Overview

URLappskingo.com/asd/
IP 104.21.52.244 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 10:48:48 UTC
StatusLoading report..
IDS alerts0
Blocklist alert9
urlquery alerts No alerts detected
Tags None

Domain Summary (24)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
appskingo.com (2) 595806 2019-11-12 09:13:24 UTC 2022-11-25 01:58:17 UTC 172.67.205.213
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-11-25 08:24:51 UTC 104.21.84.149 Unknown ranking
onmarshtompor.com (1) 24517 2020-10-19 12:36:32 UTC 2022-11-25 07:57:17 UTC 139.45.197.243
nanouwho.com (5) 0 2022-07-09 20:30:29 UTC 2022-11-24 11:37:18 UTC 139.45.197.242 Unknown ranking
ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
ocsp.digicert.com (7) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
betotodilea.com (6) 52465 2021-08-17 07:55:50 UTC 2022-11-24 11:55:12 UTC 139.45.197.237
offerimage.com (1) 304078 2019-06-10 11:11:53 UTC 2022-11-24 16:43:35 UTC 104.22.33.172
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-25 05:53:13 UTC 142.250.74.10
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
appskingo.com (2) 595806 2019-11-12 09:13:24 UTC 2022-11-25 01:58:17 UTC 104.21.52.244
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.187.102.159
ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-11-25 07:04:10 UTC 142.250.74.106
mediasama.com (15) 166244 2015-11-22 05:12:08 UTC 2022-11-24 19:29:38 UTC 144.217.67.42
bedrapiona.com (2) 34930 2020-05-08 13:43:48 UTC 2022-11-25 10:21:49 UTC 139.45.197.234
r3.o.lencr.org (14) 344 No data No data 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
inklinkor.com (1) 0 2022-04-01 11:44:00 UTC 2022-11-25 08:24:50 UTC 172.67.211.29 Unknown ranking
my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-11-25 07:48:21 UTC 139.45.195.8
ibrapush.com (6) 0 2020-04-18 14:40:35 UTC 2022-11-24 16:47:05 UTC 139.45.197.250 Unknown ranking
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-11-25 06:19:41 UTC 37.48.68.71

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 mediasama.com/hentaiheroes/22/s/ Phishing
2022-11-25 2 mediasama.com/hentaiheroes/22/s/js/main.js Phishing
2022-11-25 2 mediasama.com/hentaiheroes/22/s/audio/btn_1.mp3 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-25 2 datatechonert.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 104.21.52.244
Date UQ / IDS / BL URL IP
2022-12-22 02:29:25 +0000 0 - 2 - 0 emtp.com.ua/ 104.21.52.244
2022-12-05 03:46:48 +0000 0 - 0 - 14 emtp.com.ua/ 104.21.52.244
2022-11-25 10:48:48 +0000 0 - 0 - 9 appskingo.com/asd/ 104.21.52.244


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-01-31 09:52:19 +0000 0 - 0 - 3 www.tg-me.com/in/The+Flash+All+Seasons/com.th (...) 172.67.155.137
2023-01-31 09:50:57 +0000 0 - 0 - 2 lconyapparplated.xyz/ 172.67.210.141
2023-01-31 09:49:27 +0000 0 - 0 - 1 tgqgzmo551.berilata.ru/ 188.114.96.1
2023-01-31 09:48:37 +0000 0 - 4 - 6 770167.cc/ 188.114.97.1
2023-01-31 09:47:51 +0000 0 - 1 - 0 foxverification.xyz/ 104.21.31.218


Last 1 reports on domain: appskingo.com
Date UQ / IDS / BL URL IP
2022-11-25 10:48:48 +0000 0 - 0 - 9 appskingo.com/asd/ 104.21.52.244


No other reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (1)
#1 JavaScript::Eval (size: 80) - SHA256: d68298f34a2c695af1999bee19ea9a00cc3f1eda87762cb998558fbdf98091fc
(() => {
    const a = async
    function name() {};
    window['gxvw67psi2g'] = true;
})()

Executed Writes (1)
#1 JavaScript::Write (size: 7) - SHA256: 2f26233595d165e6868c5bb9e5e835506039e72c61a36a1bafb0827abfe746a5
Firefox


HTTP Transactions (80)


Request Response
                                        
                                            GET /asd/ HTTP/1.1 
Host: appskingo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.205.213
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 25 Nov 2022 10:48:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 11:48:36 GMT
Location: https://appskingo.com/asd/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOGcCOi9hNriKQQrXl5rpu7rCmPMRFnpQ8kQaOMxedvjlbPzUoqizjL7iHMalys8zfann5UOqR50xoSwUpXTVtoqtrAvMSDJKPDC7sWXacQ8DP0Q8DlkZp9jMwDL8Ghp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9d01d8d8ab503-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6526
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 10:48:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6194
Cache-Control: max-age=91549
Date: Fri, 25 Nov 2022 10:48:36 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:14:25 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 10:17:26 GMT
cache-control: public,max-age=3600
age: 1870
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17188
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 10:48:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=140041
Date: Fri, 25 Nov 2022 10:48:36 GMT
Etag: "63801d8d-117"
Expires: Sun, 27 Nov 2022 01:42:37 GMT
Last-Modified: Fri, 25 Nov 2022 01:42:37 GMT
Server: nginx
Content-Length: 279

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: EdkR7pVPZUdNkP6lePB3F/74bjHHKuLPRUwUaWuwVL38xvTOjWZISxcnKSNf8hfQV2qij5VY7XU=
x-amz-request-id: SDQ849EMKB37HX8J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 10:40:46 GMT
age: 470
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /asd/ HTTP/1.1 
Host: appskingo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.52.244
HTTP/2 200 OK
content-type: text/html
                                        
date: Fri, 25 Nov 2022 10:48:37 GMT
last-modified: Thu, 24 Nov 2022 16:16:16 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCQi721eBJfA7h4kKP6iTU7%2Fnyf1SrhWPX%2Fmf%2BZgTjqNLqSRU5Ri5QsVIeo3zBL90%2B%2FWkpsrUejTHwTplTpCBnQdmA5Q24bK6BID2as2qSkZWOR7AvmpjpsyBjGe4nHQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9d01f3877b51b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2866
Md5:    181e828bbf883f5eee05d0caf63ee02b
Sha1:   aaed0ffab20f095d6c61ab3423b5f7c119470db8
Sha256: 2bbb3fc33932abfa569f55a5499aaba83d8d94cae697c5b70a4dcb89e5f00477
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4797
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 10:48:37 GMT
Last-Modified: Fri, 25 Nov 2022 09:28:40 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2248
Cache-Control: max-age=114583
Date: Fri, 25 Nov 2022 10:48:37 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 18:38:20 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /tag.min.js HTTP/1.1 
Host: inklinkor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.211.29
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 10:48:37 GMT
x-trace-id: 9341be6cc56fb787867ab28ce5ddc748
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:05:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 26 Nov 2022 09:37:49 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yls4JKebarHW5fKTNfmq6Vd3f%2BVxIpZgu%2BSC6aThgzIskDMuRpR6Au4wp8EnULX2V5Kyj0V3oW7JAq0t8Yv8G6TCYMpNCZNZKIUlgmro02AzMyaqk7ca7rbClYBYIsuU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9d020ac441bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   25132
Md5:    d6a449971978210d2ba7379b326e6aec
Sha1:   f8708d519ae0689815b47ec3a9ad69ca798a0e1e
Sha256: b1f9dc6501f4029dfeadf5ec2ef47680b8061caef96f9f3212ea2ac05229430e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B9C0EC9F6959080BFC3340D0C591283004D8C53F512A84D3A4954430D9AEC775"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4287
Expires: Fri, 25 Nov 2022 12:00:04 GMT
Date: Fri, 25 Nov 2022 10:48:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B9C0EC9F6959080BFC3340D0C591283004D8C53F512A84D3A4954430D9AEC775"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4287
Expires: Fri, 25 Nov 2022 12:00:04 GMT
Date: Fri, 25 Nov 2022 10:48:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3513
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 10:48:37 GMT
Last-Modified: Fri, 25 Nov 2022 09:50:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.84.149
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 10:48:37 GMT
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6LZAdGoh9sTFeBvczKkAoXHhnaM2hjadFuhQ3ku05ipcKUatQjoxhT0JCi66Blv9Lku4VLmLI7yPJGXUz13GQiPi4ZrT42iSZCz5WCn9csUkrXYTnduE37QFj%2B%2FKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9d022b9160b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12966), with no line terminators
Size:   5512
Md5:    2751f1bcbda0c8514d42ce7e8a056822
Sha1:   96d795806a9dd9087e8a8f5d5da88789d1f16c90
Sha256: b3d78c193e97c205fc5df140f5ae8555492a1ae96ba0f3f6eed594f3d3339573
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13711
Expires: Fri, 25 Nov 2022 14:37:08 GMT
Date: Fri, 25 Nov 2022 10:48:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8A17AB8EE147D3239041AA3460836FC7B423633B9686BEEB8A017828E9D865B3"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6344
Expires: Fri, 25 Nov 2022 12:34:21 GMT
Date: Fri, 25 Nov 2022 10:48:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3F1EBF6792CB8C53345A7378CEF23D086F94E57AA9B3826E17C51EC5555EDD5D"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10283
Expires: Fri, 25 Nov 2022 13:40:00 GMT
Date: Fri, 25 Nov 2022 10:48:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "62E1ACF4FAE269659EF8E273FFA40B1FF252B4AF63276DD1EEA973E4676BFAF8"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9775
Expires: Fri, 25 Nov 2022 13:31:32 GMT
Date: Fri, 25 Nov 2022 10:48:37 GMT
Connection: keep-alive

                                        
                                            GET /gid.js?userId=b6b0816cb8474b74944e2503cb29aafd HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appskingo.com
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
content-length: 65
access-control-allow-origin: https://appskingo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b6b0816cb8474b74944e2503cb29aafd; expires=Sat, 25 Nov 2023 10:48:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    47c5b1979665a450c3d642c71a592db5
Sha1:   0f6db8c0d056d0b0b1a9a79230b1f454b565000f
Sha256: f39012fcc69a5393b10d467ab23271683d1fa756846df544a642e61717d0bde5
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 10:08:53 GMT
cache-control: public,max-age=3600
age: 2384
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:48:37 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=311677,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f9d023ca12b4fa-OSL

                                        
                                            GET /zone?pub=0&zone_id=5355400&is_mobile=false&domain=appskingo.com&var=&ymid=&var_3= HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appskingo.com/
Origin: https://appskingo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
content-length: 664
x-trace-id: e0d18a4f0056b3bf52e91163f83faf06
access-control-allow-origin: https://appskingo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (663)
Size:   664
Md5:    a124900f828768d13ed3a758aa0c8b7c
Sha1:   ce6ed39d2fc3cc3a58bb75e16fad83c3b7b8c3a7
Sha256: eb166cfa02fa8b9a8f50dfb293f2e267fbc65dc64f82860fdd973951983db0b2
                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1189
Origin: https://appskingo.com
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.48.68.71
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 10:48:37 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://appskingo.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1D8F89CE0912FBE76DF9F02E81560B8A6414D63F47501F05EF4133FC734E4C40"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12309
Expires: Fri, 25 Nov 2022 14:13:46 GMT
Date: Fri, 25 Nov 2022 10:48:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3236
Cache-Control: max-age=169930
Date: Fri, 25 Nov 2022 10:48:37 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:00:47 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?rb=P-sf14LU6uZNxgPuohlNi1Kmj2VMVLrctA8Q_hUZd1LA538_jGeask1fecoLTgxk4gatv-MO7li6hUcGyPGBxcVDyJ9441NADaPyvBFtjW2NIvB5eNOSe2-UW7wVYZz8e2zHZ0GOu5VHqwrMLDiLyQn7ijFQG73PrOCk5xrZnt7mNh1aSeDxt7sVYQAZNj5Ama08_OI7cGyxA11dWYrl1BsfYXH71R64Tgp9GTQsIqzC-Inr&request_ab2=96003&zoneid=5355401&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=93d103c4-2051-49c1-a3aa-1b94f7abd9fa&userId=b6b0816cb8474b74944e2503cb29aafd&m=link HTTP/1.1 
Host: onmarshtompor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appskingo.com/
Origin: https://appskingo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.243
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
x-trace-id: 1684cef7e4c98907e6daaee9abf08380
access-control-allow-origin: https://appskingo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b6b0816cb8474b74944e2503cb29aafd; expires=Sat, 25 Nov 2023 10:48:37 GMT; path=/; secure; SameSite=None oaidts=1669373317; expires=Sat, 25 Nov 2023 10:48:37 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 02 Dec 2022 10:48:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5538
Md5:    665d7e726ede3118506094fa122883d0
Sha1:   b96d3cb93dd9743192972c6c5f5c92e8f577b920
Sha256: d1f4ab0fe68e62db0b99b95e1c76aafba44d8016ee02174d7badfa1748f0fb7a
                                        
                                            GET /400/5355398 HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
x-trace-id: a7513ef3a736ea7a90311d4904f0bcc8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f6d4300e52124c6ba7af5f1feaa1b09c; expires=Sat, 25 Nov 2023 10:48:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   154284
Md5:    6230650e9242892f03b541ce3883848b
Sha1:   5582355c967e31e002bfad074da3f7029b408fd5
Sha256: 8bf6fcf07bc4c5d42768e6724a2008bc194d5a0f2b5539d2d13e7fe36a038629
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://appskingo.com/
Origin: https://appskingo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
content-length: 0
access-control-allow-origin: https://appskingo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appskingo.com/
Content-Type: application/json
Origin: https://appskingo.com
Content-Length: 745
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:38 GMT
content-length: 39
x-trace-id: ec9c2a6058a002222ea314ddad0d0cb5
access-control-allow-origin: https://appskingo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST /custom HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appskingo.com/
Content-Type: application/json
Origin: https://appskingo.com
Content-Length: 367
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:38 GMT
content-length: 39
x-trace-id: 4dcd56f6d144b5c0c62bd23d1e28f399
access-control-allow-origin: https://appskingo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            OPTIONS /9?z=5355399&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=b6b0816cb8474b74944e2503cb29aafd HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://appskingo.com/
Origin: https://appskingo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:38 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://appskingo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zFkXokXx8k1aZvWM0Zs6YA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.187.102.159
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: psledD/pF+z5Y8iywgJ2gvU1/+U=

                                        
                                            OPTIONS /500/5355398?excludes=&oaid=b6b0816cb8474b74944e2503cb29aafd&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://appskingo.com/
Origin: https://appskingo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:38 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://appskingo.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /11?rnd=3602282095&z=5355399&b=15494504&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=0QEmyaezo_IQU7s9Df9OVWFNAP14v1kTLWSyyNQxfaSuzAAVpyyK96YHf4YjwfavGLG85iqUwrbK2V27okQhqCA1AokYmNJm1QxoP82sgCIJD5fPE0PfpcMNpBmtraptvPPDXEApG2vd-SSB7h5d34jf6lRXmDRkougTBvVbb_fGs6KEl0YhNkpLvjDZ8sREd56piARqLJUanLlc4rObcJpVEWXmIDstChV1gR5djpn_cKSVRLNc9HnODQd81nrdJMjBwjjrFlX2VB4_v3sOtn_KfKy8jIi-yLCw6ho-8-V9sZWXdM8cxNMGEQmZg9yu3qVcDcNFEo7sCXDZ7mMKegOit8fMlDQejXEKtIC36tJZlUXeyanwoHg3gJ4WKrzcbrzNVAK6nTjc1iYlYMuMi7-uFVc-KiolFSwPVuWy7zyLO0zra1_5j_o4F2Fc6ftKaXui4OcgLgmvUANKPOaPQVbZz-zWvRWdfozWhNaK9w9ENcwIyrzQx41c7w20XUbQe4A6AGe4SeGwkTouruEQ1M0vh-IfC7vM9LqYtPyBSWwU8y7YNSiHFBTlvPjhrgRYYq6eBFJiOfs3kA_UGEvb3cyeJIlMEw6J5CisaV_4k-HyLdASz8G1YSUrzVVZe9qaq8RKVAMqK3Gl_CLI1VEeyEhwqJzB3zqZz0jbfqQ29Q7FvL4W1wz8N7TYmtzNFxBBWltcadZ9V1TMx8z3eb0a4VqMWzR4jmcF69oLS5xPdQT2MFyvX7rgspb-VZt4xJhg68OHb5Ec93A6IZ5jiYjaNfvjVnfmfnA7oy59ZHQGoXE=&ruid=5a2f7358-fbab-4a9e-831e-a39c6593d848&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=112 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appskingo.com
Connection: keep-alive
Referer: https://appskingo.com/
Cookie: scm=1; OAID=b6b0816cb8474b74944e2503cb29aafd; oaidts=1669373317
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:38 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://appskingo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7aed284a460ce3541e22da357624994e
access-control-expose-headers: X-Sc
set-cookie: OAID=b6b0816cb8474b74944e2503cb29aafd; expires=Sat, 25 Nov 2023 10:48:38 GMT; secure; SameSite=None oaidts=1669373317; expires=Sat, 25 Nov 2023 10:48:38 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /121?rnd=2673334671&z=5355399&b=15494504&c=6266873&var=&d=https%3A%2F%2Fmediasama.com%2Fhentaiheroes%2F22%2Fs%2F&cln={CELL_NUMBER}&btp=7&rb=0QEmyaezo_IQU7s9Df9OVWFNAP14v1kTLWSyyNQxfaSuzAAVpyyK96YHf4YjwfavGLG85iqUwrbK2V27okQhqCA1AokYmNJm1QxoP82sgCIJD5fPE0PfpcMNpBmtraptvPPDXEApG2vd-SSB7h5d34jf6lRXmDRkougTBvVbb_fGs6KEl0YhNkpLvjDZ8sREd56piARqLJUanLlc4rObcJpVEWXmIDstChV1gR5djpn_cKSVRLNc9HnODQd81nrdJMjBwjjrFlX2VB4_v3sOtn_KfKy8jIi-yLCw6ho-8-V9sZWXdM8cxNMGEQmZg9yu3qVcDcNFEo7sCXDZ7mMKegOit8fMlDQejXEKtIC36tJZlUXeyanwoHg3gJ4WKrzcbrzNVAK6nTjc1iYlYMuMi7-uFVc-KiolFSwPVuWy7zyLO0zra1_5j_o4F2Fc6ftKaXui4OcgLgmvUANKPOaPQVbZz-zWvRWdfozWhNaK9w9ENcwIyrzQx41c7w20XUbQe4A6AGe4SeGwkTouruEQ1M0vh-IfC7vM9LqYtPyBSWwU8y7YNSiHFBTlvPjhrgRYYq6eBFJiOfs3kA_UGEvb3cyeJIlMEw6J5CisaV_4k-HyLdASz8G1YSUrzVVZe9qaq8RKVAMqK3Gl_CLI1VEeyEhwqJzB3zqZz0jbfqQ29Q7FvL4W1wz8N7TYmtzNFxBBWltcadZ9V1TMx8z3eb0a4VqMWzR4jmcF69oLS5xPdQT2MFyvX7rgspb-VZt4xJhg68OHb5Ec93A6IZ5jiYjaNfvjVnfmfnA7oy59ZHQGoXE=&bag=i3O3OvY5w6ZUB5TkJws8STkagQFCTszQ&ruid=5a2f7358-fbab-4a9e-831e-a39c6593d848 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=b6b0816cb8474b74944e2503cb29aafd; oaidts=1669373317
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:38 GMT
content-length: 0
location: https://mediasama.com/hentaiheroes/22/s/
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 46989fa02cd7ba0efec044426b251386
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4939
Cache-Control: max-age=142838
Date: Fri, 25 Nov 2022 10:48:38 GMT
Etag: "63801531-117"
Expires: Sun, 27 Nov 2022 02:29:16 GMT
Last-Modified: Fri, 25 Nov 2022 01:06:57 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /www/images/5f22624db7437e4fcaa7b047f57da38a.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.22.33.172
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 10:48:38 GMT
content-length: 2530
last-modified: Tue, 22 Nov 2022 22:14:45 GMT
etag: "637d49d5-9e2"
expires: Fri, 25 Nov 2022 22:19:34 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 44944
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9d027999b95de-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   2530
Md5:    5f22624db7437e4fcaa7b047f57da38a
Sha1:   f22bcd530fc732bc470dc0983ab70a59920126f4
Sha256: b703b099a1da49f9a80fc7dc79073caf5aaf2ea9d72c36a57a6617937340a923
                                        
                                            GET /500/5355398?excludes=&oaid=b6b0816cb8474b74944e2503cb29aafd&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://appskingo.com
Connection: keep-alive
Referer: https://appskingo.com/
Cookie: OAID=f6d4300e52124c6ba7af5f1feaa1b09c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:38 GMT
x-trace-id: ed616de350f2e5f926871f926542586e
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://appskingo.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b6b0816cb8474b74944e2503cb29aafd; expires=Sat, 25 Nov 2023 10:48:38 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1715
Md5:    4acdce0f61f44a7cd56bf550f49aec73
Sha1:   7049ffdbd79372de0859b606b7fd88b44ddb7571
Sha256: 3bbb6cd7361078e2010ef4531dc1910c7f8409a0130df8d54728614d1f5abbd0
                                        
                                            GET /hentaiheroes/22/s/ HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 25 Nov 2022 10:48:38 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:48 GMT
ETag: "175e-5d8098dbf8f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1500


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1500
Md5:    e40cc2f1d4301f91421ce2859b3ce9c3
Sha1:   3a0cfef6f1d6dfa4f9698c72a6dfe35ecb9047ef
Sha256: f0569656de507e0e7e8898708ede07e5b128e8344d80c2d6fbf139dadceafb12

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:48:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 15:30:11 GMT
expires: Fri, 24 Nov 2023 15:30:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 69507
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30399
Md5:    0f83cadc148d2ad7e53c91f6c4ee05bb
Sha1:   90035c5fffedf4b0f099465f6b929a030b46c92b
Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
                                        
                                            GET /hentaiheroes/22/s/styles.css HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 25 Nov 2022 10:48:38 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:48 GMT
ETag: "2638-5d8098dce9b6b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406


--- Additional Info ---
Magic:  ASCII text, with very long lines (420)
Size:   2406
Md5:    8e7117f5f47cb6cde0a8e8eb38b16dbb
Sha1:   617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
Sha256: 794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:48:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /hentaiheroes/22/s/js/main.js HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 10:48:38 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:58 GMT
ETag: "516-5d8098e646333-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549


--- Additional Info ---
Magic:  ASCII text
Size:   549
Md5:    d8fa8e233a4db9fbce0c20d9a57a06fe
Sha1:   2366b2969771aa164bfdca6b5baf916806f6758a
Sha256: f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hentaiheroes/22/s/audio/btn_1.mp3 HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 206 Partial Content
Content-Type: audio/mpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:49 GMT
ETag: "4f61-5d8098dd2a2ab"
Accept-Ranges: bytes
Content-Length: 20321
Content-Range: bytes 0-20320/20321


--- Additional Info ---
Magic:  Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size:   20321
Md5:    d857acaef2cdf5ec88ea6128c1ceb7b3
Sha1:   5f67419243f34232a4da8cb1a1eaecfc192ff1a7
Sha256: df83bc888086ae84b5d532a39023b0db17e8f3ccd3ffdcd6f35c8d4f39558d24

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hentaiheroes/22/s/img/1.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:38 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:49 GMT
ETag: "53b23-5d8098dddfcec"
Accept-Ranges: bytes
Content-Length: 342819


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   342819
Md5:    261ae81540184eed653580a9c3cf99f0
Sha1:   3ea16580255cd6f906792446ad57ae2a96692c29
Sha256: b342b406e4abe1cc9c7991638ab0afdcb91f223a566f193342ec06150515ea6f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14601
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:48:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14601
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:48:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14601
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:48:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14601
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:48:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14601
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 10:48:39 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 46434
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11743
Md5:    8784bb7a8b88736a6016f712e3183bf3
Sha1:   b0ddc1555d2506177adcdcea77864d75f1245d07
Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
age: 47611
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8006
Md5:    8b6ee13d43732f7c764a49500d092865
Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075
Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:22:46 GMT
age: 12353
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6385
Md5:    f6292a2988fb4505d0098553b8e99ddc
Sha1:   9b8aafcda0e22edcc16d3048f4b88659d3b42419
Sha256: 16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 31271
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e4ptr__XHPd9Qsf8lEDqiZGKptuB9en72UAucNWxlGG_mEbhpFgdA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:43:51 GMT
age: 11088
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10950
Md5:    4abf25d4a15ce58edadd54994b3434a2
Sha1:   18800e21d05596f7b64213072dee7dda5c1faf61
Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:37:15 GMT
age: 7884
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11249
Md5:    481c033b9ffd030ff0de6e35cf788b47
Sha1:   85d3baad9217af2b5d75c019d2ef95dbb919a788
Sha256: 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
                                        
                                            GET /hentaiheroes/22/s/img/2.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:38 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:51 GMT
ETag: "70c5d-5d8098df9454d"
Accept-Ranges: bytes
Content-Length: 461917


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   461917
Md5:    7943e98ba6a2560db7912f45c267c66b
Sha1:   322d698d1acf50e7616d0f776d02d699dd4ef7fb
Sha256: 60c939dab27c6ee7d53b2ae6116ab00628e5fa8d646970c89203bc479b0087f9
                                        
                                            GET /hentaiheroes/22/s/img/7.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:55 GMT
ETag: "5ac6a-5d8098e2af410"
Accept-Ranges: bytes
Content-Length: 371818


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   371818
Md5:    27b6dbe827d236ff44790d59d29d686f
Sha1:   0c7f1ac2d7a18e47164cbf643c397390d6d73510
Sha256: 33d1a087ed9c8f16fd9477b007f1a483edf4ecbac7991c1501e2ae0c99835075
                                        
                                            GET /hentaiheroes/22/s/img/4.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:56 GMT
ETag: "44227-5d8098e4292f1"
Accept-Ranges: bytes
Content-Length: 279079


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   279079
Md5:    8c890eef6a31512d5cd9c373744e1327
Sha1:   58165207f6f8f09cad708a8cd9082f7c4c2d29da
Sha256: e5576157a1d82f4dc4eda82c813e989d894b81a8414034567546ca4236d9b1cd
                                        
                                            GET /hentaiheroes/22/s/img/9.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:54 GMT
ETag: "6ba27-5d8098e27c790"
Accept-Ranges: bytes
Content-Length: 440871


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   440871
Md5:    dddf47702c4913e09dc3ac95cb3fbbe1
Sha1:   f91b79edbb86a84d744bd1ef636ac6bf9b2be31b
Sha256: fa7a7b7c228713758a3aab37eed8c8db587901d8684845f6aa876910540f8e9b
                                        
                                            GET /hentaiheroes/22/s/img/3.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:51 GMT
ETag: "52f3b-5d8098dfc23ad"
Accept-Ranges: bytes
Content-Length: 339771


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   339771
Md5:    9dfd17fc96a15a3de68727df09a8da13
Sha1:   94ea754748adb054a9a8fb36581bdf6829671fcb
Sha256: 4b126f0d6a74c8b66a10a1003d856e7d71ab5ffafb28470e5b07a114786eceec
                                        
                                            GET /hentaiheroes/22/s/img/5.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:55 GMT
ETag: "57d0c-5d8098e362f10"
Accept-Ranges: bytes
Content-Length: 359692


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   359692
Md5:    3a854f6c9d34e4095b874c712e1bcee0
Sha1:   b477c19f4ac016a2e0a8f36c9f4e91d074dd0552
Sha256: 6f3ae6bc38afe0590c280d6710455f8616df0a500dd45c8439e138b5716ec562
                                        
                                            GET /hentaiheroes/22/s/img/8.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:54 GMT
ETag: "5ed5b-5d8098e1f4baf"
Accept-Ranges: bytes
Content-Length: 388443


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   388443
Md5:    6eeefb58172d4f266d568589477d893d
Sha1:   eb6504c9c240f5160b2acfd73e3df094a2d47a04
Sha256: 83bd932c2e2f769ff3d85440995f67c454cc7e01e165a7b54c6770fcf3b02722
                                        
                                            GET /hentaiheroes/22/s/img/6.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:52 GMT
ETag: "5d836-5d8098dfd4c8d"
Accept-Ranges: bytes
Content-Length: 383030


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   383030
Md5:    144b871814f9347ba8b32064fa1fc210
Sha1:   e101e3bf226640762f98c431c62cad3795dc297c
Sha256: 7a737450e072727561cc36b4fb6006317b013d60ebfa0a9a4142d77a938e7005
                                        
                                            GET /hentaiheroes/22/s/img/11.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:52 GMT
ETag: "62534-5d8098e056aae"
Accept-Ranges: bytes
Content-Length: 402740


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   402740
Md5:    c10654a068f849e614885c983ac9ab02
Sha1:   8d69da78045560f1c2de7bafc47b2c8a12e86424
Sha256: 3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2
                                        
                                            GET /hentaiheroes/22/s/img/10.jpg HTTP/1.1 
Host: mediasama.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/hentaiheroes/22/s/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         144.217.67.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 25 Nov 2022 10:48:39 GMT
Server: Apache
Last-Modified: Tue, 15 Feb 2022 07:33:52 GMT
ETag: "451c4-5d8098dffadee"
Accept-Ranges: bytes
Content-Length: 283076


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size:   283076
Md5:    ba49a7b1320c4c2ebb9a31544276691b
Sha1:   392a00eb23ce5caeab5aacd7c4882e7d4fbcb948
Sha256: f211b4c743465addd0944426025e868e847f2a4482d97dadaf6e04e961fe60d1
                                        
                                            GET /impression/61aH4An1AMsbxzTmrPLEbhQnP8Xba0hlW3MM4oRwlOINf4R2JcPeiLsfaninh_ul6HG96pH7d6kcjsfAWlCnSVpC9AZfqcqkNfmh48RAlQ2fdEw53OAAI7c_2oYw2gGjlsFBs3G5LgcuCUSfrNtbXHCaLb19bDcF5wREaTaAQbIXIBlpxnCyRMFuZdQHo_40ZeozoSaGrWqVSuaUKuXcfTUkdJoId5_58AN7kBQnhAjIqFAZXScrq8HktVJqRGmvoTLDzFjc8Np2rrVvyZsB8_1IO2JGV5FU4o58pFJYfljWQ3uJ8TtK7NiGU38Rdu1cDv3c4ZCPYAo_auP5mMn3XhN_Ls4EDNzd3bfuTucu11YkbrDlTqxuByIE6RCyyNceEWrxHFH6tbi28_xyT5IbMVHQyaji2iJanSlkNTpzbQEIAdLp7k0VpT4ocbY7L5u43PF6MXBQO7H-GiXgBPPAlXGBM6FLdHCufXXJul8slNKeDxrfg7rDhbXGQurYfS1spIwZ9coQUOBLME31WFlpTeEDdwuXwKZV5NytMNTtV3-7t3Wllv9ioDKXANYlwmu1m4qRArMv6uzqE2tCas-a0FJp72cL8qYSrnz29TKj5R4ULx6IL6euuVZH1iRetqFcsc0w5Ovht9jzK7vsjD11_2vh8EROWuspGb2a_apCsF-me1ccijV0MlPwvAQR3xBMzYv3a1rYx5lL1hX7qM9gcXd0-pPGPAMM0fsZ87Dhd8UYHIeTtI5-8HUDJlWueOjn52I6wKj6XVrIBfzfZYenXBUp8td6VTGZzMrVNE-YIeJpnZF9Nq_X4b2nTzQ=?_z=5355398&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appskingo.com/
Cookie: OAID=b6b0816cb8474b74944e2503cb29aafd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:42 GMT
content-length: 43
x-trace-id: 5af089f1cceac16cda094e71646fc9b3
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            OPTIONS /500/5355398?excludes=15811608&oaid=b6b0816cb8474b74944e2503cb29aafd&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://appskingo.com/
Origin: https://appskingo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:43 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://appskingo.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /gid.js?pub=0&userId=ecaaaa2e962645b387b4c8bdf5366f86&zoneId=5355400&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appskingo.com/
Origin: https://appskingo.com
Connection: keep-alive
Cookie: ID=b6b0816cb8474b74944e2503cb29aafd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:45 GMT
content-length: 65
access-control-allow-origin: https://appskingo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b6b0816cb8474b74944e2503cb29aafd; expires=Sat, 25 Nov 2023 10:48:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    47c5b1979665a450c3d642c71a592db5
Sha1:   0f6db8c0d056d0b0b1a9a79230b1f454b565000f
Sha256: f39012fcc69a5393b10d467ab23271683d1fa756846df544a642e61717d0bde5
                                        
                                            GET /5/5355406/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appskingo.com
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
x-trace-id: 895d08fceaab682e35b56dc535794af8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://appskingo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b6b0816cb8474b74944e2503cb29aafd; expires=Sat, 25 Nov 2023 10:48:37 GMT; path=/; secure; SameSite=None oaidts=1669373317; expires=Sat, 25 Nov 2023 10:48:37 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1?z=5355399 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8edba7a9c407cc392402183fd6b46ed6
access-control-expose-headers: X-Sc
x-sc: ecxynWUXh3dqCpUddbwbfDTbQjmuSYxRE4Ac86kc2i7oeAwgKBh5En6S4P1ZnnIKkJvz6izSz2S2wQ62TEKWCVFajWM=
set-cookie: scm=1; expires=Sat, 25 Nov 2023 10:48:37 GMT; secure; SameSite=None OAID=4db9a87816d44fa2ac8cf1307fece44a; expires=Sat, 25 Nov 2023 10:48:37 GMT; secure; SameSite=None oaidts=1669373317; expires=Sat, 25 Nov 2023 10:48:37 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appskingo.com/
Origin: https://appskingo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: https://appskingo.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /9?z=5355399&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=b6b0816cb8474b74944e2503cb29aafd HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 54
Origin: https://appskingo.com
Connection: keep-alive
Referer: https://appskingo.com/
Cookie: scm=1; OAID=4db9a87816d44fa2ac8cf1307fece44a; oaidts=1669373317
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:38 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://appskingo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 707de918c9f76cf8ddf42580af08a604
access-control-expose-headers: X-Sc
set-cookie: OAID=b6b0816cb8474b74944e2503cb29aafd; expires=Sat, 25 Nov 2023 10:48:38 GMT; secure; SameSite=None oaidts=1669373317; expires=Sat, 25 Nov 2023 10:48:38 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css2?family=Luckiest+Guy&family=Roboto:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 10:48:38 GMT
date: Fri, 25 Nov 2022 10:48:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /500/5355398?excludes=15811608&oaid=b6b0816cb8474b74944e2503cb29aafd&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fappskingo.com%2Fasd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: betotodilea.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://appskingo.com
Connection: keep-alive
Referer: https://appskingo.com/
Cookie: OAID=b6b0816cb8474b74944e2503cb29aafd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:43 GMT
x-trace-id: 1f7c7895076a7ea901b3bbd7a008c043
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://appskingo.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b6b0816cb8474b74944e2503cb29aafd; expires=Sat, 25 Nov 2023 10:48:43 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5/5355401/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appskingo.com
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
x-trace-id: e62c7231b46f825f90e820091cfdad8a
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://appskingo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=cbf17d542e364aadb260da409f0b4db4; expires=Sat, 25 Nov 2023 10:48:37 GMT; path=/; secure; SameSite=None oaidts=1669373317; expires=Sat, 25 Nov 2023 10:48:37 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/tag.min.js?z=5355400 HTTP/1.1 
Host: ibrapush.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appskingo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:48:37 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---