA== 

                                        
                                            
Age: 1884 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  gzip compressed data, from Unix\012- data

                                                Size:   620

                                                Md5:    d234cf546b28bbe86f927337b91b55ba

                                                Sha1:   f0f31551d755a5e86b8e6a6e8624edb17c1a4ef1

                                                Sha256: 97c332fdd487c436d904a71199c2ea74f3fc3ceab35a20fcd708359590828b2a

                                        
                                            GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1 

                                        
                                            
Host: syndication.exoclick.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lostincunt.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.211.229.247

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none 

                                        
                                            
X-Robots-Tag: noindex, follow 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   20

                                                Md5:    a4745abc5e7fdb89cc6df3069f3c6e69

                                                Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed

                                                Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

                                        
                                            GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1 

                                        
                                            
Host: main.exoclick.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lostincunt.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.211.229.247

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none 

                                        
                                            
X-Robots-Tag: noindex, follow 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (371), with no line terminators

                                                Size:   208

                                                Md5:    06f8dd6acb4d5786786e1dc37cfc501c

                                                Sha1:   62b2c9b896130af5c379aabc35be6a18e6b7e400

                                                Sha256: 5fca458804cd6707eda5ce9a40e10d15e5d658953c6c938c64e4688edea9a2c4

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6252 

                                        
                                            
Cache-Control: max-age=103466 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Etag: "63918784-118" 

                                        
                                            
Expires: Sat, 10 Dec 2022 08:27:28 GMT 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 06:43:16 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    1748e389f833acab2befe35c8d932ccd

                                                Sha1:   83b505213038c09fb3bf22d227ad253dbb5cae10

                                                Sha256: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a

                                        
                                            GET /img.gif?f=sync&lr=1&partner=89796ae6f4f1656234dc83bc070b543763c33405da12904dd20ac99505a3d9d1 HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: ID=4b218c7483de4a3cb1d868748d8f26c3 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         139.45.195.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
content-length: 43 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                        
                                            
access-control-expose-headers: Authorization 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: *, * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    b4491705564909da7f9eaf749dbbfbb1

                                                Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8

                                                Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

                                        
                                            POST /api/ HTTP/1.1 

                                        
                                            
Host: faptitans.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/x-www-form-urlencoded; charset=UTF-8 

                                        
                                            
X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB 

                                        
                                            
X-Requested-With: XMLHttpRequest 

                                        
                                            
Content-Length: 152 

                                        
                                            
Origin: https://faptitans.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://faptitans.com/ 

                                        
                                            
Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         138.201.149.27

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
content-length: 16 

                                        
                                            
vary: Cookie, Accept-Language 

                                        
                                            
content-language: en 

                                        
                                            
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/ 

                                        
                                            
strict-transport-security: max-age=43200 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   16

                                                Md5:    c08db8689029b24432b3283bb558d25f

                                                Sha1:   70431d464d9ec8b326e809c3438b47f6d1bf4465

                                                Sha256: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f

                                        
                                            GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 

                                        
                                            
Host: s.opoxv.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.211.229.246

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none 

                                        
                                            
X-Robots-Tag: noindex, follow 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   20

                                                Md5:    a4745abc5e7fdb89cc6df3069f3c6e69

                                                Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed

                                                Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

                                        
                                            GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 

                                        
                                            
Host: syndication.exdynsrv.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.211.229.246

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none 

                                        
                                            
X-Robots-Tag: noindex, follow 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   20

                                                Md5:    a4745abc5e7fdb89cc6df3069f3c6e69

                                                Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed

                                                Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

                                        
                                            GET /adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553 HTTP/1.1 

                                        
                                            
Host: syndication.traffichaus.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lostincunt.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         66.254.114.233

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
transfer-encoding: chunked 

                                        
                                            
set-cookie: re_94511_R0FNRQ=eyJ0IjoiR0FNRSIsImEiOiI5NDUxMSIsImQiOiIiLCJkaCI6Ijk2OTIwNWIwMjQ3NzU0MjUwZDkyMWQ4ZGE0NTg3NWZhIiwiYmgiOiI0OGMwMTFkMjY0OGFmZTA0NTVkMjAzOTY3YWExMzBhNSIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZSI6MTY5NjQ3NzM4Mn0%3D; expires=Thu, 05-Oct-2023 03:43:02 GMT; Max-Age=25920000; path=/
RNLBSERVERID=ded5930; path=/ 

                                        
                                            
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version 

                                        
                                            
x-request-id: 6392AEC6-42FE72E901BB2DE1-69D839E 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data

                                                Size:   95

                                                Md5:    71a50dbba44c78128b221b7df7bb51f1

                                                Sha1:   0ec63b140374ba704a58fa0c743cb357683313dd

                                                Sha256: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

                                        
                                            GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 

                                        
                                            
Host: syndication.exoclick.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.211.229.247

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Fri, 09 Dec 2022 03:43:03 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:03 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none 

                                        
                                            
X-Robots-Tag: noindex, follow 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   20

                                                Md5:    a4745abc5e7fdb89cc6df3069f3c6e69

                                                Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed

                                                Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

                                        
                                            GET /dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk HTTP/1.1 

                                        
                                            
Host: professionalswebcheck.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://lostincunt.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         18.185.190.54

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:43:03 GMT 

                                        
                                            
content-length: 7 

                                        
                                            
server: nginx/1.17.6 

                                        
                                            
set-cookie: uid_id2=50148bac-d918-4719-8a67-de57481d74af:2:1; expires=Mon, 06 Dec 2032 03:43:03 GMT; secure; SameSite=None
ak=29,1670557382; expires=Thu, 09 Mar 2023 03:43:03 GMT; secure; SameSite=None
acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:03 GMT; secure; SameSite=None 

                                        
                                            
expires: Fri, 09 Dec 2022 03:43:03 GMT 

                                        
                                            
cache-control: max-age=0, : no-cache 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   7

                                                Md5:    132d6af1b46048b45cf86cdee7991d31

                                                Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285

                                                Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

                                        
                                            GET /iframe/5d839cd6290ea?iframe HTTP/1.1 

                                        
                                            
Host: rivne.space

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://faptitans.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.21.47.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:43:02 GMT 

                                        
                                            
set-cookie: c_b3ffea71cc29f56d2fba269a968ef7d3=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=rivne.space; Path=/; Secure; SameSite=None
z_c56a21bde062afcb1f0e6c38cce1c8f7=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=rivne.space; Path=/; Secure; SameSite=None 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqSSBVltZCsWs7v9pId0CeGejTQJI6IEQid71GvH%2BMpKXO8oSo7DOzPHPc7kTbQt4LF0YF89IBzXQsNHIabtoB5qUCHoMMlO4qRj%2Bq0x1Lr17DgDQ%2BhcfijiwDoyhQ%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 776abbf778fcb51e-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            POST /api/ HTTP/1.1 

                                        
                                            
Host: faptitans.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/x-www-form-urlencoded; charset=UTF-8 

                                        
                                            
X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB 

                                        
                                            
X-Requested-With: XMLHttpRequest 

                                        
                                            
Content-Length: 156 

                                        
                                            
Origin: https://faptitans.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://faptitans.com/ 

                                        
                                            
Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         138.201.149.27

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:43:03 GMT 

                                        
                                            
vary: Accept-Encoding, Cookie, Accept-Language 

                                        
                                            
content-language: en 

                                        
                                            
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:03 GMT; Max-Age=31449600; Path=/ 

                                        
                                            
strict-transport-security: max-age=43200 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: faptitans.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; cook=6zesz82y062gso3nai25ngifug54540z 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1 

                                        
                                            
TE: trailers

                                         138.201.149.27

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Fri, 09 Dec 2022 03:42:59 GMT 

                                        
                                            
vary: Accept-Encoding, Cookie, Accept-Language 

                                        
                                            
content-language: en 

                                        
                                            
set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:42:59 GMT; Max-Age=31449600; Path=/
sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/ 

                                        
                                            
strict-transport-security: max-age=43200 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	syndication.exdynsrv.com/splash.php?cat=&idzone=4734030&type=8&p=tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2
IP	95.211.229.246 (Netherlands)
ASN	#60781 LeaseWeb Netherlands B.V.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-09 03:43:10 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8377 Expires: Fri, 09 Dec 2022 06:02:35 GMT Date: Fri, 09 Dec 2022 03:42:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f2acd891dc6eb1f09f57a2b086791781 Sha1: 1e2088306501a61edcca1ade62c4d54f23b3b083 Sha256: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5869 Expires: Fri, 09 Dec 2022 05:20:47 GMT Date: Fri, 09 Dec 2022 03:42:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aea93551fa9deb76ae49a3b4019d64fe Sha1: e3b8862057ebe839959228e42246d7b1807fc90c Sha256: 7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 09 Dec 2022 03:08:17 GMT age: 2081 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA" Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5534 Expires: Fri, 09 Dec 2022 05:15:12 GMT Date: Fri, 09 Dec 2022 03:42:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4ee537977be9c03702f8ffe0025bf1fe Sha1: 21637881c4aa34c4add703f8bff4eff573159f45 Sha256: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: eH/y6VommAtFe9HyRbXSspcjx8xNE3+XQVbhGSJDXimvgnW2RoMm5VneukyI1VTHOEtFkVa4cmHLpRmR29Joyg== x-amz-request-id: 9RVQKBYZ2TCP512B content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 09 Dec 2022 02:48:09 GMT age: 3289 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /splash.php?cat=&idzone=4734030&type=8&p=https://tioanime.com/anime/baki-2018&sub=&tags=&el=&cookieconsent=true&scr_info=cmVtb3RlfHBvcHVuZGVyanN8MjYyMjU2NjY=&tested=2 HTTP/1.1 Host: syndication.exdynsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: syndication.exdynsrv.com/splash.php?cat=&idzone=4734030 (...) FQDN: syndication.exdynsrv.com IP: 95.211.229.247 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 95.211.229.247 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:42:58 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226392aec25d8610.956298012409665413%22%3B%7D; expires=Sun, 08 Dec 2024 03:42:58 GMT; path=; domain=.exdynsrv.com; impressions=cmmsxrbonxgxameexmllsgeicmmsxaeenxgxamecmrmabgeimacslbecnxgxaaabssxamgeislsaroornxgxamercxaxlgeicxbmsbxcnxgxaallaccblgeioslmrxlrnxgxamecmscacgeiccmmlmlcnxgxameomroeegeialbsereanxgxaalrollmegeioslmrxbrnxgxamercxaxlgeicxbmsbcenxgxaallsbmbbgeioslmrxlsnxgxamercolsxgeicxbmsbocnxgxaallcccaogeicxbmsboenxgxaalbaaamegeiclsmarcanxgxaaallsxlcgeiclsmrrmanxgxaaallsxlcgeirbabxabbnxgxameexmllsgeiccmmlleanxgxameexmerxgeimcrxsbcenxgxaameollsmgeimreaoboenxgxaameollsmgeimcclosscnxgxaalccxmexgeimacslbeenxgxaaboslelageioslmroemnxgxamecmrmabgeioslmrxbmnxgxamesrlmlogeicaxsscmbnxgxamexrbcemgeicaormlxonxgxaamealeoegeicaormbmcnxgxaamealeoegeimcclsxscnxgxaamsmxlcageimccloscanxgxaallmalxmgeimreaomxenxgxaamelbbsbgeimreaobscnxgxaamelbbsbgeimcclosconxgxaallsbmbbgeimcclsoeonxgxaamxaacblgeimacslbeonxgxaaloesaslgeimcclsxsanxgxaamsmxlcageimcclsxlbnxgxaamssmcolgeimaecseaonxgxaamssmcolgeimaecsxeonxgxaamssmcolgeimaecseronxgxaamssmcolgeimrblelrenxgxaamssmcolgeiccmmllebnxgxameoxbrrrgeimcclsxlonxgxaamcsebsxgeimcclsoeenxgxaamcrclalgeimcclsxsbnxgxaamcrclalgeimcclossbnxgxaalbexcrageimcclsxlcnxgxaamrscxmxgeimaecseranxgxaabrlemaegeimcclosccnxgxaamrscxmxgeicaormlxcnxgxaalbxrlcegeicaormbmbnxgxaalrexasogeiclsmrbsenxgxaamaxcsxcgeialbserebnxgxamexsrmoogeimcclsxconxgxamecabelcgeimcclsxmenxgxamecabelcgeialbserxonxgxaalbcxbsageimccloscenxgxaalmlsmmcgeimcclsxxonxgxameexxllrgeimcclsxbcnxgxameomoscbgeicaormlxanxgxaammacmrxgeimcclsxaonxgxamesemoslgeimrblxxxbnxgxaambboecmgeimrblxelcnxgxaambboecmgeimrblxxrbnxgxaambboecmgeialbserxenxgxamexmlmxxgeimacslbeanxgxaablxaelxgeialbserecnxgxameoxbrrrgeiccmmllecnxgxamexsrmoogeisaeeasslnxgxaabrbeccogeimcclossanxgxaabrlemaegeimcclsxronxgxamesemoslgeimaecseabnxgxaabrlemaegeimrblelrcnxgxaabrlemaegeimrblxemonxgxaabrlemaegeimcclsxcanxgxaalrlccrxgeimaecsxoonxgxaabmalbxxgeircsxcxscnxgxaabbxeomsgeicaormbbenxgxaalexxbcxgeiabeocmconxgxaablxrcmmgeimcclsxxcnxgxaalesmxrsgeimrblxeeanxgxaablsaloageimaecsemanxgxaalmmeabageimaecselonxgxaaloaroaageimcclsxacnxgxameolxrmmgeimcclselenxgxamecrasabgeimaecsxronxgxaalxmmoorgeimaecsxsenxgxaalxmmoorgeimaecsercnxgxaalxmmoorgeimaecsembnxgxaalxmmoorgeimaecselenxgxaalxmmoorgeimaecobobnxgxaalsmleergeimaecomoanxgxaalsbbboageimrblxxoenxgxaalsbmacmgeimaecobsbnxgxaalsbbboageimrblxosonxgxaalsbbboageimcclsxmanxgxamecrasabgeimaecsxccnxgxaalmeeamageimrblxeecnxgxaalmeeamageimrblelronxgxaalmeeamageimrblelmonxgxaalmeeamageimaecseacnxgxaalmmeabageimaecsxxcnxgxaalmmeabageicaormbmanxgxaalbxrlcegeimaecsxocnxgxaalbrxssogeicaormlobnxgxaallcccaogeimaecomrenxgxameexxllcgeimrblxxxanxgxameexxllrgeimrblxosbnxgxameexxllrgeimaecomlonxgxameexxllrgeimcclselanxgxameobesbsgeimrblxoxenxgxameexmllsgeimaecomconxgxameexmllsgeiclsmrrrenxgxamexlcmeageiclsmarocnxgxamexlcmeageiclsmrbecnxgxamexlcmeageiclsmarcbnxgxamexlcmeageimmccrbeanxgxamecrasabgeimmccrlacnxgxamecmrmabgeimrblxeoenxgxamecrasabgeimmccrlaonxgxamecmscacgeimrxccosoncgxamecmselogxcceicloaxxacnxgxamecmselsgxcceixaoossalnsgxamecmselsgxcceimmccrbxenxgxamecbxbacgeimmcorsxonxgxamecmscacgxcceicmarxbbonsgxamecmscacgxcceialbmlesenxgxamecmcmrogxcceimrxmbarenxgxamecmcmrogxcceimxlbmoconcgxamecmrsbogxcceicloaxxaanxgxamecmmsrogxcceimraeelabnsgxamecmmcxsgxcceimrxccosancgxamecmmcsogxcceimxxerreonxgxamecmmcsogxcceiceecmorsnxgxamecmmcsogxcceimeembesonxgxamecmbbmegxcceimxxerrxenxgxamecmlbxegxcceimcssmlrensgxamecmlbxegxcceialbbebsbnxgxamecmlbxegxcceimmossscensgxamecmlbxegxcceimxxerrebnxgxamecbeobxgxcceimxlbalcenogxamecbeobogxcceimeembescnxgxamecbessmgxcceialrexeoonxgxamecbxmbmgxcceimmccrlaenxgxamercolsxgeimcoaxmxoncgxamecbsaregxcceimeembecenxgxamecbsaregxcceimasbmxconxgxamecbmrbsgxcceimxlbmosensgxamecbbmbcgxcceimmooobranogxamecloaaogxcceimeelaclonogxamecloaaogxcceimeelaclanxgxamecloaaogxcceicloaxxabnxgxameclomccgxcceimmcoaalenxgxameclcbsbgxcceimxlbmosanogxamerexxbogxcceimcoaxmxcncgxamereobergxcceimcssmlrcnsgxamereobergxcceimrceboxanxgxamerelarmgxcceimaoobbebnxgxamerelarmgxcceicloaecoanxgxamerelarmgxcceimmooobronogxamerelbregxcceimaabamcanxgxamerelbregxcceimxreaomcnxgxamerxslmbgxcceimmxerbocnxgxamerxslmlgxcceimmosssconsgxameroxoscgxcceimcssmlroncgxameroxoscgxcceimxlbmosonrgxameroxoscgxcceialbbebrenxgxameroxoscgxcceimmcaacrancgxameroxoscgxcceialrexexbnxgxameroxmargxcceimclsaoxbnmgxamerooesbgxcceimxxerrecnxgxamerooeslgxcceimexexabbnxgxamerooecxgxcceicxmecmcanxgxamerooecxgxcceimrbleaxonogxameroarrbgxcceimxlbmoobnogxamerssomrgxcceimxlbalscnxgxamerscassgxcceimmsoxrlenxgxamersreclgxcceimrxccoscnxgxamersrlacgxcceimxeoxsbenxgxamersblamgxcceimxlbmxbbnxgxamersblamgxcceimsacexoonxgxamersblamgxcceimmcorsebnxgxamersblamgxcceimxlbmxlonogxamercxaxlgxcceislmbeslrnxgxamercxaxlgxoaeimmcorsxanogxamercxaxlgxcceimxeoxsacnogxamercxaxlgxcceimaoolcoonxgxamercxmxcgxcceimmccrbebnxgxamercolsxgeimmxcxslenxgxamercolsxgxcceimmsoxrlonxgxamerccesxgxcceimmsxrlabnxgxamerccesxgxcceimaalslbanogxamerccesxgxcceimmsoxrlcnxgxamerccesxgxcceimrbxmxmanxgxamercbeblgxcceimmoabamcnogxamercbeblgxcceimaoobrbcnogxamercbeblgxcceimaooloranxgxamerrsxaagxcceimaoobrbanogxamerrsxaagxcceialbmmbbenxgxamerrsrbcgxcceimmooobrcnxgxamerrsrbcgxcceiaaxcambbnxgxamerrsrbcgxcceimromoslanxgxamerrsrbcgxcceimxlbmoscnxgxamerrsrbcgxcceimxeemleanxgxamerrsrbcgxcceimrcebeaenxgxamerrmsmbgxcce; expires=Sat, 10 Dec 2022 03:42:58 GMT; path=/; domain=.exdynsrv.com; c-tag=%7B%22tag-link%22%3A%22v3%7C%7CNOR%7C4734030%7C75408060%7C0%7C%7C517%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C%7C8eb713ec8cdc14035d0efbf4dd15f05c%7C0%7Ctioanime.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Sat, 10 Dec 2022 03:42:58 GMT; path=/; domain=.exdynsrv.com; Location: https://goplayhere.com/?5defa5d178518&ag_custom_domain=tioanime.com X-Robots-Tag: noindex, follow --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 09 Dec 2022 03:42:58 GMT content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 826 Cache-Control: max-age=129007 Date: Fri, 09 Dec 2022 03:42:58 GMT Etag: "63920077-118" Expires: Sat, 10 Dec 2022 15:33:05 GMT Last-Modified: Thu, 08 Dec 2022 15:19:19 GMT Server: ECS (amb/6BAC) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 07f4d799f20c86bc36a16a606fbed917 Sha1: e05f5cd071693de228d62d3e54b2626fcb3c9707 Sha256: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 826 Cache-Control: max-age=129007 Date: Fri, 09 Dec 2022 03:42:58 GMT Etag: "63920077-118" Expires: Sat, 10 Dec 2022 15:33:05 GMT Last-Modified: Thu, 08 Dec 2022 15:19:19 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 07f4d799f20c86bc36a16a606fbed917 Sha1: e05f5cd071693de228d62d3e54b2626fcb3c9707 Sha256: 8ed3c868d556318eb23d4dc0592daa2b8ceaec5bedb493b7c59f5959471f11a0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 9d4addec8d3829b107682fbb2363b43cca5c0045bf5f29aa91e760d181a1469a 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9D4ADDEC8D3829B107682FBB2363B43CCA5C0045BF5F29AA91E760D181A1469A" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7612 Expires: Fri, 09 Dec 2022 05:49:51 GMT Date: Fri, 09 Dec 2022 03:42:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ebe0b335e4b0695680ce797853f3cc5f Sha1: 5e4885483eb193470edd22c9489717f39831f04b Sha256: 9d4addec8d3829b107682fbb2363b43cca5c0045bf5f29aa91e760d181a1469a
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 09 Dec 2022 03:07:55 GMT age: 2104 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /?utm_campaign=pu_exo_manga_na&utm_medium=click&utm_source=bn&utm_content=tioanime.com&bnid=direct&crID=4539&zID=95870&land=direct HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: faptitans.com/?utm_campaign=pu_exo_manga_na&utm_medium= (...) FQDN: faptitans.com IP: 138.201.149.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 138.201.149.27 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:42:59 GMT content-length: 0 location: /start/ vary: Accept-Language, Cookie content-language: en set-cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /start/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers	URL: faptitans.com/start/ FQDN: faptitans.com IP: 138.201.149.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 138.201.149.27 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:42:59 GMT content-length: 0 location: / vary: Accept-Language, Cookie content-language: en set-cookie: cook=6zesz82y062gso3nai25ngifug54540z; expires=Sat, 04-Nov-2023 03:42:59 GMT; HttpOnly; Max-Age=28512000; Path=/ sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3011 Cache-Control: max-age=108844 Date: Fri, 09 Dec 2022 03:42:59 GMT Etag: "6391a92c-1d7" Expires: Sat, 10 Dec 2022 09:57:03 GMT Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fd55f4aaaab6ec40bc7dc10252cd819a Sha1: a72523f60be265a391fa9edc43e0a93418ad1fd0 Sha256: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: TW1jXG2in6d4rB5FcMGrtw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.42.148.177 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.42.148.177 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ZtZCAxumguZ4lnBeGMuvtoo49wQ= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5ba69e6e9c1c4368a5d1968b57756d8d524c35af066470d3da5fc20d6100b996 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6251 Cache-Control: 'max-age=158059' Date: Fri, 09 Dec 2022 03:42:59 GMT Last-Modified: Fri, 09 Dec 2022 01:58:48 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 1e777091545c9c2ed462829dda2bd090 Sha1: dec7ade636f9a660f7c6ca0cff033f0a2ec845bc Sha256: 5ba69e6e9c1c4368a5d1968b57756d8d524c35af066470d3da5fc20d6100b996
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: e17ae24c55d39a60c92944b0c9478eeaa128431c55266345806f75fbf613dc6c 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4552 Cache-Control: max-age=117961 Date: Fri, 09 Dec 2022 03:42:59 GMT Etag: "6391c6c4-117" Expires: Sat, 10 Dec 2022 12:29:00 GMT Last-Modified: Thu, 08 Dec 2022 11:13:08 GMT Server: ECS (amb/6BBC) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 2fb795cef147e72f70e3f4918bd8833c Sha1: 6b793cc5f43af30c5c28c14e4f6de9c24571d731 Sha256: e17ae24c55d39a60c92944b0c9478eeaa128431c55266345806f75fbf613dc6c
GET /xoffers_v2.js HTTP/1.1 Host: offers.hooligapps.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: offers.hooligapps.com/xoffers_v2.js FQDN: offers.hooligapps.com IP: 172.67.172.137 HASH: f9ee3cc09bd262346db6b27c715c09d018ad166efb50394f5662e13700f170cc 172.67.172.137 HTTP/2 200 OK content-type: application/javascript date: Fri, 09 Dec 2022 03:42:59 GMT last-modified: Mon, 19 Sep 2022 13:04:03 GMT etag: W/"632868c3-38d" strict-transport-security: max-age=15724800; includeSubDomains cache-control: max-age=14400 cf-cache-status: HIT age: 6832 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jqWcrOXj0ElPJK7ewglFpNWGCcC7ZyYFPl%2FcMidgRGALAJY1A%2FC%2F1G0m3dlyh%2FfhqOuArDqhpeIDLNUCXqtjrdZmDhZPwxu7%2BPA%2BFf2If0qweokqx0UFRQ48CuI7q9%2Fqz9IO2HP9bY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 776abbe73a6ab523-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2130), with no line terminators Size: 1162 Md5: 9d0138b74e21985d09ee3cf6473e01eb Sha1: b21b1c1a06cfc03c379ceae4d974aa6f92badd59 Sha256: f9ee3cc09bd262346db6b27c715c09d018ad166efb50394f5662e13700f170cc
GET /s1//rc/fap-splash-xmas-web.jpg HTTP/1.1 Host: cdn.faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	URL: cdn.faptitans.com/s1//rc/fap-splash-xmas-web.jpg FQDN: cdn.faptitans.com IP: 104.19.254.19 HASH: f7cbd6b92b499de1bfd83b8ab4e0a58ee38a21463f9e790e6c1a31e194a4a43e 104.19.254.19 HTTP/2 200 OK content-type: image/jpeg date: Fri, 09 Dec 2022 03:42:59 GMT content-length: 383182 access-control-allow-origin: * cache-control: public, max-age=315360000 cf-bgj: h2pri etag: "63908758-5d8ce" expires: Mon, 06 Dec 2032 03:42:59 GMT last-modified: Wed, 07 Dec 2022 12:30:16 GMT cf-cache-status: HIT age: 140531 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 776abbe77cf0b515-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, progressive, precision 8, 1200x640, components 3\012- data Size: 383182 Md5: 95c3734f9ecaf27619cff0a6cdacba1b Sha1: fe19e2262e136e0c099c076412209f878ee7ad14 Sha256: f7cbd6b92b499de1bfd83b8ab4e0a58ee38a21463f9e790e6c1a31e194a4a43e
GET /s1/__1152/boot.js HTTP/1.1 Host: cdn.faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	URL: cdn.faptitans.com/s1/__1152/boot.js FQDN: cdn.faptitans.com IP: 104.19.254.19 HASH: 0172b73a915474c2e2e6088e2e86b8f92f1f42a0f989c1886428e02eae6be4a9 104.19.254.19 HTTP/2 200 OK content-type: application/javascript date: Fri, 09 Dec 2022 03:42:59 GMT last-modified: Mon, 05 Dec 2022 11:59:01 GMT etag: W/"638ddd05-1fa6" expires: Mon, 06 Dec 2032 03:42:59 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT age: 140532 vary: Accept-Encoding server: cloudflare cf-ray: 776abbe74cd6b515-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 3586 Md5: f75262dce758b01ba69618f6c1b63f67 Sha1: 36b34e88da4a9dd3bae5a0815ac9deb9319fd0e6 Sha256: 0172b73a915474c2e2e6088e2e86b8f92f1f42a0f989c1886428e02eae6be4a9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7b8c1870f03a90aac6370fc69516f95f Sha1: 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4de2d31db5fd266497999335be56a012920f543a663ada471e32c7268a408f05 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 313089 Md5: e6d2f674d8ba4ac9c276a2fc3a07daf9 Sha1: e63e2b8171960dc181c9370965954f235627d74f Sha256: 4de2d31db5fd266497999335be56a012920f543a663ada471e32c7268a408f05
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c8a1ee09c2186f992a0cef14bd7024bcc3e4b1a17bff6b5bf9b8834cba78c83c 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 267103 Md5: 1ec07a33ae774e07f776fb4159891a59 Sha1: 67a952693df730b323b132d72ad7acd0402eac78 Sha256: c8a1ee09c2186f992a0cef14bd7024bcc3e4b1a17bff6b5bf9b8834cba78c83c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f2473b15711152203cf06156427cf5da094f20511bd078fa0067d823a79c7e34 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 502407 Md5: 3a7b5fed23d53a0eaf94f7dded6a88bf Sha1: 0f818d5b711469f89686bc9e78ee18d231b9831e Sha256: f2473b15711152203cf06156427cf5da094f20511bd078fa0067d823a79c7e34
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 040a8d801e0c573f07af591d078e3d07ae79a1acff5fba775d56724abb540ba3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4069 Expires: Fri, 09 Dec 2022 04:50:49 GMT Date: Fri, 09 Dec 2022 03:43:00 GMT Connection: keep-alive --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 693409 Md5: 2ecadf5e9bd055e59c5e50f2227517e6 Sha1: 2903fc79c1551c62d7fe1f2e253bd5fd7c0bed86 Sha256: 040a8d801e0c573f07af591d078e3d07ae79a1acff5fba775d56724abb540ba3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7557 x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctlz5EISoAMFdWw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 07:15:07 GMT age: 73673 etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7557 Md5: 5de5d319f43d9c9c641419d96655541f Sha1: cde4c7fa0145d3645af17e34c83c63c08f76a076 Sha256: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7897 x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cwVM_F51IAMFunw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Fri, 09 Dec 2022 03:38:26 GMT age: 274 etag: "7558222788f06623ddae6e883413e38e1146281e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7897 Md5: 8c3214044657f3b876d1f1848bca5684 Sha1: 7558222788f06623ddae6e883413e38e1146281e Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12748 x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cjuciEptIAMFj9A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 18:34:32 GMT age: 32908 etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12748 Md5: 730ba1a8edb79ba6f83b46d1ba5aed7b Sha1: 55a236fedf6f5f7ca2bb88ae13e20846a50fd36d Sha256: f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8204 x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cjtKfEiToAMFSXA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 15:50:07 GMT age: 42773 etag: "6cee6b1828c709f68b995197ca943a5c393f86fb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8204 Md5: 9cb76c68a8cd472600106cc118067868 Sha1: 6cee6b1828c709f68b995197ca943a5c393f86fb Sha256: 009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8345 x-amzn-requestid: b1cf2094-2cf5-4e19-9ed7-4d7e220c93cd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: czUoREPoIAMF4hg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6391349b-1b78fe0a155179643ae2aeed;Sampled=0 x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:31 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: YMFI6I2o0A4rGZTluooPsDLGNRRY9kSAfDAFrwzXhIG4HC_W-hFIoQ== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 11:31:33 GMT age: 58287 etag: "4792b0893827924e84cc51450012407717da4d2b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8345 Md5: 659b6eb1f1c430e2780758c7787b9a23 Sha1: 4792b0893827924e84cc51450012407717da4d2b Sha256: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7960 x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctEd8HC0oAMFUag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ== via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 05:44:09 GMT age: 79131 etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7960 Md5: eb00a2a503a690cee3e4dd729b5bc9bd Sha1: cfb1e5bcab2148a777889680e6e36b9d7e8917ec Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 03:43:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 6ec5f6261a8262e9f94b29627f54cefe Sha1: 7ac766cf2ac8c2d960ec033388a767ff8a7d45e2 Sha256: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 03:43:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 6ec5f6261a8262e9f94b29627f54cefe Sha1: 7ac766cf2ac8c2d960ec033388a767ff8a7d45e2 Sha256: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 151 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 HASH: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:01 GMT content-length: 16 vary: Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:01 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 16 Md5: c08db8689029b24432b3283bb558d25f Sha1: 70431d464d9ec8b326e809c3438b47f6d1bf4465 Sha256: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f
GET /css?family=Roboto&subset=latin,latin-ext,cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn.faptitans.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Roboto&subset=latin,lat (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: f56edc82574d307d4c388d711cd9e8a4ed10a39a3492c804876c8ff3a2fcaec6 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 09 Dec 2022 03:43:01 GMT date: Fri, 09 Dec 2022 03:43:01 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 12753 Md5: 3217ca548056d862160d26e3f2ab451e Sha1: 054e07327c568e63f2753dd1b9cf8ee341aa5b0e Sha256: f56edc82574d307d4c388d711cd9e8a4ed10a39a3492c804876c8ff3a2fcaec6
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6f422d3c21f4b4af8fe81eafff36f4f0d8c0e55ba98c06ce7579ce9e2ef44ee7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5389 Cache-Control: max-age=135735 Date: Fri, 09 Dec 2022 03:43:01 GMT Etag: "639208ef-1d7" Expires: Sat, 10 Dec 2022 17:25:16 GMT Last-Modified: Thu, 08 Dec 2022 15:55:27 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1840aeb34fdf302c4b0279cff88a3fff Sha1: b6269311d6e4f3a0d1ca7ae4a19b626d9c8a9c39 Sha256: 6f422d3c21f4b4af8fe81eafff36f4f0d8c0e55ba98c06ce7579ce9e2ef44ee7
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 184 Cache-Control: max-age=152807 Date: Fri, 09 Dec 2022 03:43:01 GMT Etag: "63925ff4-116" Expires: Sat, 10 Dec 2022 22:09:48 GMT Last-Modified: Thu, 08 Dec 2022 22:06:44 GMT Server: ECS (amb/6B83) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 9c88a0dc24f35af394824eb79bb4ed55 Sha1: 5a6a71e6a36d83cb2b351912e531fd33c487b1ce Sha256: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5
POST / HTTP/1.1 Host: status.thawte.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: status.thawte.com/ FQDN: status.thawte.com IP: 93.184.220.29 HASH: 28ee1e33d02fc5c68ab1d51073777afd2157d8911b8ef08fc6b7e1f65fa1f1ae 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5035 Cache-Control: max-age=125984 Date: Fri, 09 Dec 2022 03:43:01 GMT Etag: "6391e43a-1d7" Expires: Sat, 10 Dec 2022 14:42:45 GMT Last-Modified: Thu, 08 Dec 2022 13:18:50 GMT Server: ECS (amb/6B83) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 651b6978fe0c454b7c799a257073e03d Sha1: 1c135ed1e0f7bebd3ce45cfad7301103b93b81e3 Sha256: 28ee1e33d02fc5c68ab1d51073777afd2157d8911b8ef08fc6b7e1f65fa1f1ae
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 185 Cache-Control: max-age=152807 Date: Fri, 09 Dec 2022 03:43:02 GMT Etag: "63925ff4-116" Expires: Sat, 10 Dec 2022 22:09:49 GMT Last-Modified: Thu, 08 Dec 2022 22:06:44 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 9c88a0dc24f35af394824eb79bb4ed55 Sha1: 5a6a71e6a36d83cb2b351912e531fd33c487b1ce Sha256: b669863c288f8def7779ffca9aa41bfb47e15a699ac8f81dc4c36d22ed5503e5
GET /iframe/5e2ae7bb31e93?iframe&xapp=faptitans&xuid=237039754&time=1075.669677734375&ag_custom_domain=faptitans.com HTTP/1.1 Host: lostincunt.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: lostincunt.com/iframe/5e2ae7bb31e93?iframe&xapp=faptita (...) FQDN: lostincunt.com IP: 172.67.215.107 HASH: 6429861256e336022d10e452e8070db22924b633776f36411778380b56187a8b 172.67.215.107 HTTP/2 200 OK content-type: text/html date: Fri, 09 Dec 2022 03:43:02 GMT set-cookie: f_14737_96043_86400={"t":1670643782,"v":0}; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None c_18f247a59eab66606c6850df22169cc0=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None z_5c7db1b25c1c1ea3b02070bfbd4e66e9=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=lostincunt.com; Path=/; Secure; SameSite=None cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfhuCr5atj1ZlD0SceWYiKxjCRojDiU%2FxSndqF5b4vIKrEIYsClPnx2X7WNNU31G3cXlx%2BbHRCdC%2Ba5EvHuAT1nvUJcjZQfmBuxh%2F7KBTC%2BMOyq4m%2BS%2B8ezWICVaM%2BvCGw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 776abbf4ed48b511-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2283) Size: 5800 Md5: 6b4f298ccf85b92355803aaf5906d2cf Sha1: c86dc45a5233074adf86be0f04a7739637e89e23 Sha256: 6429861256e336022d10e452e8070db22924b633776f36411778380b56187a8b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 03:43:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0e9eef4ed41ef94e9ea175ad243e294e Sha1: b6f83e508270413dabe55e2884b5409ca7978e24 Sha256: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://faptitans.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 07 Dec 2022 19:33:54 GMT expires: Thu, 07 Dec 2023 19:33:54 GMT cache-control: public, max-age=31536000 age: 115748 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 81b7b344780f14e95e393fbc681173e64df6cfd065bf83f17281ffc5a66f232a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6289 Cache-Control: 'max-age=158059' Date: Fri, 09 Dec 2022 03:43:02 GMT Last-Modified: Fri, 09 Dec 2022 01:58:13 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: cecc392d07add9c5724f2cea41391984 Sha1: 389db162b9b5d7d13121268c5f59d2d125f24f92 Sha256: 81b7b344780f14e95e393fbc681173e64df6cfd065bf83f17281ffc5a66f232a
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "74A41CB73844D67C6BB09A04095878441A1B9D59CBCE67A7CA0CD7DD64F08354" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8131 Expires: Fri, 09 Dec 2022 05:58:33 GMT Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: 60f8362598607aac51bd2e40ae9c0801 Sha1: 4eddc9eefc8c181c23add2a7a44b22376844ab2e Sha256: 74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354
GET /compliance/epoch_descriptor.html? HTTP/1.1 Host: d39iocnrk5rxnb.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://faptitans.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: d39iocnrk5rxnb.cloudfront.net/compliance/epoch_descript (...) FQDN: d39iocnrk5rxnb.cloudfront.net IP: 54.230.245.148 HASH: e282575868c67d80a6931093daccaa645754d8d38766a373dc2eaa0e038f495b 54.230.245.148 HTTP/2 200 OK content-type: text/html content-length: 75 last-modified: Thu, 12 Jul 2018 16:17:26 GMT accept-ranges: bytes server: AmazonS3 date: Fri, 09 Dec 2022 03:28:21 GMT etag: "4c3b9b7df4a3326c84da0c4a89717fe4" x-cache: Hit from cloudfront via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: NvcNk_LvZuurlLFbR1wca-t461Z7ZVFraM5TrX_n3RfvO4fCNhSuOA== age: 882 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text Size: 75 Md5: 4c3b9b7df4a3326c84da0c4a89717fe4 Sha1: 3a9f58004f386d11e69aa2d0ed3d5b012fdfea2c Sha256: e282575868c67d80a6931093daccaa645754d8d38766a373dc2eaa0e038f495b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 03:43:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0e9eef4ed41ef94e9ea175ad243e294e Sha1: b6f83e508270413dabe55e2884b5409ca7978e24 Sha256: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4C0D144B20AB8CF7FEC972A66E08ED2B993121E9C4B6C88BBF0F3E7388F2B058" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5066 Expires: Fri, 09 Dec 2022 05:07:28 GMT Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: acea7cb44141792f5d84b0c9ab8c57e4 Sha1: 69f1e46739200324bd891063d17c7a7083f313b7 Sha256: 4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058
GET /bnr/4/03d/3bc890/03d3bc890345aa15462e9aa382d06217.jpg HTTP/1.1 Host: iadoremakingpics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: iadoremakingpics.com/bnr/4/03d/3bc890/03d3bc890345aa154 (...) FQDN: iadoremakingpics.com IP: 104.21.65.147 HASH: 8b11d96de3683db3bc15a4d91b22bc6584b9eb2185796e3ce5297353597ac1c7 104.21.65.147 HTTP/2 200 OK content-type: image/jpeg date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 76461 last-modified: Sun, 18 Aug 2019 08:40:36 GMT etag: "5d590f04-12aad" expires: Fri, 09 Dec 2022 13:31:04 GMT cache-control: max-age=1382400 cf-cache-status: HIT age: 51118 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZZqG7QQS0L2wd%2FOn3TOHvxkpr7zkDGR1Ii6yYg0dQ4LYBZtStS9EaDa8sfLeo1DG9kXvbyyoCX5rXsdzBvr%2FGX0ky6cQ74AsLPvpNNwLUP5ZgtIE2iM0PZS8iNRUpSUs3sA4E5gPQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 776abbf748f0b512-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, baseline, precision 8, 580x100, components 3\012- data Size: 76461 Md5: 03d3bc890345aa15462e9aa382d06217 Sha1: 639c121a5b621a9c908d7969763a8cca8e29861e Sha256: 8b11d96de3683db3bc15a4d91b22bc6584b9eb2185796e3ce5297353597ac1c7
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6252 Cache-Control: max-age=103466 Date: Fri, 09 Dec 2022 03:43:02 GMT Etag: "63918784-118" Expires: Sat, 10 Dec 2022 08:27:28 GMT Last-Modified: Thu, 08 Dec 2022 06:43:16 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 1748e389f833acab2befe35c8d932ccd Sha1: 83b505213038c09fb3bf22d227ad253dbb5cae10 Sha256: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.76.226 HASH: 74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "74A41CB73844D67C6BB09A04095878441A1B9D59CBCE67A7CA0CD7DD64F08354" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8131 Expires: Fri, 09 Dec 2022 05:58:33 GMT Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: 60f8362598607aac51bd2e40ae9c0801 Sha1: 4eddc9eefc8c181c23add2a7a44b22376844ab2e Sha256: 74a41cb73844d67c6bb09a04095878441a1b9d59cbce67a7ca0cd7dd64f08354
GET /index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1 Host: twistconcept.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: twistconcept.com/index.min.js?pk=068f30d41a2c432d6c8a96 (...) FQDN: twistconcept.com IP: 172.67.215.17 HASH: 31eb4bb3a3d8a6af7031683988b1cb0ca7cd8531bdf64863b4f9d8b438a79f1c 172.67.215.17 HTTP/2 200 OK content-type: application/javascript date: Fri, 09 Dec 2022 03:43:02 GMT last-modified: Thu, 07 Apr 2022 08:49:08 GMT etag: W/"624ea584-28c" cache-control: max-age=14400 cf-cache-status: HIT age: 4789 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WROjNeljdENjGKD0zIedDr9va1xPJp4Ec4Jit8hEkaYgdKbB%2Bhwg5fKGvMDRlSOzHin63MXGQ%2FFxck0XbK8aE4Z6W11hTrZ6SLNOoxeJpmmaCSoMIXFc%2Bo%2FOwD%2BUBnNCvkTN"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 776abbf7490b1c02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (651) Size: 637 Md5: 773bff652302ebbcfa93ea6a1384c5cc Sha1: 191549a3a45edf4e1a27b9f70d681bb397e8c840 Sha256: 31eb4bb3a3d8a6af7031683988b1cb0ca7cd8531bdf64863b4f9d8b438a79f1c
GET /api/v1/retargeting/set/cd5a54e9-d886-4c75-af65-8b819a80f59e HTTP/1.1 Host: tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: tsyndicate.com/api/v1/retargeting/set/cd5a54e9-d886-4c7 (...) FQDN: tsyndicate.com IP: 162.55.130.248 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 162.55.130.248 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 35 pragma: no-cache expires: 0 vary: * x-api-version: 1 x-request-id: f8448cf5d87077cf set-cookie: ts_rt_cd5a54e9-d886-4c75-af65-8b819a80f59e=AAMC; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; HttpOnly; secure; SameSite=None cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag: none, noindex, nofollow report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef HTTP/1.1 Host: runative-syndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: runative-syndicate.com/api/v1/retargeting/set/dedc7df9- (...) FQDN: runative-syndicate.com IP: 136.243.43.25 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 136.243.43.25 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 35 pragma: no-cache expires: 0 vary: * x-api-version: 1 x-request-id: 4ff300de58e768ae set-cookie: ts_rt_dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef=AAMC; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; HttpOnly; secure; SameSite=None cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag: none, noindex, nofollow report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /img.gif?f=sync&lr=1&partner=8c7c01962f4e2c3e4ed0abe5cbafc84289b3e8521c6f0b5a27c2e73ae5e07e86 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/img.gif?f=sync&lr=1&partner=8c7c01962f4e2 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1 Host: main.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: main.realsrv.com/tag.php?goal=c413c2e3b989836e2023687a6 (...) FQDN: main.realsrv.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1 Host: main.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: main.realsrv.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365 (...) FQDN: main.realsrv.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /compliance/epoch_descriptor.php?master_code=M-607000 HTTP/1.1 Host: epoch.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: epoch.com/compliance/epoch_descriptor.php?master_code=M (...) FQDN: epoch.com IP: 104.18.4.99 HASH: 8c47da3b8e619dc62809c276483967451c096d0c6869d3bc0eb8136ddddf0753 104.18.4.99 HTTP/2 301 Moved Permanently date: Fri, 09 Dec 2022 03:43:01 GMT location: https://d39iocnrk5rxnb.cloudfront.net/compliance/epoch_descriptor.html? cache-control: max-age=3600 expires: Fri, 09 Dec 2022 04:43:01 GMT vary: Accept-Encoding server: cloudflare cf-ray: 776abbf55849b51e-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 81798 Md5: dbac2121da5bc728d345778cf6649012 Sha1: 8d19919114b29987e65df040f0477126c7085bdf Sha256: 8c47da3b8e619dc62809c276483967451c096d0c6869d3bc0eb8136ddddf0753
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 152 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 HASH: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 16 vary: Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 16 Md5: c08db8689029b24432b3283bb558d25f Sha1: 70431d464d9ec8b326e809c3438b47f6d1bf4465 Sha256: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 54.230.245.110 HASH: 97c332fdd487c436d904a71199c2ea74f3fc3ceab35a20fcd708359590828b2a 54.230.245.110 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=123574 Date: Fri, 09 Dec 2022 03:43:02 GMT Etag: "6391e720-1d7" Expires: Sat, 10 Dec 2022 14:02:36 GMT Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT Server: ECS (nyb/1D32) X-Cache: Miss from cloudfront Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: MZTo2fvuUgNtqv1s28Am-nmhFGLTr4i1LQRABdlK_2BMtwgFwfnwrA== Age: 1884 --- Additional Info --- Magic: gzip compressed data, from Unix\012- data Size: 620 Md5: d234cf546b28bbe86f927337b91b55ba Sha1: f0f31551d755a5e86b8e6a6e8624edb17c1a4ef1 Sha256: 97c332fdd487c436d904a71199c2ea74f3fc3ceab35a20fcd708359590828b2a
GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1 Host: main.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: main.exoclick.com/tag.php?goal=c413c2e3b989836e2023687a (...) FQDN: main.exoclick.com IP: 95.211.229.247 HASH: 40d7917aa1f643b80d0c369ccf1d45ec007c158a3ea69e9fba176e6611d21d79 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 167 Md5: e67cb30efacc40cc78ef2aaa657d8dc7 Sha1: 79c9da5a6518c8f91c2e5e2db98daa9734cbb725 Sha256: 40d7917aa1f643b80d0c369ccf1d45ec007c158a3ea69e9fba176e6611d21d79
GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1 Host: syndication.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exoclick.com/tag.php?goal=c413c2e3b989836e2 (...) FQDN: syndication.exoclick.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 444c632c4522f8b2411d746de2390910a7b4c609da4762adce992ace746e8bbc 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "444C632C4522F8B2411D746DE2390910A7B4C609DA4762ADCE992ACE746E8BBC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11388 Expires: Fri, 09 Dec 2022 06:52:50 GMT Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4b1aeff1cd3c947c1be297cb88e0ee10 Sha1: bf0c86976f9184f96e493d0b18bfaa653415dcff Sha256: 444c632c4522f8b2411d746de2390910a7b4c609da4762adce992ace746e8bbc
GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1 Host: main.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: main.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc299b4c36 (...) FQDN: main.exoclick.com IP: 95.211.229.247 HASH: 5fca458804cd6707eda5ce9a40e10d15e5d658953c6c938c64e4688edea9a2c4 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (371), with no line terminators Size: 208 Md5: 06f8dd6acb4d5786786e1dc37cfc501c Sha1: 62b2c9b896130af5c379aabc35be6a18e6b7e400 Sha256: 5fca458804cd6707eda5ce9a40e10d15e5d658953c6c938c64e4688edea9a2c4
GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1 Host: syndication.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc2 (...) FQDN: syndication.exoclick.com IP: 95.211.229.247 HASH: 9ba775b34e013c3e98f14addc431074cab90df4ec942c0475376305fead0d4ad 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1374), with no line terminators Size: 396 Md5: 036235a963100a1195289e959dfe0c92 Sha1: 5837db4614f04439682123fadc7b2be6149b1f9d Sha256: 9ba775b34e013c3e98f14addc431074cab90df4ec942c0475376305fead0d4ad
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6252 Cache-Control: max-age=103466 Date: Fri, 09 Dec 2022 03:43:02 GMT Etag: "63918784-118" Expires: Sat, 10 Dec 2022 08:27:28 GMT Last-Modified: Thu, 08 Dec 2022 06:43:16 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 1748e389f833acab2befe35c8d932ccd Sha1: 83b505213038c09fb3bf22d227ad253dbb5cae10 Sha256: 49186d6b2f5071fa2172fdcd25b9a457ce1d520c4f56165c0c16b0327e7d750a
GET /img.gif?f=sync&lr=1&partner=c7cc550860330813dd2414dae0e7ea3dc3bfcaa7a8158e4a67e8a192f5e622b3 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: ID=4b218c7483de4a3cb1d868748d8f26c3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/img.gif?f=sync&lr=1&partner=c7cc550860330 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&lr=1&partner=89796ae6f4f1656234dc83bc070b543763c33405da12904dd20ac99505a3d9d1 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: ID=4b218c7483de4a3cb1d868748d8f26c3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/img.gif?f=sync&lr=1&partner=89796ae6f4f16 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=4b218c7483de4a3cb1d868748d8f26c3; expires=Sat, 09 Dec 2023 03:43:02 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /tag_gen.js HTTP/1.1 Host: a.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: a.exoclick.com/tag_gen.js FQDN: a.exoclick.com IP: 205.185.216.42 HASH: c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f 205.185.216.42 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 09 Dec 2022 03:43:02 GMT Connection: Keep-Alive Content-Encoding: gzip Content-Length: 515 Accept-Ranges: bytes Cache-Control: max-age=10800 Server: nginx etag: W/"a56c0470b9aa925085e51a6271a" X-HW: 1670557382.dop232.sk1.t,1670557382.cds219.sk1.shn,1670557382.dop232.sk1.t,1670557382.cds251.sk1.c Access-Control-Allow-Origin: , --- Additional Info --- Magic: ASCII text, with very long lines (1030), with no line terminators Size: 515 Md5: 628e0302068ade64b5f411f39d5ce7e5 Sha1: ff1a609269f34bad5ae67ed1678df3f7b905d018 Sha256: c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 152 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 HASH: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 16 vary: Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 16 Md5: c08db8689029b24432b3283bb558d25f Sha1: 70431d464d9ec8b326e809c3438b47f6d1bf4465 Sha256: f31f5ecf6846631607e69be15a71c23cc270b550906e17040d5bf4fef83b019f
GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1 Host: s.opoxv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: s.opoxv.com/tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e FQDN: s.opoxv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1 Host: simplewebanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: simplewebanalysis.com/px.gif?akey=068f30d41a2c432d6c8a9 (...) FQDN: simplewebanalysis.com IP: 18.185.190.54 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.185.190.54 HTTP/2 307 Temporary Redirect content-type: image/gif date: Fri, 09 Dec 2022 03:43:02 GMT content-length: 0 location: https://professionalswebcheck.com/dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk server: nginx/1.17.6 set-cookie: uid_id2=50148bac-d918-4719-8a67-de57481d74af:2:1; expires=Mon, 06 Dec 2032 03:43:02 GMT; secure; SameSite=None ak=29,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None expires: Fri, 09 Dec 2022 03:43:02 GMT cache-control: max-age=0, : no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1 Host: syndication.exdynsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exdynsrv.com/tag.php?goal=cdbcfa949fc6ffc29 (...) FQDN: syndication.exdynsrv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 Host: s.opoxv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: s.opoxv.com/tag.php?goal=170c73ca45ab90acc02e61427b768795 FQDN: s.opoxv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.opoxv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.realsrv.com/tag.php?goal=cdbcfa949fc6ffc294 (...) FQDN: syndication.realsrv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A2%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7Di%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 Host: syndication.exdynsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exdynsrv.com/tag.php?goal=170c73ca45ab90acc (...) FQDN: syndication.exdynsrv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 Host: syndication.realsrv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.realsrv.com/tag.php?goal=170c73ca45ab90acc0 (...) FQDN: syndication.realsrv.com IP: 95.211.229.246 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.246 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:02 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A2%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7Di%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:02 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553 HTTP/1.1 Host: syndication.traffichaus.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lostincunt.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.traffichaus.com/adserve/r.php?k=GAME&adv_id (...) FQDN: syndication.traffichaus.com IP: 66.254.114.233 HASH: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 66.254.114.233 HTTP/1.1 200 OK content-type: image/png server: nginx date: Fri, 09 Dec 2022 03:43:02 GMT transfer-encoding: chunked set-cookie: re_94511_R0FNRQ=eyJ0IjoiR0FNRSIsImEiOiI5NDUxMSIsImQiOiIiLCJkaCI6Ijk2OTIwNWIwMjQ3NzU0MjUwZDkyMWQ4ZGE0NTg3NWZhIiwiYmgiOiI0OGMwMTFkMjY0OGFmZTA0NTVkMjAzOTY3YWExMzBhNSIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZSI6MTY5NjQ3NzM4Mn0%3D; expires=Thu, 05-Oct-2023 03:43:02 GMT; Max-Age=25920000; path=/ RNLBSERVERID=ded5930; path=/ accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version x-request-id: 6392AEC6-42FE72E901BB2DE1-69D839E --- Additional Info --- Magic: PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Size: 95 Md5: 71a50dbba44c78128b221b7df7bb51f1 Sha1: 0ec63b140374ba704a58fa0c743cb357683313dd Sha256: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /tag.php?goal=cdbcfa949fc6ffc294469b5dae1a472e HTTP/1.1 Host: syndication.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exoclick.com/tag.php?goal=cdbcfa949fc6ffc29 (...) FQDN: syndication.exoclick.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:03 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A77325%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:03 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=170c73ca45ab90acc02e61427b768795 HTTP/1.1 Host: syndication.exoclick.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: syndication.exoclick.com/tag.php?goal=170c73ca45ab90acc (...) FQDN: syndication.exoclick.com IP: 95.211.229.247 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 95.211.229.247 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 09 Dec 2022 03:43:03 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: goals=a%3A1%3A%7Bi%3A69260%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-08%22%3B%7D%7D; expires=Sat, 09 Dec 2023 03:43:03 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none X-Robots-Tag: noindex, follow Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /px.gif?akey=4bd743ddcc79bd80ae00a9d22a3fcb14 HTTP/1.1 Host: simplewebanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: simplewebanalysis.com/px.gif?akey=4bd743ddcc79bd80ae00a (...) FQDN: simplewebanalysis.com IP: 18.185.190.54 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.185.190.54 HTTP/2 307 Temporary Redirect content-type: image/gif date: Fri, 09 Dec 2022 03:43:03 GMT content-length: 0 location: https://professionalswebcheck.com/dbs?uuid=cf0fd4cc-2c35-4f02-a726-7e16eabeee08&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjI3OSI6MTY3MDU1NzM4Mn0sImFjY2wiOnsgIjIwLDEiOjE2NzA1NTczODJ9fQ.8wc-ZfZh77Bkqh-kiNOElHNF_z85bCzUfuYe6-u8bAo server: nginx/1.17.6 set-cookie: uid_id2=cf0fd4cc-2c35-4f02-a726-7e16eabeee08:1:1; expires=Mon, 06 Dec 2032 03:43:02 GMT; secure; SameSite=None ak=279,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:02 GMT; secure; SameSite=None expires: Fri, 09 Dec 2022 03:43:03 GMT cache-control: max-age=0, : no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
GET /dbs?uuid=50148bac-d918-4719-8a67-de57481d74af&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjcwNTU3MzgyfSwiYWNjbCI6eyAiMjAsMSI6MTY3MDU1NzM4Mn19.Ynde_KbgJ5WTA1RsLdSZKkwRSrctsGX-zP2rqs2Wawk HTTP/1.1 Host: professionalswebcheck.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lostincunt.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: professionalswebcheck.com/dbs?uuid=50148bac-d918-4719-8 (...) FQDN: professionalswebcheck.com IP: 18.185.190.54 HASH: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c 18.185.190.54 HTTP/2 200 OK content-type: image/gif date: Fri, 09 Dec 2022 03:43:03 GMT content-length: 7 server: nginx/1.17.6 set-cookie: uid_id2=50148bac-d918-4719-8a67-de57481d74af:2:1; expires=Mon, 06 Dec 2032 03:43:03 GMT; secure; SameSite=None ak=29,1670557382; expires=Thu, 09 Mar 2023 03:43:03 GMT; secure; SameSite=None acl=20,1,1670557382; expires=Thu, 09 Mar 2023 03:43:03 GMT; secure; SameSite=None expires: Fri, 09 Dec 2022 03:43:03 GMT cache-control: max-age=0, : no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 7 Md5: 132d6af1b46048b45cf86cdee7991d31 Sha1: eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 159 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 HASH: 4c8b8d6a0b8391fda97d33d9ecbede40324c8119affa134fd26ffe1d757597c3 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:03 GMT vary: Accept-Encoding, Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:03 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (621), with no line terminators Size: 187 Md5: 09a62a0d50ba06af6b74f88c71e89e46 Sha1: bee29df947b90fe9bf646f8e8c1f52605b6000ee Sha256: 4c8b8d6a0b8391fda97d33d9ecbede40324c8119affa134fd26ffe1d757597c3
GET /iframe/5d839cd6290ea?iframe HTTP/1.1 Host: rivne.space User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rivne.space/iframe/5d839cd6290ea?iframe FQDN: rivne.space IP: 104.21.47.163 104.21.47.163 HTTP/2 200 OK content-type: text/html date: Fri, 09 Dec 2022 03:43:02 GMT set-cookie: c_b3ffea71cc29f56d2fba269a968ef7d3=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=rivne.space; Path=/; Secure; SameSite=None z_c56a21bde062afcb1f0e6c38cce1c8f7=1; Expires=Sat, 10-Dec-22 03:43:02 GMT; Domain=rivne.space; Path=/; Secure; SameSite=None cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqSSBVltZCsWs7v9pId0CeGejTQJI6IEQid71GvH%2BMpKXO8oSo7DOzPHPc7kTbQt4LF0YF89IBzXQsNHIabtoB5qUCHoMMlO4qRj%2Bq0x1Lr17DgDQ%2BhcfijiwDoyhQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 776abbf778fcb51e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 158 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:02 GMT vary: Accept-Encoding, Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:02 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
POST /api/ HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-CSRFToken: pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB X-Requested-With: XMLHttpRequest Content-Length: 156 Origin: https://faptitans.com Connection: keep-alive Referer: https://faptitans.com/ Cookie: sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; cook=6zesz82y062gso3nai25ngifug54540z; csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: faptitans.com/api/ FQDN: faptitans.com IP: 138.201.149.27 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:43:03 GMT vary: Accept-Encoding, Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:43:03 GMT; Max-Age=31449600; Path=/ strict-transport-security: max-age=43200 content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /?5defa5d178518&ag_custom_domain=tioanime.com HTTP/1.1 Host: goplayhere.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: goplayhere.com/?5defa5d178518&ag_custom_domain=tioanime.com FQDN: goplayhere.com IP: 172.67.187.242 172.67.187.242 HTTP/2 302 Found content-type: text/html date: Fri, 09 Dec 2022 03:42:58 GMT location: https://faptitans.com/?utm_campaign=pu_exo_manga_na&utm_medium=click&utm_source=bn&utm_content=tioanime.com&bnid=direct&crID=4539&zID=95870&land=direct set-cookie: c_d2f51664adaebc60bcf55c028d773b61=1; Expires=Sat, 10-Dec-22 03:42:58 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None z_1ee83bf51fc9ae04880b726070ec8393=1; Expires=Sat, 10-Dec-22 03:42:58 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQXjAroAj%2FYkJ6lgTS8tCNQNnVjhF%2Bnt1h5dxhiMiO7iqEWpcJhqKsJ%2BHUWFgMJKHaEqwC0Fj8GlFIGZbganrvXl929aUasyrEDt52wsK74uzN%2FQjRHx%2BVXcUfWnzPyOeQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 776abbe15f20b503-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET / HTTP/1.1 Host: faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: sessionid=koai6hlmzhyazuoqjcfb4k8vvxjcwf1d; cook=6zesz82y062gso3nai25ngifug54540z Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers	URL: faptitans.com/ FQDN: faptitans.com IP: 138.201.149.27 138.201.149.27 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 03:42:59 GMT vary: Accept-Encoding, Cookie, Accept-Language content-language: en set-cookie: csrftoken=pea6vXbGNbMfmDfestmNydRFYSw2cM4ufjAeZ4B9ZC4MVRXzuXZv6fRcxRsROtdB; expires=Fri, 08-Dec-2023 03:42:59 GMT; Max-Age=31449600; Path=/ sessionid=qfqn5rk84fd0voviqslwtdyq90ibk1x5; expires=Sun, 11-Dec-2022 03:42:59 GMT; HttpOnly; Max-Age=172800; Path=/ strict-transport-security: max-age=43200 content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /s1/rc/favicon.ico HTTP/1.1 Host: cdn.faptitans.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://faptitans.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	URL: cdn.faptitans.com/s1/rc/favicon.ico FQDN: cdn.faptitans.com IP: 104.19.254.19 104.19.254.19 HTTP/2 200 OK content-type: image/x-icon date: Fri, 09 Dec 2022 03:42:59 GMT last-modified: Mon, 14 Mar 2022 12:16:44 GMT etag: W/"622f322c-47e" expires: Mon, 06 Dec 2032 03:42:59 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT age: 16000657 vary: Accept-Encoding server: cloudflare cf-ray: 776abbe7bd77b515-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

Overview

Domain Summary (37)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 95.211.229.246

Last 5 reports on ASN: LeaseWeb Netherlands B.V.

Last 5 reports on domain: exdynsrv.com

No other reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (1)

#1 JavaScript::Eval (size: 35) - SHA256: ba6f1d5919ab18ea56d18c25ee06c74efb9ffa4670f3323b24c0218a160c47d4

Executed Writes (0)

HTTP Transactions (88)

Overview

Domain Summary (37)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 95.211.229.246

Last 5 reports on ASN: LeaseWeb Netherlands B.V.

Last 5 reports on domain: exdynsrv.com

No other reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (1)

#1 JavaScript::Eval (size: 35) - SHA256: ba6f1d5919ab18ea56d18c25ee06c74efb9ffa4670f3323b24c0218a160c47d4

Executed Writes (0)

HTTP Transactions (88)

Network Intrusion Detection Systems