kagabei.xyz/
172.67.147.232301 Moved Permanently 0 B IP 172.67.147.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: kagabei.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 04:09:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 05:09:17 GMT
Location: https://kagabei.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgqeTaZVwrK%2FaLlJGE4t95jFoeywacrsBmYkS%2BVixzMVthtzMoeVezpgIOxK48YIBvY6z4%2FfKWLdlWCwwcvqrH2hI7oHj5tC1VOHQAx7czMP5RQf5DoyI64to8R%2BKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7948ca2ca945b4f9-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19615
Expires: Sun, 05 Feb 2023 09:36:12 GMT
Date: Sun, 05 Feb 2023 04:09:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11010
Expires: Sun, 05 Feb 2023 07:12:47 GMT
Date: Sun, 05 Feb 2023 04:09:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 03:33:54 GMT
content-type: application/json
age: 2123
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7774
Expires: Sun, 05 Feb 2023 06:18:51 GMT
Date: Sun, 05 Feb 2023 04:09:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KDtLdHTpgaSSzEPOTRMgKS2S6LXJvj06DC18s9azr5NT13owjjuujt0dsgYwfB89A9RZ/Q4YD14=
x-amz-request-id: HKADVRZDYA48SWZN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 03:24:18 GMT
age: 2699
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 04:09:17 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3eeb68638f058bf2de81a61f7d0a92fe
42b29b13b6d401eb0152c95ac09b7c7f81d5efe0
eb5e65cbedd8664f3eec9706348b640a4a131dc55f6966ed5d539a596bb482b1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EB5E65CBEDD8664F3EEC9706348B640A4A131DC55F6966ED5D539A596BB482B1"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 05 Feb 2023 10:09:17 GMT
Date: Sun, 05 Feb 2023 04:09:17 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3eeb68638f058bf2de81a61f7d0a92fe
42b29b13b6d401eb0152c95ac09b7c7f81d5efe0
eb5e65cbedd8664f3eec9706348b640a4a131dc55f6966ed5d539a596bb482b1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EB5E65CBEDD8664F3EEC9706348B640A4A131DC55F6966ED5D539A596BB482B1"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sun, 05 Feb 2023 10:09:17 GMT
Date: Sun, 05 Feb 2023 04:09:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 03:49:07 GMT
age: 1211
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
js.nextpsh.top/ps/ps.js?id=obfatWKZNkanZBj4brtLrg
46.148.125.182200 OK 82 B URL HTTP/2 js.nextpsh.top/ps/ps.js?id=obfatWKZNkanZBj4brtLrg
IP 46.148.125.182:0
ASN #35277 Llhost Inc. Srl
File type ASCII text, with no line terminators
Hash 26b99d58eb44fb5bf51098b005b728db
dbad6dd9d473fe2836e2abeaa30b5590ce233602
f41597e9109254c277334ce27b4dd5a1b823f2b988b602f3295fc2e8cdfd54a3
Analyzer Verdict Alert quad9 Sinkholed
GET /ps/ps.js?id=obfatWKZNkanZBj4brtLrg HTTP/1.1
Host: js.nextpsh.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 04:09:18 GMT
content-type: application/javascript
content-length: 82
set-cookie: __psu=ff569369-9e38-4c93-ae59-a9db7428911a; expires=Wed, 05 Feb 2025 04:09:18 GMT; path=/; secure; samesite=none
cache-control: max-age=0, no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5cebeb9670612fd1a5f9178f3aaa801d
ead54f5daf3cf57f8e22ff29c3729c2c8a4cacdd
b4bc56e5e529ff0777389146ecc6233623121a8d1188a0b146d94b050cb5b2a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4BC56E5E529FF0777389146ECC6233623121A8D1188A0B146D94B050CB5B2A4"
Last-Modified: Sat, 04 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17994
Expires: Sun, 05 Feb 2023 09:09:12 GMT
Date: Sun, 05 Feb 2023 04:09:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16620
Expires: Sun, 05 Feb 2023 08:46:18 GMT
Date: Sun, 05 Feb 2023 04:09:18 GMT
Connection: keep-alive
048a2da360.3819544f76.com/c740df26aa77ac7f8a9b3dda3585713b.js
45.133.44.25200 OK 36 kB URL HTTP/2 048a2da360.3819544f76.com/c740df26aa77ac7f8a9b3dda3585713b.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash 847208d66e85c242e0473a56c59dd432
863246279835c2042ab38b12d4a496fa680af5e9
c5ff19bbe116f0ce15aee18bafdea9fd45cd7fea9ad4b3e903657797c952283f
Analyzer Verdict Alert quad9 Sinkholed
GET /c740df26aa77ac7f8a9b3dda3585713b.js HTTP/1.1
Host: 048a2da360.3819544f76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kagabei.xyz
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 02 Feb 2023 09:20:02 GMT
etag: W/"63db8042-18c39"
content-encoding: gzip
expires: Sun, 05 Feb 2023 04:14:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
048a2da360.3819544f76.com/9fb2f3d57d3079ae89eab9de8d39a8d7/43957?version_name=d
45.133.44.25200 OK 1.6 kB URL HTTP/2 048a2da360.3819544f76.com/9fb2f3d57d3079ae89eab9de8d39a8d7/43957?version_name=d
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (1584), with no line terminators
Hash 8698fdca9b24a79c467981060be0d145
e6f2726d84046ca4a67a5531bcd8010e51142a07
ed3eece874593b359e6445c6f9d3fad054e8f221d399daec17fb0600ac605e20
Analyzer Verdict Alert quad9 Sinkholed
GET /9fb2f3d57d3079ae89eab9de8d39a8d7/43957?version_name=d HTTP/1.1
Host: 048a2da360.3819544f76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kagabei.xyz
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:18 GMT
content-type: application/json
content-length: 1584
server: nginx/1.18.0
cache-control: max-age=300
expires: Sun, 05 Feb 2023 04:14:18 GMT
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sun, 05 Feb 2023 04:14:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b99bdf44f7105810de8d7e83da015e3b
5c91079cc1299a15ffbc103c13157acdb11c80a3
37c215e567429665010536f6a8c8f18805dbc4b8d4541ea7255aa8f07873a869
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37C215E567429665010536F6A8C8F18805DBC4B8D4541EA7255AA8F07873A869"
Last-Modified: Sat, 04 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16485
Expires: Sun, 05 Feb 2023 08:44:03 GMT
Date: Sun, 05 Feb 2023 04:09:18 GMT
Connection: keep-alive
kagabei.xyz/
104.21.28.242200 OK 32 kB IP 104.21.28.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10521), with CRLF line terminators
Hash 3ee2c47b32df3e079a54628bebf874e8
aaa83e0ffe3230abb5b730a3ccaa2c7facfe6b2d
0392c399960f91ddf9aec55ebad027b7407b4964fab0272fea5b6d8837004c73
GET / HTTP/1.1
Host: kagabei.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:17 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.8
set-cookie: ab_referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wabQExSxAfj3o0ZqTWWTUIj9%2BCY%2Ba09WytVjx5N0vq6AP%2B5Pm2bLfIXqGEvnTCEsvycXjxwUayS%2BlwL04acQ6Dp0wQzcTSMtVKi74MlnqgP41AHwsbBQyECte5Y8AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7948ca2f0a25b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 155f081f99e1dc4e00b79a472e76147a
93a8482624b9073c51eaca18cdf29fa7ed319b7d
d2a5d0845888419c6beb687453c6dec89883ea90bd7baf7c18061eed679e7ea1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A5D0845888419C6BEB687453C6DEC89883EA90BD7BAF7C18061EED679E7EA1"
Last-Modified: Sat, 04 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5536
Expires: Sun, 05 Feb 2023 05:41:34 GMT
Date: Sun, 05 Feb 2023 04:09:18 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=43957
157.90.84.242204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=43957
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=43957 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://kagabei.xyz/
Origin: https://kagabei.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 04:09:18 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://kagabei.xyz
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
1ec994c645.369c83119d.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4MjQyMzk0ODY4OTQwODEiLCJ0aW1lem9uZSI6MCwidmVyIjoiMy4yMi4wIiwidGFnX2lkIjo0Mzk1Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjE5LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJQbGF5In0=
45.133.44.25200 OK 0 B URL HTTP/2 1ec994c645.369c83119d.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4MjQyMzk0ODY4OTQwODEiLCJ0aW1lem9uZSI6MCwidmVyIjoiMy4yMi4wIiwidGFnX2lkIjo0Mzk1Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjE5LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJQbGF5In0=
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4MjQyMzk0ODY4OTQwODEiLCJ0aW1lem9uZSI6MCwidmVyIjoiMy4yMi4wIiwidGFnX2lkIjo0Mzk1Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjE5LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJQbGF5In0= HTTP/1.1
Host: 1ec994c645.369c83119d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kagabei.xyz
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:18 GMT
content-length: 0
server: nginx/1.20.2
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push.m.js?v=1
45.133.44.24200 OK 26 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (63672), with no line terminators
Hash b7ba997d979c1e6ad2de8d8151b36b4a
7ddfda9ce241cbdead8db88099fecf6a55d5343d
4b8c80b44a8b9096eb319ef262ef28a2c032aeb93a2dbe0495401f89d6b6746d
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-f96f"
content-encoding: gzip
expires: Sun, 05 Feb 2023 04:14:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=43957
157.90.84.242200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=43957
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=43957 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22285
Origin: https://kagabei.xyz
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 04:09:18 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://kagabei.xyz
Set-Cookie: id=16814302045404799974; Expires=Mon, 05 Feb 2024 04:09:18 GMT; Secure; SameSite=None
Vary: Origin
nereserv.com/in/dip?site=native-push&wl=0&event_id=de410841-40b6-4d68-aa63-4b204db7903a&subid=416473681&sid=2517504367&spot_id=26103&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1
157.90.84.246200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=0&event_id=de410841-40b6-4d68-aa63-4b204db7903a&subid=416473681&sid=2517504367&spot_id=26103&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=0&event_id=de410841-40b6-4d68-aa63-4b204db7903a&subid=416473681&sid=2517504367&spot_id=26103&created_at=2023-02-05&timezone=0&ver=8.24.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kagabei.xyz
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 04:09:19 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f47220936601fbaad86b28337c2d7cad
9bdeb7f26c0f25714ed2c281a83c2a4241d3b74b
302bbb4d751ebd8f04b229f3b06e98ab3f083dccf53f7c598991c4ed712e100c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "302BBB4D751EBD8F04B229F3B06E98AB3F083DCCF53F7C598991C4ED712E100C"
Last-Modified: Sat, 04 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17779
Expires: Sun, 05 Feb 2023 09:05:38 GMT
Date: Sun, 05 Feb 2023 04:09:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 15dfef7f063604efdea29b5089472ca6
9dcbf7a72e2d8c83191d17bab4acdb568a0bd02b
6a20b074c80868f5e71a2798abbd7e67d75cab0bd2f2d2181b0a91d06f99848c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A20B074C80868F5E71A2798ABBD7E67D75CAB0BD2F2D2181B0A91D06F99848C"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18815
Expires: Sun, 05 Feb 2023 09:22:54 GMT
Date: Sun, 05 Feb 2023 04:09:19 GMT
Connection: keep-alive
0f6e7d3222.ba33938e50.com/in/multy
94.130.198.6204 No Content 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/multy
IP 94.130.198.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://kagabei.xyz/
Origin: https://kagabei.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.20.1
date: Sun, 05 Feb 2023 04:09:19 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/common/config.js
45.133.44.24200 OK 19 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/config.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 67fc2c9421e21f4a3707c7fabc8e9f33
0d311fbfaea3d64122b4c5e575a5c3fbea11f718
b93ed3f9c6f2c27004ef57a9fa8f11248af5bd9848cc56a1c215db36d4ecc1bb
GET /npc/sdk/common/config.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kagabei.xyz/
Origin: https://kagabei.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 19
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: "63d270a1-13"
expires: Sun, 05 Feb 2023 04:14:19 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2152
Expires: Sun, 05 Feb 2023 04:45:11 GMT
Date: Sun, 05 Feb 2023 04:09:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2152
Expires: Sun, 05 Feb 2023 04:45:11 GMT
Date: Sun, 05 Feb 2023 04:09:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP 34.120.237.76:0
Hash b863eddcc46d634f41f68dde575be0c7
0f096702a1533307b4d5bc0f1d3e375c20dabd82
eee81a5164207d380b6b604cd4fd6426ff30c6bcb05abbdff932ad28721ac22b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 9379b64e-3a3f-4b8d-aba2-bc3cd7dab98f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3cgFCkIAMFrhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c4f-6ac6da215407497043249929;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75uKxGlJDSXzIUgR5Rm4f13SClTT1UIDLgbkTrFDEDvKmGmViQ3Djg==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:25:50 GMT
age: 20609
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d632f8be93820b9746f76146fe3ff0e
7e5e9b16819af678ba84ddb6f45c073e659e2f4e
26ad66cf5e4fe4de99ad31b5c4f0fa3d05c085be04610de8ad80989528c100bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6434
x-amzn-requestid: ccf74c35-c654-4a9a-8121-ab27fc4cd862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WWYFbJoAMFgSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f5-10dedb6a287acd2b10cdfdb4;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3bv0yNuzTWh742AZFesuU0caKmg0nMFc3P0bLYkhGd-TAeg5R9W_vQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:28 GMT
age: 22671
etag: "7e5e9b16819af678ba84ddb6f45c073e659e2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbb38d805862a1b3081eebf256e0dae0
4a5cb01390d897be8721cd4551c74d0452aff640
02443891d0533f37fe38b16febafc86fa64c457dc1827b97ec535d623486d549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8691
x-amzn-requestid: 51bb839e-c32c-4be9-9f38-7f8044160e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsLgFPqIAMFfww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d22716-3794126b47a79aed27e1aac4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:09:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9du1ien5j1WSLplBzT5AAV-xIPKNgg4-8tdjux_iEGXNGaCcj29Xog==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 10:04:17 GMT
age: 65102
etag: "4a5cb01390d897be8721cd4551c74d0452aff640"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dvxlk1iSyNfjmNRI_8HcmhG9_xe0ZlaZ0Pzj0H9EBR6wwXKg0L7YVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 04:43:21 GMT
age: 84358
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d907b978dc107f6e95182eee954462a
29a73442173f75b4f3413e2c6459e8448b1cc33f
8268fb8aa86182e7c2113709cce8f559ac8cc831e12cfd7a75c67f30c69808a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: a9d8e72b-b943-4c6d-a01c-7b7b65da6ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzXDqG-eIAMFbTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de054a-778199ce1db9fa1b73a9d4ec;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:12:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CyZUnEQ1l6j1CZCVM63GYbV6mAnhjW3kh4E5M07jH6d3t4mwhSK4hw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:07:48 GMT
age: 21691
etag: "29a73442173f75b4f3413e2c6459e8448b1cc33f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eaca60722d35484e7cad5e6521465c75
470c81f1cab13436da9f94e97bb152fc9d01ad04
8c75170cdf9f6b97aef972568348aa4e6d67486ad1fdb7aa9d346e1cc8ae9df7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9290
x-amzn-requestid: 5ed93026-d87a-4c82-81ce-8faa9e8dba60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsnFtFVUoAMF6Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5224-0e5fea32709d6f665f6b09db;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AD5rpaPGI6jezDtJBS7-XTUoJQetiG6yyo6VbDfBYzk9RwPNYN5h2Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 20:04:29 GMT
age: 29090
etag: "470c81f1cab13436da9f94e97bb152fc9d01ad04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 15dfef7f063604efdea29b5089472ca6
9dcbf7a72e2d8c83191d17bab4acdb568a0bd02b
6a20b074c80868f5e71a2798abbd7e67d75cab0bd2f2d2181b0a91d06f99848c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A20B074C80868F5E71A2798ABBD7E67D75CAB0BD2F2D2181B0A91D06F99848C"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18814
Expires: Sun, 05 Feb 2023 09:22:54 GMT
Date: Sun, 05 Feb 2023 04:09:20 GMT
Connection: keep-alive
0f6e7d3222.ba33938e50.com/in/multy
94.130.198.6200 OK 28 kB URL HTTP/2 0f6e7d3222.ba33938e50.com/in/multy
IP 94.130.198.6:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (28368), with no line terminators
Hash f2aff30c641cf55a80d786407acd251c
a9b50bb7b27aacd11eab923117d96485d9e6db86
915b2249bf725447a69d02d07c525b995bf6aee63509ddc76e0f2d1f3157f7e2
POST /in/multy HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1191
Origin: https://kagabei.xyz
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 04:09:20 GMT
content-type: application/json
content-length: 28377
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
0f6e7d3222.ba33938e50.com/in/show/?mid=3919411124075335134&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=416473681&sid=2517504367&cid=13353&price=0.001959999&is_cpm=0&cpm=0&ecpm=0.023251306239015817&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=kagabei.xyz&hostname=auc-inpage-hz-2-b&site_id=3126103&spot_id=26103&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675591759&created_at=2023-02-05&is_native=2&auction_queue=0&burl=VtD4HI5-YOOHlkIyH593SnVBbd-rVxqhZuyGFKz2VsFdQ4vKQRHo5r4HPvcNXDMbdM0gE7EwqO8NsohvgDE7o1j98kXysqE25mqWktF-R_11q-xejQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5326103&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.0008499869288224955&placement_type_id=&skin_test=0&verify_hash=5f82c90e22292d7a453d53319e74d615&score=66.95658281062643&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D416473681%26spot_id%3D26103%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkagabei.xyz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=d&original_bid=0.001959999&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=clod6E0xYWhQKL-kyC_TzUwad3N3zIPdxhZRmLJnubsTmPxKVrzIkjF6s4UO1PVgXe3Ad156buj9V1ZfFq1-BtnnNQo8BUnuxnFCyI5Ljuv1hsVsTgpphr9SYFBoSybojU62Qx5CX6w6idRxdTsUd14tM8StBycdsC_Foe9bJX6TNfj8hw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.001959999&pr=&user_keywords=&auc_type=1&aid=61&ext_cid=0&device_theme=light&keywords=&label_ids=83,89,0&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=98f57936-0e1e-437d-92da-37aca222d394&mlc=1&format=default-slide_SHQ-b_r-body
94.130.198.6200 OK 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/show/?mid=3919411124075335134&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=416473681&sid=2517504367&cid=13353&price=0.001959999&is_cpm=0&cpm=0&ecpm=0.023251306239015817&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=kagabei.xyz&hostname=auc-inpage-hz-2-b&site_id=3126103&spot_id=26103&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675591759&created_at=2023-02-05&is_native=2&auction_queue=0&burl=VtD4HI5-YOOHlkIyH593SnVBbd-rVxqhZuyGFKz2VsFdQ4vKQRHo5r4HPvcNXDMbdM0gE7EwqO8NsohvgDE7o1j98kXysqE25mqWktF-R_11q-xejQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5326103&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.0008499869288224955&placement_type_id=&skin_test=0&verify_hash=5f82c90e22292d7a453d53319e74d615&score=66.95658281062643&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D416473681%26spot_id%3D26103%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkagabei.xyz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=d&original_bid=0.001959999&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=clod6E0xYWhQKL-kyC_TzUwad3N3zIPdxhZRmLJnubsTmPxKVrzIkjF6s4UO1PVgXe3Ad156buj9V1ZfFq1-BtnnNQo8BUnuxnFCyI5Ljuv1hsVsTgpphr9SYFBoSybojU62Qx5CX6w6idRxdTsUd14tM8StBycdsC_Foe9bJX6TNfj8hw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.001959999&pr=&user_keywords=&auc_type=1&aid=61&ext_cid=0&device_theme=light&keywords=&label_ids=83,89,0&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=98f57936-0e1e-437d-92da-37aca222d394&mlc=1&format=default-slide_SHQ-b_r-body
IP 94.130.198.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=3919411124075335134&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=416473681&sid=2517504367&cid=13353&price=0.001959999&is_cpm=0&cpm=0&ecpm=0.023251306239015817&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=8.24.1&ver_c=&refdom=kagabei.xyz&hostname=auc-inpage-hz-2-b&site_id=3126103&spot_id=26103&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675591759&created_at=2023-02-05&is_native=2&auction_queue=0&burl=VtD4HI5-YOOHlkIyH593SnVBbd-rVxqhZuyGFKz2VsFdQ4vKQRHo5r4HPvcNXDMbdM0gE7EwqO8NsohvgDE7o1j98kXysqE25mqWktF-R_11q-xejQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5326103&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=0.0008499869288224955&placement_type_id=&skin_test=0&verify_hash=5f82c90e22292d7a453d53319e74d615&score=66.95658281062643&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D416473681%26spot_id%3D26103%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkagabei.xyz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=d&original_bid=0.001959999&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=clod6E0xYWhQKL-kyC_TzUwad3N3zIPdxhZRmLJnubsTmPxKVrzIkjF6s4UO1PVgXe3Ad156buj9V1ZfFq1-BtnnNQo8BUnuxnFCyI5Ljuv1hsVsTgpphr9SYFBoSybojU62Qx5CX6w6idRxdTsUd14tM8StBycdsC_Foe9bJX6TNfj8hw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.001959999&pr=&user_keywords=&auc_type=1&aid=61&ext_cid=0&device_theme=light&keywords=&label_ids=83,89,0&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=98f57936-0e1e-437d-92da-37aca222d394&mlc=1&format=default-slide_SHQ-b_r-body HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 04:09:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
0f6e7d3222.ba33938e50.com/in/show/?mid=3919411124075335134&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=416473681&sid=2517504367&cid=14006&price=0.00047595571260899305&is_cpm=0&cpm=0&ecpm=0.00023966624881891548&crid=&crtid=5e38ae248ad402ffccb830d047480273&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=kagabei.xyz&hostname=auc-inpage-hz-2-b&site_id=3126103&spot_id=26103&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675656559&created_at=2023-02-05&is_native=1&auction_queue=0&burl=Q7BcGMUYliX8TFqBEcswNkFSq4ZR2_CgLlPFpPCfmV4_ziExadBynQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7326103&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=5.4051755725190836e-05&placement_type_id=&skin_test=0&verify_hash=73d3f37cd622360ea1f6417fbcff1208&score=66.95658281062643&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D416473681%26spot_id%3D26103%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkagabei.xyz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=d&original_bid=0.00047595571260899305&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=0YcJlxJhtLxSavymb81TNNPkltg10ibpFph3j0_Sf-JzJdyXCWs16OS7aWGf8u8yalWUEy6srlZm1_ArkVG2rzcSIe2wig3LPmFfQjJ6JtY_5sb-2DM_CXSES-WJ-BTcJ6MWvgq4QOPbXksb-fPpZqMHsrzzz63APZwX6I0RbVCeGJfa2A6XoDN59n_SH8JRjr8w1Td-0CzA055BjA2vpj7iUFD5w1DLBDHPq3aetv8Z_kXJAUA9aQwPz1lXuhYMPm3rI2PVXMLwLZY3eQIg-NS8CuaFVoiQFiO9tHUo8yEIj_ugnztdQL-tepNzWar-V-aRfZrY8-k1qJp9061QUrjEU7Zvpx0f4VgqAJN89TeDSbRDlgRVM7w53PYmD40b1mOJPGyI3tsbYbRl36xFL-b7O3jlwhNWcTVC1bOXXcY8CbWi3ZGly3S-SfzSnZgvEvZw0FuWhL6DAM3ATdxWhdR8P7ZUzY1xFeMnmd-72ode9CvgxhR5UGeouLf6CfjuLsdVyaCK12Tizx-jaLwZt73qjlfMBdcvaLDSfqBZjA1qIzqr0gxnS2atouVHzBILcWzTeyuUt_inVkdRX-KuduFuK5KCSiHLmNJY0_-3OVUBXEyi8chFK-TOhezyJJeAaOo7LX--a4T3DNnoPCOMFfrRBeWS9DcqvTEGeeivdoCKuBGOU-JjSV_A9FGM1k5zEhahQGiwdCjdvvU3R9uCrscZxsj7cbG5JOC-XSekj0JMqMWQQE69ZBbUAIUEPi69botWAMfUvLZJ9lS8aNaLcgFzGf0Cf9btmyd4zFcZM5hvFT4NENFbYwgwBRH4E7ifq7Sv4EsnTogNSZvzAywIQOTNPcjhNIoMrY8-0dLqBzDrjRklg-bJAkZNBiLUvGN-aAcqVfcS7X26v5Cbe7FEgj6MJc3mn6KlSkPXDA3ju3kiob7nO3vgr_0S7AOBbPwBCygCAywR_vvX3MhNdcwfXI4Ez-pbCirj0l0GPTtF09GwUqs9_9Rtq51_cn8b-Wsg1uHum6chmzKoBUcp_EZtT7p0nmvOtfdmFCRdVtwoYLu14jQKa2Gm57gQnj0oWsLvUT5KrpXs1fHMiefCd2VnlRbKunbeQMtpn1yG_Ks-Ks4kcGQrqrqFXh-txiSxtQNFLQ&image_url=https%3A%2F%2Fs.viitodut.com%2Fn%2F1557%2Fpniesytfbv6f4athpjzfkyclmjqqc6s3azxxo62zm5eggkbf2h6tqxrjfvkweglcmfpfw3qem54xuudiifglrls5jhcyxxh3tgxypk5nhf4w2csgd7pg2caqgt55fqpas7rmbfvlkeilxboe25xufvu3uo5vkabk3a4rgymx2c3us6k2jfkfeohj6cv764add4uxqvcshbewtqtjz5fgbwdzl3bdtb75gxte5ipboxaflebtrfujpufxjgwfc37dqmajy2byqhwhbbcrwwmb4bnbna4kwts422aubdkqhbewtewp23rf56dznprdsswrgm7z6stlrb46nd4s4fvnev75s3f7q654km43w2bramoa72csbfuvr37kdhlwtx2jmd5huvyhnmg5smfoqwu26u52kyjdcsljgl3nnuwin5uqn2rggsabj53qblslwklmmqexmvtdkzhuwykqpcsg2ukjnezpnvwszbxqsbxkey2iafhxodbgbvmtavva46cwbwpe2o5tkj4iyub2vfv3nxmazjtnu624gqgxyccqmr5hx4ktpp2fcrxbniz6mtcdsfj2lwxvtzf6wnsui5fpcvhlk3fdysgjg24zrn77k3ifau4ijwpo7rp74ogje6xmk3aihc74kwku623cjvswkdlzluawa6hlmriq%3D%3D%3D%3D%3Ff%3Dhttps%253A%252F%252Fi.cdnkimg.com%252Fauto%252F492x328%252Fimage%252Ftesr%252F1189%252F189%252Frect_63dce9a44c73ft1675422116r802.jpg&skin_id=2&vertical_id=40&real_bid=0.00031770043816650283&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&label_ids=83,90,40&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=6d15dfee-7185-4df3-83e1-4acd6d7cf5da&format=default-slide_SHQ-b_r-body
94.130.198.6200 OK 0 B URL HTTP/2 0f6e7d3222.ba33938e50.com/in/show/?mid=3919411124075335134&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=416473681&sid=2517504367&cid=14006&price=0.00047595571260899305&is_cpm=0&cpm=0&ecpm=0.00023966624881891548&crid=&crtid=5e38ae248ad402ffccb830d047480273&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=kagabei.xyz&hostname=auc-inpage-hz-2-b&site_id=3126103&spot_id=26103&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675656559&created_at=2023-02-05&is_native=1&auction_queue=0&burl=Q7BcGMUYliX8TFqBEcswNkFSq4ZR2_CgLlPFpPCfmV4_ziExadBynQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7326103&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=5.4051755725190836e-05&placement_type_id=&skin_test=0&verify_hash=73d3f37cd622360ea1f6417fbcff1208&score=66.95658281062643&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D416473681%26spot_id%3D26103%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkagabei.xyz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=d&original_bid=0.00047595571260899305&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=0YcJlxJhtLxSavymb81TNNPkltg10ibpFph3j0_Sf-JzJdyXCWs16OS7aWGf8u8yalWUEy6srlZm1_ArkVG2rzcSIe2wig3LPmFfQjJ6JtY_5sb-2DM_CXSES-WJ-BTcJ6MWvgq4QOPbXksb-fPpZqMHsrzzz63APZwX6I0RbVCeGJfa2A6XoDN59n_SH8JRjr8w1Td-0CzA055BjA2vpj7iUFD5w1DLBDHPq3aetv8Z_kXJAUA9aQwPz1lXuhYMPm3rI2PVXMLwLZY3eQIg-NS8CuaFVoiQFiO9tHUo8yEIj_ugnztdQL-tepNzWar-V-aRfZrY8-k1qJp9061QUrjEU7Zvpx0f4VgqAJN89TeDSbRDlgRVM7w53PYmD40b1mOJPGyI3tsbYbRl36xFL-b7O3jlwhNWcTVC1bOXXcY8CbWi3ZGly3S-SfzSnZgvEvZw0FuWhL6DAM3ATdxWhdR8P7ZUzY1xFeMnmd-72ode9CvgxhR5UGeouLf6CfjuLsdVyaCK12Tizx-jaLwZt73qjlfMBdcvaLDSfqBZjA1qIzqr0gxnS2atouVHzBILcWzTeyuUt_inVkdRX-KuduFuK5KCSiHLmNJY0_-3OVUBXEyi8chFK-TOhezyJJeAaOo7LX--a4T3DNnoPCOMFfrRBeWS9DcqvTEGeeivdoCKuBGOU-JjSV_A9FGM1k5zEhahQGiwdCjdvvU3R9uCrscZxsj7cbG5JOC-XSekj0JMqMWQQE69ZBbUAIUEPi69botWAMfUvLZJ9lS8aNaLcgFzGf0Cf9btmyd4zFcZM5hvFT4NENFbYwgwBRH4E7ifq7Sv4EsnTogNSZvzAywIQOTNPcjhNIoMrY8-0dLqBzDrjRklg-bJAkZNBiLUvGN-aAcqVfcS7X26v5Cbe7FEgj6MJc3mn6KlSkPXDA3ju3kiob7nO3vgr_0S7AOBbPwBCygCAywR_vvX3MhNdcwfXI4Ez-pbCirj0l0GPTtF09GwUqs9_9Rtq51_cn8b-Wsg1uHum6chmzKoBUcp_EZtT7p0nmvOtfdmFCRdVtwoYLu14jQKa2Gm57gQnj0oWsLvUT5KrpXs1fHMiefCd2VnlRbKunbeQMtpn1yG_Ks-Ks4kcGQrqrqFXh-txiSxtQNFLQ&image_url=https%3A%2F%2Fs.viitodut.com%2Fn%2F1557%2Fpniesytfbv6f4athpjzfkyclmjqqc6s3azxxo62zm5eggkbf2h6tqxrjfvkweglcmfpfw3qem54xuudiifglrls5jhcyxxh3tgxypk5nhf4w2csgd7pg2caqgt55fqpas7rmbfvlkeilxboe25xufvu3uo5vkabk3a4rgymx2c3us6k2jfkfeohj6cv764add4uxqvcshbewtqtjz5fgbwdzl3bdtb75gxte5ipboxaflebtrfujpufxjgwfc37dqmajy2byqhwhbbcrwwmb4bnbna4kwts422aubdkqhbewtewp23rf56dznprdsswrgm7z6stlrb46nd4s4fvnev75s3f7q654km43w2bramoa72csbfuvr37kdhlwtx2jmd5huvyhnmg5smfoqwu26u52kyjdcsljgl3nnuwin5uqn2rggsabj53qblslwklmmqexmvtdkzhuwykqpcsg2ukjnezpnvwszbxqsbxkey2iafhxodbgbvmtavva46cwbwpe2o5tkj4iyub2vfv3nxmazjtnu624gqgxyccqmr5hx4ktpp2fcrxbniz6mtcdsfj2lwxvtzf6wnsui5fpcvhlk3fdysgjg24zrn77k3ifau4ijwpo7rp74ogje6xmk3aihc74kwku623cjvswkdlzluawa6hlmriq%3D%3D%3D%3D%3Ff%3Dhttps%253A%252F%252Fi.cdnkimg.com%252Fauto%252F492x328%252Fimage%252Ftesr%252F1189%252F189%252Frect_63dce9a44c73ft1675422116r802.jpg&skin_id=2&vertical_id=40&real_bid=0.00031770043816650283&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&label_ids=83,90,40&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=6d15dfee-7185-4df3-83e1-4acd6d7cf5da&format=default-slide_SHQ-b_r-body
IP 94.130.198.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=3919411124075335134&pid=0&site=native-push-mainstream&sc=NO&usage_type=DCH&subid=416473681&sid=2517504367&cid=14006&price=0.00047595571260899305&is_cpm=0&cpm=0&ecpm=0.00023966624881891548&crid=&crtid=5e38ae248ad402ffccb830d047480273&tcid=0&out_id=0&ver=8.24.1&ver_c=&refdom=kagabei.xyz&hostname=auc-inpage-hz-2-b&site_id=3126103&spot_id=26103&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1675656559&created_at=2023-02-05&is_native=1&auction_queue=0&burl=Q7BcGMUYliX8TFqBEcswNkFSq4ZR2_CgLlPFpPCfmV4_ziExadBynQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7326103&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB24-24&min_cpm=5.4051755725190836e-05&placement_type_id=&skin_test=0&verify_hash=73d3f37cd622360ea1f6417fbcff1208&score=66.95658281062643&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D416473681%26spot_id%3D26103%26is_adult%3D0%26p%3Dhttps%253A%252F%252Fkagabei.xyz%252F%26idzone%3D0%26sid%3D1885&ml=&tag_ab=d&original_bid=0.00047595571260899305&user_fp=0&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=0YcJlxJhtLxSavymb81TNNPkltg10ibpFph3j0_Sf-JzJdyXCWs16OS7aWGf8u8yalWUEy6srlZm1_ArkVG2rzcSIe2wig3LPmFfQjJ6JtY_5sb-2DM_CXSES-WJ-BTcJ6MWvgq4QOPbXksb-fPpZqMHsrzzz63APZwX6I0RbVCeGJfa2A6XoDN59n_SH8JRjr8w1Td-0CzA055BjA2vpj7iUFD5w1DLBDHPq3aetv8Z_kXJAUA9aQwPz1lXuhYMPm3rI2PVXMLwLZY3eQIg-NS8CuaFVoiQFiO9tHUo8yEIj_ugnztdQL-tepNzWar-V-aRfZrY8-k1qJp9061QUrjEU7Zvpx0f4VgqAJN89TeDSbRDlgRVM7w53PYmD40b1mOJPGyI3tsbYbRl36xFL-b7O3jlwhNWcTVC1bOXXcY8CbWi3ZGly3S-SfzSnZgvEvZw0FuWhL6DAM3ATdxWhdR8P7ZUzY1xFeMnmd-72ode9CvgxhR5UGeouLf6CfjuLsdVyaCK12Tizx-jaLwZt73qjlfMBdcvaLDSfqBZjA1qIzqr0gxnS2atouVHzBILcWzTeyuUt_inVkdRX-KuduFuK5KCSiHLmNJY0_-3OVUBXEyi8chFK-TOhezyJJeAaOo7LX--a4T3DNnoPCOMFfrRBeWS9DcqvTEGeeivdoCKuBGOU-JjSV_A9FGM1k5zEhahQGiwdCjdvvU3R9uCrscZxsj7cbG5JOC-XSekj0JMqMWQQE69ZBbUAIUEPi69botWAMfUvLZJ9lS8aNaLcgFzGf0Cf9btmyd4zFcZM5hvFT4NENFbYwgwBRH4E7ifq7Sv4EsnTogNSZvzAywIQOTNPcjhNIoMrY8-0dLqBzDrjRklg-bJAkZNBiLUvGN-aAcqVfcS7X26v5Cbe7FEgj6MJc3mn6KlSkPXDA3ju3kiob7nO3vgr_0S7AOBbPwBCygCAywR_vvX3MhNdcwfXI4Ez-pbCirj0l0GPTtF09GwUqs9_9Rtq51_cn8b-Wsg1uHum6chmzKoBUcp_EZtT7p0nmvOtfdmFCRdVtwoYLu14jQKa2Gm57gQnj0oWsLvUT5KrpXs1fHMiefCd2VnlRbKunbeQMtpn1yG_Ks-Ks4kcGQrqrqFXh-txiSxtQNFLQ&image_url=https%3A%2F%2Fs.viitodut.com%2Fn%2F1557%2Fpniesytfbv6f4athpjzfkyclmjqqc6s3azxxo62zm5eggkbf2h6tqxrjfvkweglcmfpfw3qem54xuudiifglrls5jhcyxxh3tgxypk5nhf4w2csgd7pg2caqgt55fqpas7rmbfvlkeilxboe25xufvu3uo5vkabk3a4rgymx2c3us6k2jfkfeohj6cv764add4uxqvcshbewtqtjz5fgbwdzl3bdtb75gxte5ipboxaflebtrfujpufxjgwfc37dqmajy2byqhwhbbcrwwmb4bnbna4kwts422aubdkqhbewtewp23rf56dznprdsswrgm7z6stlrb46nd4s4fvnev75s3f7q654km43w2bramoa72csbfuvr37kdhlwtx2jmd5huvyhnmg5smfoqwu26u52kyjdcsljgl3nnuwin5uqn2rggsabj53qblslwklmmqexmvtdkzhuwykqpcsg2ukjnezpnvwszbxqsbxkey2iafhxodbgbvmtavva46cwbwpe2o5tkj4iyub2vfv3nxmazjtnu624gqgxyccqmr5hx4ktpp2fcrxbniz6mtcdsfj2lwxvtzf6wnsui5fpcvhlk3fdysgjg24zrn77k3ifau4ijwpo7rp74ogje6xmk3aihc74kwku623cjvswkdlzluawa6hlmriq%3D%3D%3D%3D%3Ff%3Dhttps%253A%252F%252Fi.cdnkimg.com%252Fauto%252F492x328%252Fimage%252Ftesr%252F1189%252F189%252Frect_63dce9a44c73ft1675422116r802.jpg&skin_id=2&vertical_id=40&real_bid=0.00031770043816650283&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=&label_ids=83,90,40&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=6d15dfee-7185-4df3-83e1-4acd6d7cf5da&format=default-slide_SHQ-b_r-body HTTP/1.1
Host: 0f6e7d3222.ba33938e50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 04:09:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b57b28b3b762d94d2c1f323db3c76524
f80114993efefdb22b98a19a4ce20b6510b621fc
405379e7f1c2af9cd11d897e88237e0cb61d0fda3123c090d49932d295f18975
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "405379E7F1C2AF9CD11D897E88237E0CB61D0FDA3123C090D49932D295F18975"
Last-Modified: Fri, 03 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10964
Expires: Sun, 05 Feb 2023 07:12:04 GMT
Date: Sun, 05 Feb 2023 04:09:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b57b28b3b762d94d2c1f323db3c76524
f80114993efefdb22b98a19a4ce20b6510b621fc
405379e7f1c2af9cd11d897e88237e0cb61d0fda3123c090d49932d295f18975
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "405379E7F1C2AF9CD11D897E88237E0CB61D0FDA3123C090D49932D295F18975"
Last-Modified: Fri, 03 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8744
Expires: Sun, 05 Feb 2023 06:35:04 GMT
Date: Sun, 05 Feb 2023 04:09:20 GMT
Connection: keep-alive
sw.wpush.org/ps/sw.js
45.133.44.24200 OK 1.8 kB IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (5516), with no line terminators
Hash b84c3df63522b5774e068693cff05b61
87c6d8ca6ee6d308faa8b5aa22793774660e7f29
67018bf78daadb61952675af92eb06ecc2c8728e27d992f5b0082b5ca1c5b52b
GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:20 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-158c"
content-encoding: gzip
expires: Sun, 05 Feb 2023 04:14:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.viitodut.com/n/1557/pniesytfbv6f4athpjzfkyclmjqqc6s3azxxo62zm5eggkbf2h6tqxrjfvkweglcmfpfw3qem54xuudiifglrls5jhcyxxh3tgxypk5nhf4w2csgd7pg2caqgt55fqpas7rmbfvlkeilxboe25xufvu3uo5vkabk3a4rgymx2c3us6k2jfkfeohj6cv764add4uxqvcshbewtqtjz5fgbwdzl3bdtb75gxte5ipboxaflebtrfujpufxjgwfc37dqmajy2byqhwhbbcrwwmb4bnbna4kwts422aubdkqhbewtewp23rf56dznprdsswrgm7z6stlrb46nd4s4fvnev75s3f7q654km43w2bramoa72csbfuvr37kdhlwtx2jmd5huvyhnmg5smfoqwu26u52kyjdcsljgl3nnuwin5uqn2rggsabj53qblslwklmmqexmvtdkzhuwykqpcsg2ukjnezpnvwszbxqsbxkey2iafhxodbgbvmtavva46cwbwpe2o5tkj4iyub2vfv3nxmazjtnu624gqgxyccqmr5hx4ktpp2fcrxbniz6mtcdsfj2lwxvtzf6wnsui5fpcvhlk3fdysgjg24zrn77k3ifau4ijwpo7rp74ogje6xmk3aihc74kwku623cjvswkdlzluawa6hlmriq====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fimage%2Ftesr%2F1189%2F189%2Frect_63dce9a44c73ft1675422116r802.jpg
185.196.197.130302 Found 0 B URL HTTP/2 s.viitodut.com/n/1557/pniesytfbv6f4athpjzfkyclmjqqc6s3azxxo62zm5eggkbf2h6tqxrjfvkweglcmfpfw3qem54xuudiifglrls5jhcyxxh3tgxypk5nhf4w2csgd7pg2caqgt55fqpas7rmbfvlkeilxboe25xufvu3uo5vkabk3a4rgymx2c3us6k2jfkfeohj6cv764add4uxqvcshbewtqtjz5fgbwdzl3bdtb75gxte5ipboxaflebtrfujpufxjgwfc37dqmajy2byqhwhbbcrwwmb4bnbna4kwts422aubdkqhbewtewp23rf56dznprdsswrgm7z6stlrb46nd4s4fvnev75s3f7q654km43w2bramoa72csbfuvr37kdhlwtx2jmd5huvyhnmg5smfoqwu26u52kyjdcsljgl3nnuwin5uqn2rggsabj53qblslwklmmqexmvtdkzhuwykqpcsg2ukjnezpnvwszbxqsbxkey2iafhxodbgbvmtavva46cwbwpe2o5tkj4iyub2vfv3nxmazjtnu624gqgxyccqmr5hx4ktpp2fcrxbniz6mtcdsfj2lwxvtzf6wnsui5fpcvhlk3fdysgjg24zrn77k3ifau4ijwpo7rp74ogje6xmk3aihc74kwku623cjvswkdlzluawa6hlmriq====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fimage%2Ftesr%2F1189%2F189%2Frect_63dce9a44c73ft1675422116r802.jpg
IP 185.196.197.130:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /n/1557/pniesytfbv6f4athpjzfkyclmjqqc6s3azxxo62zm5eggkbf2h6tqxrjfvkweglcmfpfw3qem54xuudiifglrls5jhcyxxh3tgxypk5nhf4w2csgd7pg2caqgt55fqpas7rmbfvlkeilxboe25xufvu3uo5vkabk3a4rgymx2c3us6k2jfkfeohj6cv764add4uxqvcshbewtqtjz5fgbwdzl3bdtb75gxte5ipboxaflebtrfujpufxjgwfc37dqmajy2byqhwhbbcrwwmb4bnbna4kwts422aubdkqhbewtewp23rf56dznprdsswrgm7z6stlrb46nd4s4fvnev75s3f7q654km43w2bramoa72csbfuvr37kdhlwtx2jmd5huvyhnmg5smfoqwu26u52kyjdcsljgl3nnuwin5uqn2rggsabj53qblslwklmmqexmvtdkzhuwykqpcsg2ukjnezpnvwszbxqsbxkey2iafhxodbgbvmtavva46cwbwpe2o5tkj4iyub2vfv3nxmazjtnu624gqgxyccqmr5hx4ktpp2fcrxbniz6mtcdsfj2lwxvtzf6wnsui5fpcvhlk3fdysgjg24zrn77k3ifau4ijwpo7rp74ogje6xmk3aihc74kwku623cjvswkdlzluawa6hlmriq====?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fimage%2Ftesr%2F1189%2F189%2Frect_63dce9a44c73ft1675422116r802.jpg HTTP/1.1
Host: s.viitodut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Sun, 05 Feb 2023 04:09:20 GMT
content-length: 0
location: https://i.cdnkimg.com/auto/492x328/image/tesr/1189/189/rect_63dce9a44c73ft1675422116r802.jpg
X-Firefox-Spdy: h2
notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fkagabei.xyz%2F&tcid=0&spot_id=13227&site=tcpublisher&source_id=0
94.130.197.140200 OK 0 B URL HTTP/2 notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fkagabei.xyz%2F&tcid=0&spot_id=13227&site=tcpublisher&source_id=0
IP 94.130.197.140:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/subscription-offers?href=https%3A%2F%2Fkagabei.xyz%2F&tcid=0&spot_id=13227&site=tcpublisher&source_id=0 HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 05 Feb 2023 04:09:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?mlf=1&cpa=5bf7ea21-0214-4ae5-a14c-cc947e6a6d2b&mlc=1&format=default-slide_SHQ-b_r-body
88.198.209.34200 OK 590 B URL HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?mlf=1&cpa=5bf7ea21-0214-4ae5-a14c-cc947e6a6d2b&mlc=1&format=default-slide_SHQ-b_r-body
IP 88.198.209.34:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?mlf=1&cpa=5bf7ea21-0214-4ae5-a14c-cc947e6a6d2b&mlc=1&format=default-slide_SHQ-b_r-body HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 05 Feb 2023 04:09:20 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
88.198.209.34200 OK 590 B URL HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP 88.198.209.34:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 05 Feb 2023 04:09:20 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bf828a0cebeb89c6322dc9204863e622
c5bdc8378ae47836359dfdcf67068e3553c49928
8ec17c6a7238b91ffbea9a2333d605f09eb84452b981ea88e5c619f82080ab3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EC17C6A7238B91FFBEA9A2333D605F09EB84452B981EA88E5C619F82080AB3E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=434
Expires: Sun, 05 Feb 2023 04:16:34 GMT
Date: Sun, 05 Feb 2023 04:09:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bf828a0cebeb89c6322dc9204863e622
c5bdc8378ae47836359dfdcf67068e3553c49928
8ec17c6a7238b91ffbea9a2333d605f09eb84452b981ea88e5c619f82080ab3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EC17C6A7238B91FFBEA9A2333D605F09EB84452B981EA88E5C619F82080AB3E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=434
Expires: Sun, 05 Feb 2023 04:16:34 GMT
Date: Sun, 05 Feb 2023 04:09:20 GMT
Connection: keep-alive
i.cdnkimg.com/auto/492x328/image/tesr/1189/189/rect_63dce9a44c73ft1675422116r802.jpg
45.133.44.37200 OK 82 kB URL HTTP/2 i.cdnkimg.com/auto/492x328/image/tesr/1189/189/rect_63dce9a44c73ft1675422116r802.jpg
IP 45.133.44.37:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 492x328, components 3\012- data
Hash 63b1689d9a7daae7d7ec712db40095fd
4008bd983af3322871d8331fcc70a483d1d9ba5e
08ef9c3311cab3d2b855c64b8c8483910d927e6bbeb5eab8ca0cbd584d84924d
GET /auto/492x328/image/tesr/1189/189/rect_63dce9a44c73ft1675422116r802.jpg HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:20 GMT
content-type: image/jpeg
content-length: 81773
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: HIT
expires: Sun, 19 Feb 2023 04:09:20 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
048a2da360.3819544f76.com/4fb911ef80cd13b9a4b144d0c0155e41.js
45.133.44.25200 OK 0 B URL HTTP/2 048a2da360.3819544f76.com/4fb911ef80cd13b9a4b144d0c0155e41.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /4fb911ef80cd13b9a4b144d0c0155e41.js HTTP/1.1
Host: 048a2da360.3819544f76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 07 Dec 2022 08:28:22 GMT
etag: W/"63904ea6-16019"
content-encoding: gzip
expires: Sun, 05 Feb 2023 04:14:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
048a2da360.3819544f76.com/ea82ffde911566022d15ea9fae99b275.js
45.133.44.25200 OK 0 B URL HTTP/2 048a2da360.3819544f76.com/ea82ffde911566022d15ea9fae99b275.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /ea82ffde911566022d15ea9fae99b275.js HTTP/1.1
Host: 048a2da360.3819544f76.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 03 Feb 2023 12:56:56 GMT
etag: W/"63dd0498-4fa40"
content-encoding: gzip
expires: Sun, 05 Feb 2023 04:14:18 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/common/core.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/common/core.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/common/core.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kagabei.xyz/
Origin: https://kagabei.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:19 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-1bf5c"
content-encoding: gzip
expires: Sun, 05 Feb 2023 04:14:19 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push/styles.css
45.133.44.24200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/push/styles.css
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/push/styles.css HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:20 GMT
content-type: text/css
server: nginx/1.18.0
last-modified: Tue, 30 Aug 2022 09:15:33 GMT
etag: W/"630dd535-10f4"
content-encoding: gzip
expires: Sun, 05 Feb 2023 04:14:20 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sw.wpush.org/ps/sw.js
45.133.44.25200 OK 0 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /ps/sw.js HTTP/1.1
Host: sw.wpush.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kagabei.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Feb 2023 04:09:19 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 26 Jan 2023 12:22:57 GMT
etag: W/"63d270a1-158c"
content-encoding: gzip
expires: Sun, 05 Feb 2023 04:14:19 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2