firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 16:10:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7Bp1LwaHMF8yEnL-01EdEfSWGiPVS5Goq3PBXJZq41CfQVKjuNmt8w==
Age: 2959
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2470
Expires: Thu, 15 Sep 2022 17:40:57 GMT
Date: Thu, 15 Sep 2022 16:59:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wo08Lkodvtj_HdKA28C6r0zc1JCrTxmn9DNUHuuYx6CJJDvjhY0VNA==
age: 44672
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 16:59:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 16:03:22 GMT
Expires: Thu, 15 Sep 2022 16:03:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B-W-ZkwIz5SSoCQVyvzvO8BrHO5kX3XMbMwp3ko50DqlB_apNjZs2A==
Age: 3385
skinsparaandroid.maicondroidoficial.com/category/wtds/
108.179.252.174301 Moved Permanently 0 B URL HTTP/1.1 skinsparaandroid.maicondroidoficial.com/category/wtds/
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /category/wtds/ HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 16:59:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=dadf64a22fe0372a5df5aceadd2f05a1; path=/; secure; HttpOnly
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3169
Cache-Control: max-age=143984
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:48 GMT
Etag: "6322dd13-1d7"
Expires: Sat, 17 Sep 2022 08:59:32 GMT
Last-Modified: Thu, 15 Sep 2022 08:06:43 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e7a1df606e9204497c7b663fc4d30df
225483d646e2f05c00d53b1aaa251abb6ac3eb0c
88322005bf90776681410d6eed37714bd8924dab3a5127040c8a4ce142c0f55e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88322005BF90776681410D6EED37714BD8924DAB3A5127040C8A4CE142C0F55E"
Last-Modified: Wed, 14 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 15 Sep 2022 22:59:48 GMT
Date: Thu, 15 Sep 2022 16:59:48 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.46.140101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.46.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1wZyRYvE1NlGZLoYSYz9cg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ShLxrabSJTOW1iAHlakehNEPCfo=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56b4a90e8be043082aa30d490fe93e47
6c94d4b9610ec757d7e7851ac2e478edff1309f8
c59724a0ece262f497d3f09f4e90ae49a11a3a150134183cc10ef2c47f5fe9b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 0feed37f9359463f49f47c96da8e6288
fb6351bf69c6ad6c71c2883e1b6975da6fc24b27
a7dd98e77c6e12ab7e29855d9abf3798359cd4afacae3cd528d2ff89d361eb7a
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 16:59:49 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 19 Sep 2022 15:37:40 GMT
ETag: "fb6351bf69c6ad6c71c2883e1b6975da6fc24b27"
Last-Modified: Thu, 15 Sep 2022 15:37:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 449
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b2ea3fec2eb51e-OSL
www.googletagmanager.com/gtag/js?id=UA-124539219-3
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-124539219-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash cbdcc685787005371925603c3b7e81ba
54e68c5c5a6847a2a0356f976b10d735df486dda
d02c56485a4bafa8c554e181fc04f6faf32cde673b91c2dc47168daf50af370d
GET /gtag/js?id=UA-124539219-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 16:59:49 GMT
expires: Thu, 15 Sep 2022 16:59:49 GMT
cache-control: private, max-age=900
last-modified: Thu, 15 Sep 2022 16:38:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 734d709ca96b537a66a72b012bad01b3
1422dc6e556936950feec9000a321a050b638ff8
f22c958051fad1d1d361d069afd22467fbc3caaebffac1ffb0fe3eead923c0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56b4a90e8be043082aa30d490fe93e47
6c94d4b9610ec757d7e7851ac2e478edff1309f8
c59724a0ece262f497d3f09f4e90ae49a11a3a150134183cc10ef2c47f5fe9b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
skinsparaandroid.maicondroidoficial.com/wp-content/plugins/gtranslate/gtranslate-style16.css?ver=6.0.2
108.179.252.174200 OK 297 B URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/plugins/gtranslate/gtranslate-style16.css?ver=6.0.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d88ebba95b0f655e9d78d37b26de7383
9c4962d5f43090d0f78aacd7a1d9f25685c144e0
65ca129dcac9b1d71e6482216a9df221a5b2a672497bff2c490c9225cc6b5879
GET /wp-content/plugins/gtranslate/gtranslate-style16.css?ver=6.0.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 09 May 2022 17:40:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 297
content-type: text/css
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1663004426
108.179.252.174200 OK 7.6 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1663004426
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (26316), with no line terminators
Hash 4d40cdf2b15e88640b0d96fbccf7352e
1c7d08bcd670048b5a13c0988a9078cdfed5a414
07f5d9bd41c5d8b5170786c4d021f840a071636784b18862d479bb7d37046ed0
GET /wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1663004426 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 17:40:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7611
content-type: text/css
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/includes/demos/tech/demo_style.css?ver=8.7.2
108.179.252.174200 OK 105 B URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/includes/demos/tech/demo_style.css?ver=8.7.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ab83e1398893c91aba754986fb4606bc
9da6ac302ab8bb640ce5695de515bedd6e8ff10a
b368429d70e1ec222976902544b883ede530dfb976d21df5ab9203c5343b5bbd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Newspaper/includes/demos/tech/demo_style.css?ver=8.7.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 21:51:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 105
content-type: text/css
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
skinsparaandroid.maicondroidoficial.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
108.179.252.174200 OK 17 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Jul 2022 17:40:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16594
content-type: text/css
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
108.179.252.174200 OK 4.6 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Dec 2020 18:30:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/plugins/easymega/style.css?ver=6.0.2
108.179.252.174200 OK 5.0 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/plugins/easymega/style.css?ver=6.0.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash ba243d5a11fb8e4e5d30ed6e9f72d4cd
d8a558b6c266bdfc8e1387de8da35d1fe20ed4a6
f1a935e3bf38a0645225131e44ed9bb55c62017cc40bcd3bf27c84e44321ff64
GET /wp-content/plugins/easymega/style.css?ver=6.0.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Oct 2021 17:40:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5038
content-type: text/css
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/plugins/deblocker/js/ads.min.js?ver=6.0.2
108.179.252.174200 OK 326 B URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/plugins/deblocker/js/ads.min.js?ver=6.0.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (427), with no line terminators
Hash 91821b08a7f4a65fd0c52b3c6466f1fb
c5fc96ed6426911baf4eba696068925197b8c3a4
99c8010bec1febab67aed4b5525572d7d4bc218f8f8cd9d54db843c4161bfa2f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/deblocker/js/ads.min.js?ver=6.0.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 23:54:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 326
content-type: application/javascript
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14361
Expires: Thu, 15 Sep 2022 20:59:10 GMT
Date: Thu, 15 Sep 2022 16:59:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14361
Expires: Thu, 15 Sep 2022 20:59:10 GMT
Date: Thu, 15 Sep 2022 16:59:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:28 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 66861
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1663004426
108.179.252.174200 OK 29 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1663004426
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash eccbfb72a34e8136730a46a420d195cf
7a39d3f9ec033c0d8ed3283522c46982157b848e
2271fbf4d1e648309cb1846c70ffa9d856b0641f54bd32af1ada373424c16e6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1663004426 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Sep 2022 17:40:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/category/wtds/
108.179.252.174200 OK 95 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/category/wtds/
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 516e46a705b2851cba9625b86bd7c2f9
42ea76a36b2f14244a76ad86316b47d2f08d2297
f02f273bc702d1de6cb0de19bff89fc6ffc1ee7b149224b9976d76cf7a10d10e
Analyzer Verdict Alert fortinet Phishing
GET /category/wtds/ HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://skinsparaandroid.maicondroidoficial.com/wp-json/>; rel="https://api.w.org/", <https://skinsparaandroid.maicondroidoficial.com/wp-json/wp/v2/categories/56>; rel="alternate"; type="application/json"
set-cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d; path=/; secure; HttpOnly
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 16:59:48 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:04 GMT
age: 69465
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: g4LYoK2-sx5QTvWPxwsh8yhHjOswmtzMB6d4N9YAvQOvspuvSFbJOA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:17:07 GMT
age: 67362
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 6a307dbf-af18-4b40-a2c4-cda4a6e302d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLe84HUzIAMFkUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631adeb8-166dc8b954f4e5b50a0843de;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 06:35:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qQaQeJRgo5OcpjqbzgyZQCl-pYpvj6P_aoB07WGfV0YXyZqv4AQNCg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:17 GMT
age: 69452
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
108.179.252.174200 OK 5.3 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 May 2022 11:51:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/plugins/easymega/assets/js/megamenu-wp.js?ver=1.0.1
108.179.252.174200 OK 7.4 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/plugins/easymega/assets/js/megamenu-wp.js?ver=1.0.1
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (313), with CRLF line terminators
Hash d5718c6fa36b89792909d204988218e5
4ad442afc8462662f90b8d6897ef9ea85c666e74
a8a94d5c8b4d1a4f0730c44212a21287b060ae970092c4c3fe1836500f9c0347
GET /wp-content/plugins/easymega/assets/js/megamenu-wp.js?ver=1.0.1 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 03 Oct 2021 17:40:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7376
content-type: application/javascript
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/plugins/gtranslate/flags/16/pt-br.png
108.179.252.174200 OK 687 B URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/plugins/gtranslate/flags/16/pt-br.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 363da7c647be7aefcf5505f4f89dc205
469d6084d160034d024af67b4d61c0ede98cfba6
f66c95e006d101dadb1678a583a35f52fbd20c7eb0cb05ff485019dbd0ce1d02
GET /wp-content/plugins/gtranslate/flags/16/pt-br.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 09 May 2022 17:40:52 GMT
accept-ranges: bytes
content-length: 687
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-1-218x150.jpeg
108.179.252.174200 OK 7.7 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-1-218x150.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 218x150, components 3\012- data
Hash 1f174d0c89358448ffff8ee13296649a
431d018f19ada537dd15f19eb5b292f04cba5074
fa560a6d629464787433a41294f3c01afdbba88f7469e3f0ae1feba69a58fd7f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/G-1-218x150.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 21:06:44 GMT
accept-ranges: bytes
content-length: 7738
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2018/12/hqdefault-100x70.jpg
108.179.252.174200 OK 3.1 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2018/12/hqdefault-100x70.jpg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 100x70, components 3\012- data
Hash 859b7db4d0701bceb88535321df67998
8cf41c77b6c582ac292b309050181c4738a32a37
2c366d69642f39aea9581184479aecdee4e58f5cf91bb3744170f1cca51c91aa
GET /wp-content/uploads/2018/12/hqdefault-100x70.jpg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jan 2021 01:45:46 GMT
accept-ranges: bytes
content-length: 3052
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-2-218x150.jpeg
108.179.252.174200 OK 8.2 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-2-218x150.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 218x150, components 3\012- data
Hash b19cfe79c94fa22994a1ee6a97da8d49
ad9d5c5b73025f2c626971c0c6c17f734521fb09
c746493e2b427ce7e187de64f2e212cf0ce0c711e53feac5dfcf80e42158093b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/G-2-218x150.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 21:07:44 GMT
accept-ranges: bytes
content-length: 8230
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-3-218x150.jpeg
108.179.252.174200 OK 8.8 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-3-218x150.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 218x150, components 3\012- data
Hash 8e9d9a0402c76b2b19d3320224e34107
f869d353ea88c2202013c52a98dff6d82b3fa65e
7d70723da28fc39b5f3eae57f7d65c517e355153be753245fe5caa47cd887537
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/G-3-218x150.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 21:08:59 GMT
accept-ranges: bytes
content-length: 8803
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-218x150.jpeg
108.179.252.174200 OK 8.1 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-218x150.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 218x150, components 3\012- data
Hash 7b6a30af761da23214054e124c51a344
a9a059c411e4a7a9f28fb70fa099e6153438f39d
aa31d14f44ea0c4d01656c5f144dd4b98f96db4fcd0bb10f70f0e3eb610d986a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/G-218x150.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 21:05:38 GMT
accept-ranges: bytes
content-length: 8063
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2018/10/AXOR-003-100x70.png
108.179.252.174200 OK 7.5 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2018/10/AXOR-003-100x70.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 05f0f774c561ea76393c2de91b3c2a05
ead662d712474d3971393647aac8c0ae1238be7a
b5e26a0768748f060a3fb5b2e3c45d8a8782499c7532eb10ef27d906aa196af2
GET /wp-content/uploads/2018/10/AXOR-003-100x70.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jan 2021 01:46:28 GMT
accept-ranges: bytes
content-length: 7505
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-7-265x198.jpeg
108.179.252.174200 OK 13 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-7-265x198.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 265x198, components 3\012- data
Hash 169273d4a43fde60602322bb61c927e1
c550b80f72eadd2cbeed607bc96e2bb079b6d5e3
8276575aa833c5e131435ac6491d1dca977bc8626ed294a702cc01700691fb86
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/G-7-265x198.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 21:13:00 GMT
accept-ranges: bytes
content-length: 12643
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2020/10/mq2-300x169.jpg
108.179.252.174200 OK 11 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2020/10/mq2-300x169.jpg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x169, components 3\012- data
Hash 6501f6930196dc33e0ff1fc6a97a0364
735dc739abffbf58ec9ca8508cbecfabb074e8f9
f14ec427b19e93b5478c991f8a39896a414cbd8b1f040b659479b6753f941aa2
GET /wp-content/uploads/2020/10/mq2-300x169.jpg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Oct 2020 10:02:56 GMT
accept-ranges: bytes
content-length: 11326
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-4-265x198.jpeg
108.179.252.174200 OK 12 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-4-265x198.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 265x198, components 3\012- data
Hash 35b89735847d51703dd736dde013c9c5
2cf9d3989b231d5e8e4ff0b26316777f5b2177b5
3a542179ed41ef96083b56ad2395d919b36849d2a1c8b72f069acaad839e6b7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/G-4-265x198.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 21:09:54 GMT
accept-ranges: bytes
content-length: 11746
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/04/ffmania-1.png
108.179.252.174200 OK 16 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/04/ffmania-1.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 175 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash b4fa5c45cea4c7a621a15ae98e51e501
ac228317cbc3a2fce578f3bfe41c32adb5bdb95c
2c0a6ace2ebcb0595c5266719e2a97ecb11682f51a1ddb29420a7cb5fa1dc0e3
GET /wp-content/uploads/2022/04/ffmania-1.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 00:14:52 GMT
accept-ranges: bytes
content-length: 15785
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-6-533x261.jpeg
108.179.252.174200 OK 27 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-6-533x261.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 533x261, components 3\012- data
Hash af19ed2cc715bd003a466f7d0356d407
59ef1fcae6c3fbda36eff57c443200a42edd2c1e
238638d8bb7adb2ff198419f3f0f8e7e3d6dea2eb5c7fe37fadcb7db91bd6144
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/G-6-533x261.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 21:12:11 GMT
accept-ranges: bytes
content-length: 26978
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-5-534x392.jpeg
108.179.252.174200 OK 38 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/G-5-534x392.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 534x392, components 3\012- data
Hash ffd53f36cb4f8ad0b4935cc808560a17
6a4490445e888cf7b83592b88aee8e5daf43b19c
aea3ea061195166a697633c5157a57fc584e669d48b7e766e986ce2748930c96
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/G-5-534x392.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Aug 2022 21:11:13 GMT
accept-ranges: bytes
content-length: 38531
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-6-218x150.png
108.179.252.174200 OK 51 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-6-218x150.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 218 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 393220e6b4bdbb8c35afe9208c957903
bcf9aa5b9456b9bba4339b1c7a5104f638021455
9a26c2519e7b8686486de996647dacf354f7d33d6a8d3c1d0825164d4b594c1f
GET /wp-content/uploads/2022/08/ffmania-1-6-218x150.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Aug 2022 02:18:41 GMT
accept-ranges: bytes
content-length: 51263
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-4-218x150.png
108.179.252.174200 OK 53 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-4-218x150.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 218 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash cacef2e3c217b30d431dff6dca67f7e9
4a338dfa92e00f4e71e86237bb5eeb027b662f0f
d5fb54d87ff9afb6c066d6a40f3fd87f3e59c764351cf209d881ef5eaf900ec1
GET /wp-content/uploads/2022/08/ffmania-1-4-218x150.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Aug 2022 02:15:03 GMT
accept-ranges: bytes
content-length: 52898
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-5-218x150.png
108.179.252.174200 OK 58 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-5-218x150.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 218 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 55d45c49bf46337c6e4aa0b897b394c5
b3567af4c81c9ee9cac9896be9784016034d9e1a
1a2b2673ee90219d92450194d4c813cd5137f89e6dad103c6322abe5e634a13b
GET /wp-content/uploads/2022/08/ffmania-1-5-218x150.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Aug 2022 02:17:31 GMT
accept-ranges: bytes
content-length: 57982
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-3-300x169.png
108.179.252.174200 OK 84 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-3-300x169.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 169, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c5bc14d3f34d9e78a69287e11dbbe87
33b1061cbeffc698818b7e40f342a87eef468e9f
5db2565cd0f3aaa18aacf55ee3eef773e0a8db76df087a1afe1c1c97bd6e67b5
GET /wp-content/uploads/2022/08/ffmania-1-3-300x169.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 20:23:42 GMT
accept-ranges: bytes
content-length: 83771
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-2-300x169.png
108.179.252.174200 OK 93 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-2-300x169.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 169, 8-bit/color RGBA, non-interlaced\012- data
Hash 204ad784eee44986273dddcf46c036e0
be699630305902095504c28662d9a3c6db4f3495
e941bbae8b41563c17d9cf661c61d9fe9504ced185ddf90392d8671cd2bb6804
GET /wp-content/uploads/2022/08/ffmania-1-2-300x169.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 20:22:42 GMT
accept-ranges: bytes
content-length: 92696
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-300x169.png
108.179.252.174200 OK 85 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/08/ffmania-1-300x169.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 169, 8-bit/color RGBA, non-interlaced\012- data
Hash 439f4249c718adac1303a5ffe81d371a
e788c83fa4192613987dcfd31295564c9e181d30
8d270b304dba135d8563e44d34325b44f516db753edc8dcb42b32c6c0c568125
GET /wp-content/uploads/2022/08/ffmania-1-300x169.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 19:46:13 GMT
accept-ranges: bytes
content-length: 84758
content-type: image/png
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:12:26 GMT
expires: Thu, 15 Sep 2022 17:12:26 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 2843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
skinsparaandroid.maicondroidoficial.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
108.179.252.174200 OK 40 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 78c0add067b51330449bac20fc538855
df408d76263ed911f3a72b29727ce5e12f39a118
a8aefb83e0f96d9a9ef626d5bd7e5d0e5a63722ffbcdb1d41285e540f2165d89
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 Aug 2021 16:10:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 203328
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Hash eec8dbfc49267c4d33cf31b49661bf37
0f49d4563cf9e22e3af6907d0785b9a6facadbf0
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:48:16 GMT
expires: Thu, 14 Sep 2023 19:48:16 GMT
cache-control: public, max-age=31536000
age: 76293
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.163200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 18:59:14 GMT
expires: Tue, 12 Sep 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 252035
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:47:56 GMT
expires: Thu, 14 Sep 2023 19:47:56 GMT
cache-control: public, max-age=31536000
age: 76313
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 02:02:22 GMT
expires: Sun, 10 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 485847
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 77141
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 77141
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?14
108.179.252.174200 OK 19 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?14
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 19432, version 0.0\012- data
Hash d423a62e0a990c2daa4ceac164f3e3e1
dc70565e47655d3b2d0d3d1a2634f2e1c474604c
b420750157155826f2ef022f425579bca244f39d0a91ece03c5b3cbae5e52334
GET /wp-content/themes/Newspaper/images/icons/newspaper.woff?14 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/style.css?ver=8.7.2
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 21:51:04 GMT
accept-ranges: bytes
content-length: 19432
content-type: font/woff
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5729
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Last-Modified: Thu, 15 Sep 2022 15:24:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3f94c38b92316f91765ceed606f9f4ea
03442fbbe884ceac60c9585a8bbc0b87278523fd
70df317dbe22ae71bcc285fc0ea2185a11822856187a6c235c758df3f63eb75f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0dfd060e0fb8dec42e8f52f8db247b61
d6f33b6390aa9a4b34375d58009977926bc1fff3
17e3d9698e2cd4caf0cbf66b71393b473300fb9a8a4b6f7b97f421e93d54ec44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/pt_BR/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash b417b2c6a62d7791f4a2bd08d609a899
b4ae8f21eda31655db0544ed86ebbd131f49b44f
45b0d7c2ad39c08eaa809f1f2e91742d970e794d4bb85672748c3fd4d47f4879
GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c326ff9a1eb7e46eba7c113dbd4d76fe
etag: "f531229954ee7363b677447abaa77186"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 15 Sep 2022 17:12:26 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: tBeyxqYtd5H0or0I1gmomQ==
x-fb-debug: yE+tM+6BFd83NwXlKFdhhdE8vZYwSnMPVoAyllA948tcgfIud6+N7qh45kbCtdkFVQF4Ahf5nUrGsURCWFBgYw==
content-length: 1686
x-fb-trip-id: 1904183273
date: Thu, 15 Sep 2022 16:59:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3566942910986763
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3566942910986763
IP 216.58.211.2:0
File type ASCII text, with very long lines (2903)
Hash a53751f0251117ab178f1384f470e5ea
2be15fc6640d1662106b2ae7c88b63f9d43ec2e0
5f155a9c29a41463dc55c75cb1fff46290e5a4b1be0cc5084c6eacf99b853f30
GET /pagead/js/adsbygoogle.js?client=ca-pub-3566942910986763 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 15 Sep 2022 16:59:50 GMT
expires: Thu, 15 Sep 2022 16:59:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4473624524197501067
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58083
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5729
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Last-Modified: Thu, 15 Sep 2022 15:24:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=8.7.2
108.179.252.174200 OK 105 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=8.7.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 105 kB (104680 bytes)
Hash 80687b4227a54ccf2e2c8f6baafcc68f
7b00285231fa50e3b73ad50fdb846a1e1dac7799
098a2dad944df3e3e2ca8bc235f442f8f3b9d866eba50aa71004c66be4e85043
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=8.7.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 21:51:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (2903)
Hash ec6ba2d07cf748ba524c880a81ccfb52
8da85f0ea0a451c543ba4df2fd2b5c1041ca1d9f
7121d875efa1a472b6952cba649b398bb177dba045886a1aef7a63e6997bc337
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 15 Sep 2022 16:59:50 GMT
expires: Thu, 15 Sep 2022 16:59:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2136566426167520519
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/04/cropped-ffmania-1-32x32.png
108.179.252.174200 OK 2.7 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2022/04/cropped-ffmania-1-32x32.png
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a6c2ab24af502625fded5f3e6b470d6
4a5e4042ae9c6ddaf9315a921a2f3419875fd97c
9ec60c3e68bad23c0634577620243aad2f8a18a411daec61bdaae6ef5a790f0f
GET /wp-content/uploads/2022/04/cropped-ffmania-1-32x32.png HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 14:55:32 GMT
accept-ranges: bytes
content-length: 2710
content-type: image/png
date: Thu, 15 Sep 2022 16:59:50 GMT
server: Apache
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (2903)
Hash 1db2c21973f51e96fa03fe3e3539748f
f8568b61b715df63201bfc91ed192892a56092d7
10dab60a684d619c7fe0699ef5022fe2979fc58e43d51ac3747bc7948fb27d10
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 15 Sep 2022 16:59:50 GMT
expires: Thu, 15 Sep 2022 16:59:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2890267806434975333
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2021/02/indice.jpg
108.179.252.174200 OK 7.1 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2021/02/indice.jpg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 234x60, components 3\012- data
Hash b03e1c84fcfb38cc08113e7989ac582a
c8cda5412876c42b18c7dc82c19a11ced35b6881
a3f05e6f5bf865c0f8cf540ae74791451dec581806c48a3e399c6bb52511b145
GET /wp-content/uploads/2021/02/indice.jpg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 14:21:28 GMT
accept-ranges: bytes
content-length: 7070
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:50 GMT
server: Apache
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2021/02/WhatsApp-Image-2021-02-23-at-11.05.07.jpeg
108.179.252.174200 OK 116 kB URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/uploads/2021/02/WhatsApp-Image-2021-02-23-at-11.05.07.jpeg
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 646x808, components 3\012- data
Size 116 kB (115955 bytes)
Hash 9079573d85d5d15fdabcc4654f2e0b7b
9aa07db870c7d9f1fd0ec9e8986f652967c30516
eb9cf3f90d590706a8cc3074d57d72b2ca7fffee0dae63ab97dfe51e776273b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/02/WhatsApp-Image-2021-02-23-at-11.05.07.jpeg HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 14:24:14 GMT
accept-ranges: bytes
content-length: 115955
content-type: image/jpeg
date: Thu, 15 Sep 2022 16:59:50 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3f94c38b92316f91765ceed606f9f4ea
03442fbbe884ceac60c9585a8bbc0b87278523fd
70df317dbe22ae71bcc285fc0ea2185a11822856187a6c235c758df3f63eb75f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.211.2200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (2903)
Hash 2ba0dfdfb2b50e012950bfad7775cad5
e77432418e51d564a73d04d4452c28b7be8215d7
27d978f33db0a37e4bf71f870814b94bed4cf30516efba2fd9fabc552eb51eb4
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 15 Sep 2022 16:59:50 GMT
expires: Thu, 15 Sep 2022 16:59:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1999235330143082545
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 848674a3bc6b0d4d6cba22b140c574bc
ec95f08f3a5b022c3753f78e30f71d03e2895d78
069aaae82ec20e5bbcc694f9603bded464798891e5e2abc27baadeace22f6a05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220912/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220912/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:33:55 GMT
expires: Wed, 28 Sep 2022 19:33:55 GMT
cache-control: public, max-age=1209600
age: 77155
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6fc62e4078ff707d0c2c520ce9045977
80a2397efeecf888da5c8eadd8676675dfcf8872
315197aceb6f025fa81f15ec1118060c1da8dd4d43e92183941265457f83ba4e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 16:59:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 17:56:50 GMT
Expires: Wed, 21 Sep 2022 17:56:49 GMT
Etag: "80a2397efeecf888da5c8eadd8676675dfcf8872"
Cache-Control: max-age=521218,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b2ea464ffcb518-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.dtscout.com/i/?l=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&j=
51.89.99.21200 OK 2.4 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&j=
IP 51.89.99.21:0
File type ASCII text, with very long lines (2077)
Hash eeddc8bda4ef62b1f028b0ad5eaef558
b7b4f67024d1824f1b8d790601f89f0e34323d74
260af059a282fc14974acae34eed706329c0ae28e223dd4595d316b1c55816a4
GET /i/?l=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 15 Sep 2022 16:59:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: ger1
Set-Cookie: m=1; Domain=dtscout.com; Expires=Thu, 15-Sep-2022 18:23:10 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Thu, 15-Sep-2022 20:59:50 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1663261190; Domain=dtscout.com; Expires=Sat, 24-Dec-2022 16:59:50 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.594
Expires: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: no-cache
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.170200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.170:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 15 Sep 2022 16:59:50 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Thu, 15 Sep 2022 16:59:50 GMT
set-cookie: NID=511=gLrRKa55Qmi_-xb9afF52udfhSqxTXdOUgiWbHVCBzfCiLRSgKyTrST_V15mCbQkpkBJ7et93UPh5TLaUmJKVZPrze4VuBhAirLsFCdBFhJr06P7q9AKMk70b28tiZWVIh90ZnUrb5vHLC1ZkDI5nZyOzI4rwnHy-aMKjqn1xqQ; expires=Fri, 17-Mar-2023 16:59:50 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+963; expires=Sat, 14-Sep-2024 16:59:50 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=skinsparaandroid.maicondroidoficial.com&_ss=hvbedqygku&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=46t4&_cb=_dtspv.c
51.89.99.21200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=skinsparaandroid.maicondroidoficial.com&_ss=hvbedqygku&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=46t4&_cb=_dtspv.c
IP 51.89.99.21:0
File type ASCII text, with no line terminators
Hash d26d735cd8f746981e51b2450be0f35b
79947c0b33bc6ab432b9f266cb5be072468731fb
ac9a19bf6607990abf89520a1b35dfbeafab3e75644fbd01a4edf2ed8ad5cebb
GET /pv/?_a=v&_h=skinsparaandroid.maicondroidoficial.com&_ss=hvbedqygku&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=46t4&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Cookie: m=1; oa=1; df=1663261190
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 15 Sep 2022 16:59:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.204
X-C: 0
Expires: Thu, 15 Sep 2022 16:59:49 GMT
Cache-Control: no-cache
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash cc788e55ed8cfa7cc66a0b24b471dc4d
2d795d4e4a02b84ba011ff7fec09fd99901537bb
cd018c4a8af4e8100b2b419413313ff60e369e1ddea3f834e0a1f0e9d9363c8b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 16:59:50 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 19 Sep 2022 15:34:47 GMT
ETag: "2d795d4e4a02b84ba011ff7fec09fd99901537bb"
Last-Modified: Thu, 15 Sep 2022 15:34:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2788
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b2ea489816b51e-OSL
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 15 Sep 2022 16:41:12 GMT
expires: Thu, 15 Sep 2022 18:41:12 GMT
cache-control: public, max-age=7200
age: 1118
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash 034d4604beaddff5783b9878fadfaee6
64d5e1e0dbbbd62d6a64349dd964763b7ab4cbea
f8a957ee3468693f465da61d899438a2b674369b80c9d5c9ffff1111a7091290
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 71985
date: Thu, 15 Sep 2022 16:59:50 GMT
access-control-allow-origin: *
etag: "63216d10-11931"
expires: Thu, 15 Sep 2022 17:59:50 GMT
last-modified: Wed, 14 Sep 2022 08:56:32 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.0 kB IP 142.250.74.3:0
Hash 2da7f0fe95ff535ad628ffe660f8d001
3373f8103f4e86e240ad2af8c161758fe7902596
03035231bb2304a2652170a9515ced0f641117fcb640c8b12f1299977bfe4e98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db503d6c6780cb1b8dfeffa10a50eada
51a459bdc02f20576031f526be6788f653095d94
b7a653d3c381c6cea5b6838aea01a7de8ea5c2d8bdf5ff92c4cd5c22829c8e8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6971ad04397ebe0a117d03ae5c1de8c5
5179eab2d14b4c8c52c00fd6bf2953fb98ad5b8f
97a64e5b9bf5e3e347b23e4bbf41aa0fe6ffd379d50b379770f5c7347e6bb248
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=skinsparaandroid.maicondroidoficial.com&callback=_gfp_s_&client=ca-pub-3566942910986763
172.217.21.162200 OK 207 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=skinsparaandroid.maicondroidoficial.com&callback=_gfp_s_&client=ca-pub-3566942910986763
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 3f3a27e54c50ef34fbbc17e1200f9e04
2a5f02374dd75f249c3ac86104504b8bc300f968
5aca9d398486a1e6b9261ed1ac60269a419809b350c7b4aaf726adc997f2b270
GET /gampad/cookie.js?domain=skinsparaandroid.maicondroidoficial.com&callback=_gfp_s_&client=ca-pub-3566942910986763 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 16:59:50 GMT
server: cafe
cache-control: private
content-length: 207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 16:59:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=01sbncs3z2&t=WTDS%20%7C%20SKINS%20WORLD&c=d&x=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&y=&a=0&v=27&r=7715
172.67.8.141200 OK 148 B URL HTTP/2 whos.amung.us/pingjs/?k=01sbncs3z2&t=WTDS%20%7C%20SKINS%20WORLD&c=d&x=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&y=&a=0&v=27&r=7715
IP 172.67.8.141:0
File type ASCII text, with no line terminators
Hash 32f95cc48b1f559d9d07b3dbf5b23107
1325dcd5b647e5e7a5516406e93307baacd80e06
609bf789c4c59684ecc56b818187b6fad128829e8cf4dbf6bf1c66feb64f497c
GET /pingjs/?k=01sbncs3z2&t=WTDS%20%7C%20SKINS%20WORLD&c=d&x=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&y=&a=0&v=27&r=7715 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 16:59:50 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b2ea495f62b51b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5c5d3d907a3f1200abaf8498135f7196
7bcc003762243409d8d94a0afd8ba7712a08e4fa
96524e2083d0bd0052309077ec068010a30b490d7470bfe432af50765c30d051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6971ad04397ebe0a117d03ae5c1de8c5
5179eab2d14b4c8c52c00fd6bf2953fb98ad5b8f
97a64e5b9bf5e3e347b23e4bbf41aa0fe6ffd379d50b379770f5c7347e6bb248
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 88585c9219a9ce565c70ecc0c28bd40a
cff3c785936486cc9800b38bf9b37e9d424c9a89
d3f4f585b326c19f0279b48de7dc23fe9d2ced370b7176b48f58b92a5337f223
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 16:59:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 23:33:41 GMT
Expires: Wed, 21 Sep 2022 23:33:40 GMT
Etag: "cff3c785936486cc9800b38bf9b37e9d424c9a89"
Cache-Control: max-age=541429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b2ea4ade09b518-OSL
mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A305147778074%3Ahid%3A535684819%3Az%3A0%3Ai%3A20220915165935%3Aet%3A1663261176%3Ac%3A1%3Arn%3A672467516%3Arqn%3A1%3Au%3A1663261176243865535%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663261171925%3Ads%3A0%2C412%2C625%2C0%2C694%2C0%2C%2C975%2C15%2C%2C%2C%2C2751%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663261176%3At%3AWTDS%20%7C%20SKINS%20WORLD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 3.3 kB URL HTTP/2 mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A305147778074%3Ahid%3A535684819%3Az%3A0%3Ai%3A20220915165935%3Aet%3A1663261176%3Ac%3A1%3Arn%3A672467516%3Arqn%3A1%3Au%3A1663261176243865535%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663261171925%3Ads%3A0%2C412%2C625%2C0%2C694%2C0%2C%2C975%2C15%2C%2C%2C%2C2751%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663261176%3At%3AWTDS%20%7C%20SKINS%20WORLD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type gzip compressed data, max compression\012- data
Hash 4027b95022568bce76b359cfa0ec7119
aed4797234b339c1829e961276501ca70d4e1bfa
4f0a72abb8579084f1898bbc80899c2c23eaebc40da85aa6d1261cc2dc7b6f66
GET /watch/26812653?wmode=7&page-url=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A305147778074%3Ahid%3A535684819%3Az%3A0%3Ai%3A20220915165935%3Aet%3A1663261176%3Ac%3A1%3Arn%3A672467516%3Arqn%3A1%3Au%3A1663261176243865535%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663261171925%3Ads%3A0%2C412%2C625%2C0%2C694%2C0%2C%2C975%2C15%2C%2C%2C%2C2751%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663261176%3At%3AWTDS%20%7C%20SKINS%20WORLD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A2737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A305147778074%3Ahid%3A535684819%3Az%3A0%3Ai%3A20220915165935%3Aet%3A1663261176%3Ac%3A1%3Arn%3A672467516%3Arqn%3A1%3Au%3A1663261176243865535%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663261171925%3Ads%3A0%2C412%2C625%2C0%2C694%2C0%2C%2C975%2C15%2C%2C%2C%2C2751%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663261176%3At%3AWTDS%20%7C%20SKINS%20WORLD&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 15 Sep 2022 16:59:50 GMT
access-control-allow-origin: https://skinsparaandroid.maicondroidoficial.com
set-cookie: yandexuid=9564243911663261190; Expires=Fri, 15-Sep-2023 16:59:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9564243911663261190; Expires=Fri, 15-Sep-2023 16:59:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1518805821663261190; Path=/; SameSite=None; Secure
i=2g+wPxre2SCXo+dIaOISQC5NR4h/kIEDOITPaFselXo6mRTGZXYkO7m4NHoEQbMuCx+jC0i4RgtbOBSMMK3FeNJ7scw=; Expires=Sun, 12-Sep-2032 16:59:46 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694797190.yrts.1663261190#1694797190.yrtsi.1663261190; Expires=Fri, 15-Sep-2023 16:59:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 15-Sep-2022 16:59:50 GMT
last-modified: Thu, 15-Sep-2022 16:59:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 15 Sep 2022 16:59:51 GMT
access-control-allow-origin: *
etag: "63216d10-2b"
expires: Thu, 15 Sep 2022 17:59:51 GMT
accept-ranges: bytes
last-modified: Wed, 14 Sep 2022 08:56:32 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-5881FJWP5D>m=2oe9e0&_p=1550009837&gdid=dZTNiMT&cid=579558540.1663261175&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663261175&sct=1&seg=0&dl=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&dt=WTDS%20%7C%20SKINS%20WORLD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-5881FJWP5D>m=2oe9e0&_p=1550009837&gdid=dZTNiMT&cid=579558540.1663261175&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663261175&sct=1&seg=0&dl=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&dt=WTDS%20%7C%20SKINS%20WORLD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5881FJWP5D>m=2oe9e0&_p=1550009837&gdid=dZTNiMT&cid=579558540.1663261175&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663261175&sct=1&seg=0&dl=https%3A%2F%2Fskinsparaandroid.maicondroidoficial.com%2Fcategory%2Fwtds%2F&dt=WTDS%20%7C%20SKINS%20WORLD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://skinsparaandroid.maicondroidoficial.com
date: Thu, 15 Sep 2022 16:59:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
104.18.36.173200 OK 6.7 kB IP 104.18.36.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 16:59:51 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 179144
expires: Sun, 18 Sep 2022 16:59:51 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 74b2ea4c1a9db51b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 377139fa706b038c106d663d1c7c402a
7337cfac49077bc4fd74b2e4a405d4391176f585
9aa6fb206804f92cadb70ef6a3cf1b0d0b117be62166923c98b25c8a9c66bb3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 377139fa706b038c106d663d1c7c402a
7337cfac49077bc4fd74b2e4a405d4391176f585
9aa6fb206804f92cadb70ef6a3cf1b0d0b117be62166923c98b25c8a9c66bb3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash 34b2553c81f6d1c9657279fb7b442ed4
d9d429ce26701d5a3066c7afb317325142335e7a
84de9c76b4119c9999898bce7580862de9972f7bbb856b31fa312de599d3c719
GET /pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7572
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:57:34 GMT
expires: Thu, 29 Sep 2022 16:57:34 GMT
cache-control: public, max-age=1209600
etag: 3190241002381566568
content-type: text/javascript; charset=UTF-8
age: 137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1621)
Hash 7e888996f5ec4d6d10719f3590e2a039
2f0ae16ad59b7912e523490469b872409d446c0b
8bed40e35ae97cc3e97f4d7d02941dd56aa3bb84f28288899b068dfb5c8238c5
GET /pagead/js/r20220912/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9560
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:00:24 GMT
expires: Thu, 29 Sep 2022 16:00:24 GMT
cache-control: public, max-age=1209600
etag: 8244505166375133744
content-type: text/javascript; charset=UTF-8
age: 3567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---&t=WTDS%20%7C%20SKINS%20WORLD
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---&t=WTDS%20%7C%20SKINS%20WORLD
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---&t=WTDS%20%7C%20SKINS%20WORLD HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 16:59:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---&t=WTDS%20%7C%20SKINS%20WORLD
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---&t=WTDS%20%7C%20SKINS%20WORLD
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---&t=WTDS%20%7C%20SKINS%20WORLD HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 16:59:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!01sbncs3z2&dn=TC&cc=1&r=&us_privacy=1---
67.202.105.34200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!01sbncs3z2&dn=TC&cc=1&r=&us_privacy=1---
IP 67.202.105.34:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!01sbncs3z2&dn=TC&cc=1&r=&us_privacy=1--- HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Fri, 16 Sep 2022 16:59:51 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Thu, 15 Sep 2022 16:59:50 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1--- HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 16:59:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1--- HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 16:59:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 16:59:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=skinsparaandroid.maicondroidoficial.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 16:59:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1--- HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 16:59:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1---
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!01sbncs3z2&lm=0&ts=1663261175805&dn=TC&iso=0&us_privacy=1--- HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Sep 2022 16:59:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 979014a2d4b501776633e545cb609b6e
2389a69c87bcb1b5d962361cec5a71bd43ba0b3b
26f3609adf40f444aa7770872be9a73c083ffe711a6caed25208c1fc00d709b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/drt/ui
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 15 Sep 2022 16:59:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:21 GMT
expires: Thu, 14 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 77131
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20784, version 1.0\012- data
Hash e11c810c086df83c0876dd59ed32ebcb
b89fe2ed6d016f81af13b35797ad2b0e2e5c6822
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
GET /s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:12:05 GMT
expires: Wed, 13 Sep 2023 22:12:05 GMT
cache-control: public, max-age=31536000
age: 154067
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21428, version 1.0\012- data
Hash 965bbfea8a5db5aea3a63da8c5b3d570
ce645f4adf18c4ff26251610878969c9562de69f
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
GET /s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:19:10 GMT
expires: Wed, 13 Sep 2023 22:19:10 GMT
cache-control: public, max-age=31536000
age: 153642
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/dynamic/5/387699974/5053447765314902166_12552268931958298609.png
216.58.207.230200 OK 13 kB URL HTTP/2 static.doubleclick.net/dynamic/5/387699974/5053447765314902166_12552268931958298609.png
IP 216.58.207.230:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 01ae345bfaea65649ba7e67ed4bc2f14
45236e1adcf36320519c246d96aef9a451ab8567
90d35f43a79920693232e90aacd8723b86677392b87b10d8b68d74495ee5e678
GET /dynamic/5/387699974/5053447765314902166_12552268931958298609.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 12719
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 05:30:46 GMT
expires: Fri, 15 Sep 2023 05:30:46 GMT
cache-control: public, max-age=31536000
age: 41347
last-modified: Thu, 14 Jul 2022 11:08:43 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5cb573d3c9bcfd0aca93d5064638773c
8389db960285c5b7a5a3beaa026b0ece6b362d8a
618e5bc351dfee8d072d1357971e52a5891de7d89e8cfc57affc7ddc55082e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/dynamic/5/387699974/10945498523041575299_17768809492648905713.png
216.58.207.230200 OK 36 kB URL HTTP/2 static.doubleclick.net/dynamic/5/387699974/10945498523041575299_17768809492648905713.png
IP 216.58.207.230:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 8b7ea13b29162a11f1c86141b69d8b63
c1683330765df66ae272da8de78ff667f36c1e15
ec83ac28a9f67cda7139aa2d19b8621033174fe39b52e130312a369b9df5b533
GET /dynamic/5/387699974/10945498523041575299_17768809492648905713.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 35589
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 07:18:25 GMT
expires: Mon, 11 Sep 2023 07:18:25 GMT
cache-control: public, max-age=31536000
age: 380488
last-modified: Thu, 14 Jul 2022 11:16:32 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/387699974/14828616190128623650_7882149980660202777.png
216.58.207.230200 OK 232 kB URL HTTP/2 static.doubleclick.net/dynamic/5/387699974/14828616190128623650_7882149980660202777.png
IP 216.58.207.230:0
File type PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced\012- data
Size 232 kB (232265 bytes)
Hash 1352dfe32787aeb4a54cb513001db4d7
2c1039f7022f625648b3fbd9bbc5874331eb8910
1a914526fa62c04d41cf813d271f5bd0d9e9ae7d84e6a6675e1ffcd9ad17aeb7
GET /dynamic/5/387699974/14828616190128623650_7882149980660202777.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 232265
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 12:33:43 GMT
expires: Fri, 15 Sep 2023 12:33:43 GMT
cache-control: public, max-age=31536000
age: 15970
last-modified: Thu, 14 Jul 2022 11:16:36 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/387699974/11019162564889058551_15235904223015429275.png
216.58.207.230200 OK 41 kB URL HTTP/2 static.doubleclick.net/dynamic/5/387699974/11019162564889058551_15235904223015429275.png
IP 216.58.207.230:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 74de38f31955f7f81394d422b063bfc1
89bcd262ee5808533fc91ee6e5bb9e86b7c2a4a6
6071db1e20d7c252b867c7d903bba4016b7f2118530f98b80dcff7db59b0a731
GET /dynamic/5/387699974/11019162564889058551_15235904223015429275.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 41057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 10:35:29 GMT
expires: Sat, 09 Sep 2023 10:35:29 GMT
cache-control: public, max-age=31536000
age: 541464
last-modified: Thu, 14 Jul 2022 11:08:46 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/206675363/5739049790461323286_16912361168850392621.jpeg
216.58.207.230200 OK 75 kB URL HTTP/2 static.doubleclick.net/dynamic/5/206675363/5739049790461323286_16912361168850392621.jpeg
IP 216.58.207.230:0
File type JPEG image data, progressive, precision 8, 600x600, components 3\012- data
Hash 6bb511cb3000dc83884f7c679bbf5f47
c94c89e705d04713eff3603cd3003c0ab9616c7e
51da980185c71c29ef32bd263b4476630ba9c42cd32d4aeb53e1d5f8d8c05d0d
GET /dynamic/5/206675363/5739049790461323286_16912361168850392621.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 74795
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 12:48:34 GMT
expires: Sat, 09 Sep 2023 12:48:34 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 09 Sep 2022 03:00:08 GMT
content-type: image/jpeg
age: 533479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/387699974/14557465553715579394_2031701608257038105.jpeg
216.58.207.230200 OK 46 kB URL HTTP/2 static.doubleclick.net/dynamic/5/387699974/14557465553715579394_2031701608257038105.jpeg
IP 216.58.207.230:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x512, components 3\012- data
Hash b16f1eb3dfaef1aac304b9252fc6676e
f07652e23c9cab2e4e2b05f5a1b263d435b5ec01
3f2dcc769f4200db57ed36b1d8ed8ca9ab7606a0ae813d4c396b1f10430971d4
GET /dynamic/5/387699974/14557465553715579394_2031701608257038105.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 46306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 10:57:25 GMT
expires: Fri, 15 Sep 2023 10:57:25 GMT
cache-control: public, max-age=31536000
age: 21748
last-modified: Thu, 14 Jul 2022 11:10:43 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/206675363/18155074755577167960_4918554488364016110.jpeg
216.58.207.230200 OK 84 kB URL HTTP/2 static.doubleclick.net/dynamic/5/206675363/18155074755577167960_4918554488364016110.jpeg
IP 216.58.207.230:0
File type JPEG image data, progressive, precision 8, 600x600, components 3\012- data
Hash f91f7d9d4801afe2b289fb0de7c02298
8b98fab8620951fecd61dee4149b933387afa755
3a2e21398d24271b851e1c603a471d43d2f7a1dde989c397b059591b04b1d46c
GET /dynamic/5/206675363/18155074755577167960_4918554488364016110.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 83891
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:49:23 GMT
expires: Thu, 14 Sep 2023 05:49:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 02:16:53 GMT
content-type: image/jpeg
age: 126630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/387699974/15942174459147401817_1511321337859987076.png
216.58.207.230200 OK 240 kB URL HTTP/2 static.doubleclick.net/dynamic/5/387699974/15942174459147401817_1511321337859987076.png
IP 216.58.207.230:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size 240 kB (240210 bytes)
Hash 52cabe67f3dfb7298458e43f81bb3fb4
165ba05a6e917858a49e674d4fdddceb0786917d
0e9569fc5016937918cec922b85878ed47c7b03a4be785f0a0897af94cc2e692
GET /dynamic/5/387699974/15942174459147401817_1511321337859987076.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 240210
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 04:55:38 GMT
expires: Sat, 09 Sep 2023 04:55:38 GMT
cache-control: public, max-age=31536000
age: 561855
last-modified: Thu, 14 Jul 2022 11:07:42 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c51675fd352c7db13261c905bfaa8342
85ac07e4592d413c55c204d4e52118be5bdd39cb
ffcbfefcb252a9ed446122906b75c29ca2aa64460ddbd912542d12bc68be9fd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 16:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env
216.58.211.2200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env
IP 216.58.211.2:0
File type JSON data\012- , ASCII text, with very long lines (14482), with no line terminators
Hash 49ca8f3b7a7e6951c54d64d5688b8886
35f2c794ae138bc0f1948b48acabfe90fb54b6fe
ff322d5d84f4e824d01115d1c9788380a6dc6df617e8fc14cce1a0a5f6741ae8
GET /getconfig/sodar?sv=200&tid=gda&tv=r20220912&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skinsparaandroid.maicondroidoficial.com
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Sep 2022 16:59:53 GMT
server: cafe
cache-control: private
content-length: 10999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/206675363/12087806422231838517_9146618617033836075.jpeg
216.58.207.230200 OK 0 B URL HTTP/2 static.doubleclick.net/dynamic/5/206675363/12087806422231838517_9146618617033836075.jpeg
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynamic/5/206675363/12087806422231838517_9146618617033836075.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 72725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 06:33:20 GMT
expires: Thu, 14 Sep 2023 06:33:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 02:05:56 GMT
content-type: image/jpeg
age: 123993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a05eafb022d09a0c88432fe018f2c325
b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94
91b3994632d954d1c93ee53a46d2d8850ebe387af40962aad787d341b742e9f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: 23ab295a-91a0-4a91-ba26-8302088a50c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNxvmEPIIAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bc996-10ccfaf45b93ef066901573d;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 23:17:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rM-kSnE6-SpiiNFAEsMmAUgxlgMDYun5zKMwTqvnM1BQcryism74gA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:18 GMT
age: 69458
etag: "b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/style.css?ver=8.7.2
108.179.252.174200 OK 0 B URL HTTP/2 skinsparaandroid.maicondroidoficial.com/wp-content/themes/Newspaper/style.css?ver=8.7.2
IP 108.179.252.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/Newspaper/style.css?ver=8.7.2 HTTP/1.1
Host: skinsparaandroid.maicondroidoficial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/category/wtds/
Cookie: PHPSESSID=d0fab1ac47ceac780984d6035273206d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 22:22:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 15 Sep 2022 16:59:49 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.2
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.2
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js?ver=6.0.2 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 16:59:49 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3089
expires: Sun, 18 Sep 2022 16:59:49 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 74b2ea4028be1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.7.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.7.2
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.7.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 16:59:49 GMT
date: Thu, 15 Sep 2022 16:59:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
waust.at/d.js
104.26.5.7200 OK 0 B IP 104.26.5.7:0
GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 16:59:49 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:49 GMT
etag: W/"630d01a1-397a"
expires: Fri, 16 Sep 2022 16:24:06 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 2143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNLvgBRNn8hh6YTWfnvtMAKFIoT9BzJTfzdl0%2FXQI4VkKu5I3KRCOgQcx2fRBRgj57RI8CaxKEmJHR6EQ%2BiJZ8VmXarE8hGCRrbiXP4iPaTA%2FvPkRLpvrUFs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b2ea403b700b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
dtsedge.com/ping/?t=0&d=skinsparaandroid.maicondroidoficial.com
104.21.9.70200 OK 0 B URL HTTP/2 dtsedge.com/ping/?t=0&d=skinsparaandroid.maicondroidoficial.com
IP 104.21.9.70:0
GET /ping/?t=0&d=skinsparaandroid.maicondroidoficial.com HTTP/1.1
Host: dtsedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 16:59:50 GMT
content-type: application/javascript
x-t: 0.49
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DT8bg9EpYFgBjmZsCSfHPc4xRtxq%2FbGK1piFCtayn7a3E%2FxGCDNmcGx0ubREqwPVEl5QK0rloUffRIhsjqX2nc%2BVGRqK0RGvZE4C33h%2FSxrJmO6stW5b6mtOMdWnUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74b2ea484faab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/387699974/6454037974252263841_944486977336647516.png
216.58.207.230200 OK 0 B URL HTTP/2 static.doubleclick.net/dynamic/5/387699974/6454037974252263841_944486977336647516.png
IP 216.58.207.230:0
GET /dynamic/5/387699974/6454037974252263841_944486977336647516.png HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 181600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 07:31:36 GMT
expires: Fri, 15 Sep 2023 07:31:36 GMT
cache-control: public, max-age=31536000
age: 34097
last-modified: Thu, 14 Jul 2022 11:09:12 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yastatic.net/share2/share.js
178.154.131.216200 OK 0 B URL HTTP/2 yastatic.net/share2/share.js
IP 178.154.131.216:0
GET /share2/share.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 15 Sep 2022 16:59:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
content-encoding: br
etag: W/"d62795f125042b279514d9fb23f826fc"
expires: Sun, 18 Sep 2022 04:56:46 GMT
last-modified: Tue, 21 Jun 2022 14:09:09 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, noarchive, nofollow
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.46:0
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skinsparaandroid.maicondroidoficial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 15 Sep 2022 16:59:49 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+493; expires=Sat, 14-Sep-2024 16:59:49 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2