atomohd.live/
104.21.4.184301 Moved Permanently 0 B IP 104.21.4.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: atomohd.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 12:01:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 13:01:21 GMT
Location: https://atomohd.live/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmjYJKX2UUACCWrA3Nau05eCoJG3X5%2F5o0%2FQ%2FDsKuQQmS1Eq0t%2F83pSUnPbbeTJpxjkTdLcury1qyYnh1wPZ8zNlEuoCst4cCUbeI5bBivk38U%2BmYLEhV0cAFAicyug%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 74d22a8a98b2b518-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 11:12:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AxDLaCBwy0LrR8r5tmgNtlR235SNHpIUoDiuJ09IHwvix201dk0PnQ==
Age: 2921
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16283
Expires: Mon, 19 Sep 2022 16:32:44 GMT
Date: Mon, 19 Sep 2022 12:01:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 19c_Rhu58hTDsCxHHhU9r0BDtk0WSiOs_PPQg8ViMl4-_S5KorjPNA==
age: 26768
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c96f7dfec42cbf22f2d4c3647f3dcbe2
986046996b0561e23efea874b81797e6eb61c6e6
a2f72bdb1df6a6e86338b9fb782c7f7df00f5dbfa590c762eec5442d456660ac
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A2F72BDB1DF6A6E86338B9FB782C7F7DF00F5DBFA590C762EEC5442D456660AC"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14563
Expires: Mon, 19 Sep 2022 16:04:04 GMT
Date: Mon, 19 Sep 2022 12:01:21 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 12:01:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 11:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 11:20:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RWUybc-tOq0jE4bGRU7_YBXCpcM1STIQ3DTh0-nJa9-EKGjAQ6dNWQ==
Age: 3479
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c96f7dfec42cbf22f2d4c3647f3dcbe2
986046996b0561e23efea874b81797e6eb61c6e6
a2f72bdb1df6a6e86338b9fb782c7f7df00f5dbfa590c762eec5442d456660ac
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A2F72BDB1DF6A6E86338B9FB782C7F7DF00F5DBFA590C762EEC5442D456660AC"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14563
Expires: Mon, 19 Sep 2022 16:04:04 GMT
Date: Mon, 19 Sep 2022 12:01:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5988
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 12:01:22 GMT
Last-Modified: Mon, 19 Sep 2022 10:21:34 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2f6cd28a1f8817e94aa5c110d45bb6b2
aaa9f88e40b0e9fd25e4152d2ec0facc01c7b3fb
1edf982b4e247700a40ccd716911f983bc8f8b5abf9c90406321b3eb893b50d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EDF982B4E247700A40CCD716911F983BC8F8B5ABF9C90406321B3EB893B50D9"
Last-Modified: Sat, 17 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5596
Expires: Mon, 19 Sep 2022 13:34:38 GMT
Date: Mon, 19 Sep 2022 12:01:22 GMT
Connection: keep-alive
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +zuOfjSzjJs3nykgT0NagA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b3GWfCUDdKvt4NC3KxadtAk14LE=
priseloos.com/rycoltcALCOq2/42289
23.109.248.166200 OK 25 B URL HTTP/1.1 priseloos.com/rycoltcALCOq2/42289
IP 23.109.248.166:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
Analyzer Verdict Alert quad9 Sinkholed
GET /rycoltcALCOq2/42289 HTTP/1.1
Host: priseloos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 12:01:22 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://atomohd.live
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 20-Sep-2022 12:01:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 20-Sep-2022 12:01:22 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
d2q9y3krdwohfj.cloudfront.net/?rkyqd=793703
54.230.245.104200 OK 68 kB URL HTTP/2 d2q9y3krdwohfj.cloudfront.net/?rkyqd=793703
IP 54.230.245.104:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash 53751ba5f875cc474c40caef4b8eb7f9
32a31806f48fc787c44b6b8b6394608349ddf5f5
90f782a5c5b8acfd776a75d5783f284faf2405370e3719a3c2b46ffbb6807232
GET /?rkyqd=793703 HTTP/1.1
Host: d2q9y3krdwohfj.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68479
date: Mon, 19 Sep 2022 12:01:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zq8BpcLWCkoLyTvQWwVaPta-cxTkoQJlpH91aYHTjKaEJ1PiIZ2zig==
X-Firefox-Spdy: h2
d2vwl2vhlatm2f.cloudfront.net/?vlwvd=959656
54.230.245.9200 OK 54 kB URL HTTP/2 d2vwl2vhlatm2f.cloudfront.net/?vlwvd=959656
IP 54.230.245.9:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash a5163a7b80c8bc48e4792ed754e84873
9f86cbacc085c8d9860290f283b5cfecb23f7e98
9bdf54a512e6142042d3fde8b39de288db5a88a8ad41395978c5b0fa547c2ee8
GET /?vlwvd=959656 HTTP/1.1
Host: d2vwl2vhlatm2f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 53930
date: Mon, 19 Sep 2022 12:01:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4paFe3F1-GrmV1-08zg6F2VUaA_XiJ-2qqdvMlvV_zkyDXm25xz0jQ==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 166 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 810x1200, components 3\012- data
Size 166 kB (166141 bytes)
Hash 0b297a914c387288afcc3727cea82383
487ae5e5b2d156e3b0182271f5943d84b504d9a2
467cf0364ae6150d5cbe5cc1fb7435d0e5aa2a9f957f87f4b94efce6960d5e46
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "343CC9B2B0988E69B927317629AEEEEB2DB7D683FDF81A051758CE88067811FE"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18635
Expires: Mon, 19 Sep 2022 17:11:57 GMT
Date: Mon, 19 Sep 2022 12:01:22 GMT
Connection: keep-alive
kuleqasfors.one/ZXFRWDdKTjIrCgYmPSlVMisZD2FUKwQdcTcpPWFkNjc9AWAzMHcsXgFMaG0OU0RnfkcMFWxpERYFMCxCFkxgfl4LFz5lERNMYHYEUV9jYBlUVyRlBkMFITlQWEB3KEMRHWxpAVNCZGAPXUdiagRc
172.67.151.184204 No Content 0 B URL HTTP/2 kuleqasfors.one/ZXFRWDdKTjIrCgYmPSlVMisZD2FUKwQdcTcpPWFkNjc9AWAzMHcsXgFMaG0OU0RnfkcMFWxpERYFMCxCFkxgfl4LFz5lERNMYHYEUV9jYBlUVyRlBkMFITlQWEB3KEMRHWxpAVNCZGAPXUdiagRc
IP 172.67.151.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZXFRWDdKTjIrCgYmPSlVMisZD2FUKwQdcTcpPWFkNjc9AWAzMHcsXgFMaG0OU0RnfkcMFWxpERYFMCxCFkxgfl4LFz5lERNMYHYEUV9jYBlUVyRlBkMFITlQWEB3KEMRHWxpAVNCZGAPXUdiagRc HTTP/1.1
Host: kuleqasfors.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 19 Sep 2022 12:01:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OX%2BkWR1r1k2%2BsQ1v1Fo8twxuIkumpR23AvpzGibRuKraGUhQ3V97FXTqrtefmENMkuLHk2ds%2FLRlI8oh8N41fgj7J2QECLL9VCgl3%2Fj7uQpNrpxY%2BObKOPw0FBfG6H0jIXs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d22a945e1eb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kuleqasfors.one/aXVZVDZGSjonCwgiHw1lWi8DA3ERDwtlAzwUAR5yPiMPJFMsIH8gXw1Ibm0FXkVqckYAEWRlEBoBOCBDGkhocl8HEzZpEB9IaHoFXVtrbBhYUyxpB08BKTVRVER/JEIdGWRlAF9GbGwOUUNqZgFR
172.67.151.184204 No Content 135 kB URL HTTP/2 kuleqasfors.one/aXVZVDZGSjonCwgiHw1lWi8DA3ERDwtlAzwUAR5yPiMPJFMsIH8gXw1Ibm0FXkVqckYAEWRlEBoBOCBDGkhocl8HEzZpEB9IaHoFXVtrbBhYUyxpB08BKTVRVER/JEIdGWRlAF9GbGwOUUNqZgFR
IP 172.67.151.184:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 829x1200, components 3\012- data
Size 135 kB (134831 bytes)
Hash b4d35cde50cb7ec32b47204edefe0e81
b30daea7219a02b5b5d097ab8e5c53ca2497161d
3d424db01d525595a9284bb6068950f71992392b9487ffbac209cc15fa0dc1d6
GET /aXVZVDZGSjonCwgiHw1lWi8DA3ERDwtlAzwUAR5yPiMPJFMsIH8gXw1Ibm0FXkVqckYAEWRlEBoBOCBDGkhocl8HEzZpEB9IaHoFXVtrbBhYUyxpB08BKTVRVER/JEIdGWRlAF9GbGwOUUNqZgFR HTTP/1.1
Host: kuleqasfors.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 19 Sep 2022 12:01:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCo6WIbFaOegkwYLuedBUzrNhnBVm5mD2yzEXk%2BPSRTR4qNyWGChlk%2B2UsQG4Nu84Jxzy4d3aUv1tBpGapqCwdgmj8CPlPm1VL7hAB91wNa3Uld%2Bt9RPkP9IJAQjFj53TZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d22a945e20b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
heriverafte.xyz/dXZMdWoUFC8YVRRLLlMfBxpxUFgzU34zDkcAOxlYAx4gFB4YRCpbCRkZOREMBxkiAUQbEzhQWDMcFSAeNiIgGik/NTsaMCcjJT8EOxwaPSBFE34NIjwiCR0kNzB+MRIvBQ4mWgEQCwYzMjEdQyM0IH4WBxJEDTY/GRV/Ai8/JQoPC0UVPT8DDRgaIlpHJiYgIREcBU0mNE42OTkeTw8cIB45NgEJPx98RScCRiI8WAEZBkZfBhAiTD4QRCNHC0Q0ORY7DVN+Mz9GBTk/ECQjAUcOTRckGRARNAoGPCJDNDEiTCIpDytBEH08IRBFJEU/IjwiEy0aMQAcRzAaAiA4QDQEDRsgPjgMDEcGHRcEN1N+Nzo0EXk/ExJHCyJfAjULOzIvLgYaJkQOelMABhkiBVc4LnoRDBpEfQw5
108.157.214.123200 OK 1.2 kB URL HTTP/2 heriverafte.xyz/dXZMdWoUFC8YVRRLLlMfBxpxUFgzU34zDkcAOxlYAx4gFB4YRCpbCRkZOREMBxkiAUQbEzhQWDMcFSAeNiIgGik/NTsaMCcjJT8EOxwaPSBFE34NIjwiCR0kNzB+MRIvBQ4mWgEQCwYzMjEdQyM0IH4WBxJEDTY/GRV/Ai8/JQoPC0UVPT8DDRgaIlpHJiYgIREcBU0mNE42OTkeTw8cIB45NgEJPx98RScCRiI8WAEZBkZfBhAiTD4QRCNHC0Q0ORY7DVN+Mz9GBTk/ECQjAUcOTRckGRARNAoGPCJDNDEiTCIpDytBEH08IRBFJEU/IjwiEy0aMQAcRzAaAiA4QDQEDRsgPjgMDEcGHRcEN1N+Nzo0EXk/ExJHCyJfAjULOzIvLgYaJkQOelMABhkiBVc4LnoRDBpEfQw5
IP 108.157.214.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash 5cacf264581d833fb2d7cd06af490838
60eba4b5092f2620e594a414153fa12b0d9e1e94
15fbe6ca14aa296077d164bf7ed72ffc4f990c9b8e4e6ae3a11291b82f1de657
GET /dXZMdWoUFC8YVRRLLlMfBxpxUFgzU34zDkcAOxlYAx4gFB4YRCpbCRkZOREMBxkiAUQbEzhQWDMcFSAeNiIgGik/NTsaMCcjJT8EOxwaPSBFE34NIjwiCR0kNzB+MRIvBQ4mWgEQCwYzMjEdQyM0IH4WBxJEDTY/GRV/Ai8/JQoPC0UVPT8DDRgaIlpHJiYgIREcBU0mNE42OTkeTw8cIB45NgEJPx98RScCRiI8WAEZBkZfBhAiTD4QRCNHC0Q0ORY7DVN+Mz9GBTk/ECQjAUcOTRckGRARNAoGPCJDNDEiTCIpDytBEH08IRBFJEU/IjwiEy0aMQAcRzAaAiA4QDQEDRsgPjgMDEcGHRcEN1N+Nzo0EXk/ExJHCyJfAjULOzIvLgYaJkQOelMABhkiBVc4LnoRDBpEfQw5 HTTP/1.1
Host: heriverafte.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1168
date: Mon, 19 Sep 2022 12:01:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: iIKaLDYSk0UGrCGHlOqD75ATDBfjwmTAsStj-BUnONk0kxOTqADnSw==
X-Firefox-Spdy: h2
kuleqasfors.one/SktMT3pldC88Ryl4Cjs3DicJHjw9DQgaIAIcHQ4zGXsKKjsLLGo7Ey52e3ZJfXt0aQojL3F+Qmw4OC4OPzhxflwjJSogR2w9cX5UemV9YUlsPnF+XD47LShHe208Ow4mdn15THl+dHdCfHh/f04
172.67.151.184204 No Content 161 kB URL HTTP/2 kuleqasfors.one/SktMT3pldC88Ryl4Cjs3DicJHjw9DQgaIAIcHQ4zGXsKKjsLLGo7Ey52e3ZJfXt0aQojL3F+Qmw4OC4OPzhxflwjJSogR2w9cX5UemV9YUlsPnF+XD47LShHe208Ow4mdn15THl+dHdCfHh/f04
IP 172.67.151.184:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 809x1200, components 3\012- data
Size 161 kB (160904 bytes)
Hash 1ab427e9b7810a85f20b1de6357cb056
7a4ead3ee2e146c1b83765071ad3beae079788e4
22e68a260a0c97871d1f134e142c6bcf4d3a03b51b110ac837c7655bea36f768
GET /SktMT3pldC88Ryl4Cjs3DicJHjw9DQgaIAIcHQ4zGXsKKjsLLGo7Ey52e3ZJfXt0aQojL3F+Qmw4OC4OPzhxflwjJSogR2w9cX5UemV9YUlsPnF+XD47LShHe208Ow4mdn15THl+dHdCfHh/f04 HTTP/1.1
Host: kuleqasfors.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 19 Sep 2022 12:01:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRAsA1kvOJS1sFXwMJ8hxKmTWKQOutDRquzveP5Cf%2Bi3oV30lUgd42x5EaZVOHdXq2PiGHX%2FTdKdWc8nefJJo6UPO%2FEqlpRrXpDzf7VjRHydoSHt%2FS6UgJZNH0zRnfRdJfk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d22a947e36b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
heriverafte.xyz/dWZqdVQUBAkYaxRbCFMhBwpXUGYzQ1gzMEcXUwxnHhQOAjsdAABbNxkJHxEyBwkEAXobAx5QZjMROyEGAQcHHj0iESc4Ah8wDjYCEQMPNDAUMQYFOi0OXjMWDyMgPwAGCS4iATw2EwIMETcnJBcbJDs3AQICJUQWJDEBTSAjNyc7AjICODQjGTMJNx04Ig0BbDQjGRATJlMMIBUkKiEjDTonDTBkIwE8OBw2JyA0FSAyITMzNyVaDS4WCgIwAyI3LS0BPDQJNAI8MTkBPzcKWjIVNl8oMwFMBAkgLCM+Li9nNCMCLx9HNy0tBhIAMDQ3BjNbTCI3I0cnBCJVLCEXNA0pOTwzACYzIA0kPEQ1Ii4vMwczDjA/ZUUALgJsADIvHQ05VQ02BUQWOjsVGQVMHycaCBpIHCQnJiQxICM8NDoPBVsRPA
108.157.214.123200 OK 126 kB URL HTTP/2 heriverafte.xyz/dWZqdVQUBAkYaxRbCFMhBwpXUGYzQ1gzMEcXUwxnHhQOAjsdAABbNxkJHxEyBwkEAXobAx5QZjMROyEGAQcHHj0iESc4Ah8wDjYCEQMPNDAUMQYFOi0OXjMWDyMgPwAGCS4iATw2EwIMETcnJBcbJDs3AQICJUQWJDEBTSAjNyc7AjICODQjGTMJNx04Ig0BbDQjGRATJlMMIBUkKiEjDTonDTBkIwE8OBw2JyA0FSAyITMzNyVaDS4WCgIwAyI3LS0BPDQJNAI8MTkBPzcKWjIVNl8oMwFMBAkgLCM+Li9nNCMCLx9HNy0tBhIAMDQ3BjNbTCI3I0cnBCJVLCEXNA0pOTwzACYzIA0kPEQ1Ii4vMwczDjA/ZUUALgJsADIvHQ05VQ02BUQWOjsVGQVMHycaCBpIHCQnJiQxICM8NDoPBVsRPA
IP 108.157.214.123:0
Size 126 kB (126187 bytes)
Hash 1ddef964508db31c1e9c144a8d3c715f
7172a78a7568b04d37e98d82dda829b202932ab8
b6d0c1e44a97283a42a3cf71cf5a327bb5f3a9fb1974229f61f514225e272ec8
GET /dWZqdVQUBAkYaxRbCFMhBwpXUGYzQ1gzMEcXUwxnHhQOAjsdAABbNxkJHxEyBwkEAXobAx5QZjMROyEGAQcHHj0iESc4Ah8wDjYCEQMPNDAUMQYFOi0OXjMWDyMgPwAGCS4iATw2EwIMETcnJBcbJDs3AQICJUQWJDEBTSAjNyc7AjICODQjGTMJNx04Ig0BbDQjGRATJlMMIBUkKiEjDTonDTBkIwE8OBw2JyA0FSAyITMzNyVaDS4WCgIwAyI3LS0BPDQJNAI8MTkBPzcKWjIVNl8oMwFMBAkgLCM+Li9nNCMCLx9HNy0tBhIAMDQ3BjNbTCI3I0cnBCJVLCEXNA0pOTwzACYzIA0kPEQ1Ii4vMwczDjA/ZUUALgJsADIvHQ05VQ02BUQWOjsVGQVMHycaCBpIHCQnJiQxICM8NDoPBVsRPA HTTP/1.1
Host: heriverafte.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1182
date: Mon, 19 Sep 2022 12:01:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 9xfOh3LRruIjCj8od-YC2TJyw1R1MavQVyHsqTLH5eQn7mwDR2siLg==
X-Firefox-Spdy: h2
heriverafte.xyz/N0RBQ1dWJiIuaFZ5I2UiRSh8ZmVxYXMFMwU1eDpkXDYlNDhfIittNFsrNCcxRSsvN3lZITVmZXEgFC0ZQhcvIC9/BQAwBHQdIAA5UwUgcxVtISp6Z3AWcS8QZA4OAAZAMRE5IFYBJnczehIuMAVfHRcLAEAACgEzYyEtBnIFBgQkFkMXLxIAdgctCA4GEREPP2EyE3MwEnYHBToPIQAXFlIUKXsHVXQUFgVcBncWOnUAEykdcB1wGTN0AgskBkANKwQEVAgScD9/Dyo3DnERBy4BW3QIFjp1AAkHL2QdFQkPUQItKgBcMHURLWITBRASbiBxBjhSASUpBgZpdHQFBQoWGx9YFg40EnsIAyQmYSg2DgNaFiUbOkAHI3MeES4yLDlHeSYFDloLNRsueAZ1JWZzIjI
108.157.214.123200 OK 1.2 kB URL HTTP/2 heriverafte.xyz/N0RBQ1dWJiIuaFZ5I2UiRSh8ZmVxYXMFMwU1eDpkXDYlNDhfIittNFsrNCcxRSsvN3lZITVmZXEgFC0ZQhcvIC9/BQAwBHQdIAA5UwUgcxVtISp6Z3AWcS8QZA4OAAZAMRE5IFYBJnczehIuMAVfHRcLAEAACgEzYyEtBnIFBgQkFkMXLxIAdgctCA4GEREPP2EyE3MwEnYHBToPIQAXFlIUKXsHVXQUFgVcBncWOnUAEykdcB1wGTN0AgskBkANKwQEVAgScD9/Dyo3DnERBy4BW3QIFjp1AAkHL2QdFQkPUQItKgBcMHURLWITBRASbiBxBjhSASUpBgZpdHQFBQoWGx9YFg40EnsIAyQmYSg2DgNaFiUbOkAHI3MeES4yLDlHeSYFDloLNRsueAZ1JWZzIjI
IP 108.157.214.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3006), with no line terminators
Hash 8e2b42d274866ff67dde927d17550f38
e2a66fa060989cc986e925f6a634b66ef9169772
b9959d63db94ea8d22c8805a762934745b1b62526359af2d095eaf01dd9f366b
GET /N0RBQ1dWJiIuaFZ5I2UiRSh8ZmVxYXMFMwU1eDpkXDYlNDhfIittNFsrNCcxRSsvN3lZITVmZXEgFC0ZQhcvIC9/BQAwBHQdIAA5UwUgcxVtISp6Z3AWcS8QZA4OAAZAMRE5IFYBJnczehIuMAVfHRcLAEAACgEzYyEtBnIFBgQkFkMXLxIAdgctCA4GEREPP2EyE3MwEnYHBToPIQAXFlIUKXsHVXQUFgVcBncWOnUAEykdcB1wGTN0AgskBkANKwQEVAgScD9/Dyo3DnERBy4BW3QIFjp1AAkHL2QdFQkPUQItKgBcMHURLWITBRASbiBxBjhSASUpBgZpdHQFBQoWGx9YFg40EnsIAyQmYSg2DgNaFiUbOkAHI3MeES4yLDlHeSYFDloLNRsueAZ1JWZzIjI HTTP/1.1
Host: heriverafte.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1164
date: Mon, 19 Sep 2022 12:01:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gVqI6uXtSK9A5PVXuPVUbaBNoSaTDcFG5ppSTTSWlme3cntDkC5gXA==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 11 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x170, components 3\012- data
Hash 0e7aa2f42256f5bbb14319c45d4e95de
de5531791375cb1187983914ed7e0313789dc91b
42dba0df421e24b453db4ed999cbb34041e0aad86fe51b8febcbc8f5cf8d7f66
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "343CC9B2B0988E69B927317629AEEEEB2DB7D683FDF81A051758CE88067811FE"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18635
Expires: Mon, 19 Sep 2022 17:11:57 GMT
Date: Mon, 19 Sep 2022 12:01:22 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 51 kB IP 104.18.32.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 170x243, components 3\012- data
Hash f8ac4051e12ddeb00128a78860e3d0fb
01f6c087cb6a1528356f7022587d476d6fbb1c69
05d606b8f0ac4f15a16d9ea195d5c48468b8f843e8a16daa3c58c04266281019
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 12:01:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:22:26 GMT
Expires: Sat, 24 Sep 2022 17:22:25 GMT
Etag: "fa1e7f9c4dea40295aedbb6526cd79ac156b1c1b"
Cache-Control: max-age=450662,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d22a95bf31b51e-OSL
d2vwl2vhlatm2f.cloudfront.net/jYUtCTloCJCwoZRUiJnNjVHJ0e2xHITEhNBF2DxZsBS0tfGsYGGQ6IAV2cmg2ACUlc3wEJSFza0cqJixnVW02PjUKdjI8LA8zLSk9CiJkOztcJi00Mw0nI2toJ35sfn9Te2o2a1BucQx/U3suJzQUM2d8ahlzdBFsVW5xDH9TezA4f1IKe3h0UWJnfGoGLi-ElNUR5BHxqUHtyf2pQbnB+PAg5Jyg1GW5wCGNXZXJoL1x6
54.230.245.9200 OK 454 kB URL HTTP/2 d2vwl2vhlatm2f.cloudfront.net/jYUtCTloCJCwoZRUiJnNjVHJ0e2xHITEhNBF2DxZsBS0tfGsYGGQ6IAV2cmg2ACUlc3wEJSFza0cqJixnVW02PjUKdjI8LA8zLSk9CiJkOztcJi00Mw0nI2toJ35sfn9Te2o2a1BucQx/U3suJzQUM2d8ahlzdBFsVW5xDH9TezA4f1IKe3h0UWJnfGoGLi-ElNUR5BHxqUHtyf2pQbnB+PAg5Jyg1GW5wCGNXZXJoL1x6
IP 54.230.245.9:0
Size 454 kB (453512 bytes)
Hash 01745e7444f8d598bed5d71e5e97b5fd
9f44764613aa46ea0ceac1ff873cb7e39268f629
ac506ed35a8541cf222e25221ce22dbd94de3efac60ab1ed6222d9fa3f542f92
GET /jYUtCTloCJCwoZRUiJnNjVHJ0e2xHITEhNBF2DxZsBS0tfGsYGGQ6IAV2cmg2ACUlc3wEJSFza0cqJixnVW02PjUKdjI8LA8zLSk9CiJkOztcJi00Mw0nI2toJ35sfn9Te2o2a1BucQx/U3suJzQUM2d8ahlzdBFsVW5xDH9TezA4f1IKe3h0UWJnfGoGLi-ElNUR5BHxqUHtyf2pQbnB+PAg5Jyg1GW5wCGNXZXJoL1x6 HTTP/1.1
Host: d2vwl2vhlatm2f.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heriverafte.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 480
date: Mon, 19 Sep 2022 12:01:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RoP7xThtMMAj-kjyzjrgSK9KMPGEjZwoHKxl4SYWUY2yHRiyIMu0MA==
X-Firefox-Spdy: h2
d2q9y3krdwohfj.cloudfront.net/wQTRtamkiWwMMVjVdCVdeeAdaWlpnXh4FBzEJJTsoDWUIPywXdQMQCnBQBUwdO1BQWk8tVQMNVGdRAwlUcBIMDgt8AEseGS5fUAQLKVYOAgE0VgVMHCAJAAUTKFgBC0xzclhEWWQGXUIRcAVIWStkBl0GAC9BFU9bcUxVXDZ3AEhZK2QGXRgfZAcsU19vBE-RPW3FTCAkCLhFfLFtxBV1aWHEFSFhZJ10fDw8uTEhYL3gCQ1pPNAlc
54.230.245.104200 OK 27 kB URL HTTP/2 d2q9y3krdwohfj.cloudfront.net/wQTRtamkiWwMMVjVdCVdeeAdaWlpnXh4FBzEJJTsoDWUIPywXdQMQCnBQBUwdO1BQWk8tVQMNVGdRAwlUcBIMDgt8AEseGS5fUAQLKVYOAgE0VgVMHCAJAAUTKFgBC0xzclhEWWQGXUIRcAVIWStkBl0GAC9BFU9bcUxVXDZ3AEhZK2QGXRgfZAcsU19vBE-RPW3FTCAkCLhFfLFtxBV1aWHEFSFhZJ10fDw8uTEhYL3gCQ1pPNAlc
IP 54.230.245.104:0
Hash ba37f59056ee667b3ef7c0d4f8d2f4d4
743bcd40deb72356ea0ea0241111fb17ad65b1ee
63eea2f2b4f894aec11bf79ba2a412fd231b8f34defb1eeb80cf2991b7bf2cb0
GET /wQTRtamkiWwMMVjVdCVdeeAdaWlpnXh4FBzEJJTsoDWUIPywXdQMQCnBQBUwdO1BQWk8tVQMNVGdRAwlUcBIMDgt8AEseGS5fUAQLKVYOAgE0VgVMHCAJAAUTKFgBC0xzclhEWWQGXUIRcAVIWStkBl0GAC9BFU9bcUxVXDZ3AEhZK2QGXRgfZAcsU19vBE-RPW3FTCAkCLhFfLFtxBV1aWHEFSFhZJ10fDw8uTEhYL3gCQ1pPNAlc HTTP/1.1
Host: d2q9y3krdwohfj.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heriverafte.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 524
date: Mon, 19 Sep 2022 12:01:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cVHDSzWBPK-PrXYpzJ_AWGshxRXPfcIz1OLJHXaZHuu-dTxSAdvrMQ==
X-Firefox-Spdy: h2
d2q9y3krdwohfj.cloudfront.net/dUnNuSncxHAAsSCYaCndAa0BZek90GR0lGSJOCQwuPzwaEg4dMVosRhYVHWwDKBdTelE+EgAtSnQWAClKY1UPLhVvR0g/Fm8eATAePh8Pb0UURkB6UmBDRjJGY1ZdCFJgQwIjGScLS3hHKktYFUFmVl0IUmBDHDxSYTJXfFliWkt4RzUWDSEYd0EoeEdjQ1-57R2NWXHoROwELLBgqVlwMTmRdXmwCb0I
54.230.245.104200 OK 82 kB URL HTTP/2 d2q9y3krdwohfj.cloudfront.net/dUnNuSncxHAAsSCYaCndAa0BZek90GR0lGSJOCQwuPzwaEg4dMVosRhYVHWwDKBdTelE+EgAtSnQWAClKY1UPLhVvR0g/Fm8eATAePh8Pb0UURkB6UmBDRjJGY1ZdCFJgQwIjGScLS3hHKktYFUFmVl0IUmBDHDxSYTJXfFliWkt4RzUWDSEYd0EoeEdjQ1-57R2NWXHoROwELLBgqVlwMTmRdXmwCb0I
IP 54.230.245.104:0
Hash 88bd80bcc5baec948f19504b61ba5865
df18cba7f9c3599493f9bfaee2c16a3130d8cde7
33efa3fe926f876f07183185983fc415bf45693af51f496c07e09df20248a99d
GET /dUnNuSncxHAAsSCYaCndAa0BZek90GR0lGSJOCQwuPzwaEg4dMVosRhYVHWwDKBdTelE+EgAtSnQWAClKY1UPLhVvR0g/Fm8eATAePh8Pb0UURkB6UmBDRjJGY1ZdCFJgQwIjGScLS3hHKktYFUFmVl0IUmBDHDxSYTJXfFliWkt4RzUWDSEYd0EoeEdjQ1-57R2NWXHoROwELLBgqVlwMTmRdXmwCb0I HTTP/1.1
Host: d2q9y3krdwohfj.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heriverafte.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 188
date: Mon, 19 Sep 2022 12:01:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zThlOAi9mCEXRuEVlwIR78AV-y8ZzArE-tNALqBbn1owRbHT21X-yA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 72 kB IP 142.250.74.3:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 423x625, components 3\012- data
Hash b5f167b6a6c488dafc9ef272feef3a86
5875537c3816d82bea169a86fbb132edeba0031d
9559a1932caeeb08f251f9c2cc21bf25795ab2b9ac6f3862713000d53ede0a92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 12:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
216.58.211.10200 OK 94 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
IP 216.58.211.10:0
Hash 4eba86f586a0704ce34e0b7807aa2ebf
01dfd450446c36efeda93fb202f54616c0d93167
3a9bce6f66e10a9bf8ad991ac8ba6d4feebe1e671c833597e4fbe48794b31980
GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Origin: https://atomohd.live
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32245
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 10:57:20 GMT
expires: Mon, 18 Sep 2023 10:57:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 90243
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 13 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 4d7a04bcde35d80f5ddf64ef138a984c
7660ca11a67f86809ee43c34f30e6cb2e4702f1b
856737bbd7f67b916b10aeab24f17719f2286d0d82ca6088c5d6639cabdf7747
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5ECACD0FEA9BB8A0A382032CA085E2AC028851F2D9BF718076FF56F0261CD7A3"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12048
Expires: Mon, 19 Sep 2022 15:22:11 GMT
Date: Mon, 19 Sep 2022 12:01:23 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 26 kB IP 142.250.74.3:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x230, components 3\012- data
Hash 627a811fe22bd652605bc72e51d97cb9
400fb973d95fa03f14c0730e86793d53a74b476e
a098da5b2e516aca7a598bd54899740762b27de4e326c0ba9c7ee4e12b38f01e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 12:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 19 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 6e87af1a221a2213699307b6a8ec6503
acb37f49bcbd6b5d299cd899725001d403284147
a480d825168b6b86e9970c6e136097409ce93f3b1b9383a4eb9864b77a21a6a6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5ECACD0FEA9BB8A0A382032CA085E2AC028851F2D9BF718076FF56F0261CD7A3"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12048
Expires: Mon, 19 Sep 2022 15:22:11 GMT
Date: Mon, 19 Sep 2022 12:01:23 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce908bc0881e2ebe1c42d4668ef8a429
11833662921a8f3f9f82cd74f85bb6383e484abc
5ecacd0fea9bb8a0a382032ca085e2ac028851f2d9bf718076ff56f0261cd7a3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5ECACD0FEA9BB8A0A382032CA085E2AC028851F2D9BF718076FF56F0261CD7A3"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12048
Expires: Mon, 19 Sep 2022 15:22:11 GMT
Date: Mon, 19 Sep 2022 12:01:23 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 96 kB IP 142.250.74.3:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 423x625, components 3\012- data
Hash f6b560406177da7b3a7dd5f7d8d581a8
1e83f90d5658b276b6bd5d250a6d60bee790e609
120bb414bf1c56de1cbf9e1926c6399e29065e2d91dea5271409eed6f2685af2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 12:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 14 kB IP 93.184.220.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash d53e988721878adc6c6b335a7db62b8a
93f0565c0ab45e9f29e72ff373b519915e245e2f
4ce75376214dec1f383436775a8c8d69d925192d4215b77cb9ca199ef07abd31
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5347
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 12:01:23 GMT
Last-Modified: Mon, 19 Sep 2022 10:32:16 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 69 kB IP 142.250.74.3:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 481x738, components 3\012- data
Hash d155e92cd203005a16fa2d623bc9894a
241428520bda9d58102b29255f31d8080ce1546e
a8b3f2c9fc2dd5d632a5d05f27234e0c8d72ff30fad7d11c8498ca6674a58cef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 12:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce908bc0881e2ebe1c42d4668ef8a429
11833662921a8f3f9f82cd74f85bb6383e484abc
5ecacd0fea9bb8a0a382032ca085e2ac028851f2d9bf718076ff56f0261cd7a3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5ECACD0FEA9BB8A0A382032CA085E2AC028851F2D9BF718076FF56F0261CD7A3"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12048
Expires: Mon, 19 Sep 2022 15:22:11 GMT
Date: Mon, 19 Sep 2022 12:01:23 GMT
Connection: keep-alive
heriverafte.xyz/utx?cb=LMJx9zIsMRYy&top=atomohd.live&tid=959656
108.157.214.123204 No Content 0 B URL HTTP/2 heriverafte.xyz/utx?cb=LMJx9zIsMRYy&top=atomohd.live&tid=959656
IP 108.157.214.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=LMJx9zIsMRYy&top=atomohd.live&tid=959656 HTTP/1.1
Host: heriverafte.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Origin: https://atomohd.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 19 Sep 2022 12:01:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://atomohd.live
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 19 Sep 2022 12:02:23 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 98KaJVjEGUQSmMKsbkDII4c1H4MnzKdh2mHnAfMhb_aasFJtV_ig1A==
X-Firefox-Spdy: h2
heriverafte.xyz/utx?cb=G9MsG0GFo3Oe&top=atomohd.live&tid=793703
108.157.214.123204 No Content 186 kB URL HTTP/2 heriverafte.xyz/utx?cb=G9MsG0GFo3Oe&top=atomohd.live&tid=793703
IP 108.157.214.123:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 758x1200, components 3\012- data
Size 186 kB (186536 bytes)
Hash ac2e5c440de5e8a1ae72dbc968074dfa
170849117eca16ccdeaf262e67f0bd265df76982
98577da69f2db65b6f3eb22825aacecc5827b7add48a98ace0d174de4d0a380b
GET /utx?cb=G9MsG0GFo3Oe&top=atomohd.live&tid=793703 HTTP/1.1
Host: heriverafte.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Origin: https://atomohd.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 19 Sep 2022 12:01:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://atomohd.live
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 19 Sep 2022 12:02:23 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: wRWTqfof-8ZSHRmi9o0OFuf_YEsGe2iITpjJt6ncvp5FTZ708q-XUA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 55 kB URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
Hash bb1264790ff0820fee37c6b118078250
f87641ba5dc8e6432950bdb6a0daddaa1e60571d
1fba06b6bc4e12690e53630df09f9c6b65459ed1dba904ce90780908302c9ed4
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 19 Sep 2022 12:01:23 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S688847348%3A1663588883205762&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqMQI-W56nlAg7eQ12L95mS7K3gy_dhz9hLb-2V9VFHSXV9npzWj2YkEnHyRuGqqHD20rfu
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-r8pvS9yGkIYz79lDseiiBw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:XTOG3dgPUQ8ArF2EiNQBjKEetAgigQ:bFw38UYiKCSdjQBr;Path=/;Expires=Wed, 18-Sep-2024 12:01:23 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 71 kB URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
Hash 7571fd51dc85cf67f7d7177487e277b9
f4caeecedd553f8c352a4850396c424d3427c66c
d867d28a0a7c5b559d8e4743fc50dd90981a79aabafdabd206a7247def291414
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 19 Sep 2022 12:01:23 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1442545874%3A1663588883215416&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWod62wqYso4b029YPBihvFbZI2LPYS4weNvNzcm3Edugog-pWV-RgeLgbRx-xxtHOMXbci7
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-v3pJSRPEebGw_wciCANZkw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:CxqeBsvRg63AJ-khhnDYJdBpklGn:Drzhs5J6r3KqObm0;Path=/;Expires=Wed, 18-Sep-2024 12:01:23 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 12:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 15 kB IP 104.18.32.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 120x170, components 3\012- data
Hash a66e404b92ec9c42a68798ed0b904100
39e2bb71c594da742c511de336ee3e2d623e2286
2a814e278e0a33bd42bb3d876f76cbb9c8b5b75e161bfe9cef50da970fa37dc0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 12:01:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:22:26 GMT
Expires: Sat, 24 Sep 2022 17:22:25 GMT
Etag: "fa1e7f9c4dea40295aedbb6526cd79ac156b1c1b"
Cache-Control: max-age=450661,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d22a9789fbb51e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 18 kB IP 93.184.220.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 120x170, components 3\012- data
Hash 9703280d3ebeeab36a176523e785b7cc
24f086b0f196330fe2cd9af16aba1e817c8c3705
b0ea389763a9aef2869299b96345fb8ce923faba5f1bd2ade77c728ec5c84e1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5347
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 12:01:23 GMT
Last-Modified: Mon, 19 Sep 2022 10:32:16 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 9.6 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3174755b230fdcb101041a4e6d94f99e
a2879e96a67e1bae4b1de60ff3f6e778b2949390
7cb6147e44646b883a3c0de8d56b29fcc1a0ebeb48d1034718ee6fd596caabfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 12:01:23 GMT
Connection: keep-alive
pogothere.xyz/asd100.bin
104.21.86.231200 OK 116 kB IP 104.21.86.231:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 120x170, components 3\012- data
Size 116 kB (116346 bytes)
Hash 1106843de81b2ed6d8675584b3dff7ed
aefd2dc7106a8c5ecd4ba7f8c9e4d40ce5438c38
a64e8c37c322df270ef97a536c2c1e6b3b5d8e8cb3a140899c0b2c0b38d68fd4
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Origin: https://atomohd.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 19 Sep 2022 12:01:23 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://atomohd.live
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6758
last-modified: Mon, 19 Sep 2022 10:08:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5cqSWS5gFD66U3orJa%2FbqkLPgUadHbhrS1jXpHGGJacyaqfGidYe3rSn6boNtaFpt%2BhcsEA9BRWhUhY%2F2RiRWWGrpGHO7%2FyM%2B6rdDtj9zLg9giDQQFyceSW8%2F5zcbWi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d22a97cd0cb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
34.120.237.76200 OK 22 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 120x170, components 3\012- data
Hash 827eb984e49764acc732478d6001858e
5b502f97216825ce5ce0dee3a2e7b8ae0c381ac4
60a6003f03e34248da26784b308522c0b90221539e42dd849710fa08ebd09928
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nD62kVNMZRvoZaM85m1kNlgU-KOj2X7tqhy9cPxGJFaBHCMVEsvWXQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:45 GMT
age: 50858
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 34 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30229)
Hash 3fe1d859dfb3d585e91ee9738dd15456
b491de9fcc4da100113633a37f009533106c857b
694a89b767a5fce086983489cd2c2db5b618f2905b52b1f419d3bbe06d93287f
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5+OoFXkR4x79G0PFAJA23B+ZZCXnNaLmqr4Rm9BcAAzQapB9WBaCErupJWsaSUQLAwxWmuUvTDZKE7lT6B1JwQ==
date: Mon, 19 Sep 2022 12:01:23 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: bee7087d-6431-457a-8fdc-a9eff7b14afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOAZHcCIAMFTSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279068-4a7d282e1860a131491a4f2d;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EClCCFFn_OCwRqXC7W0g-msDSm1WsTRB5kDJsAQyxIPmIwSQBSbJ9g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:01 GMT
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
age: 50662
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x170, components 3\012- data
Hash 2409c94e98d679aa16dcc563ac7c3323
68ac7ccfa59540b8451adc6a7069843e2b1f4d92
170020d2b5062847009c2ea896eca0de942886ad81dcfb1ea48e4803f782d802
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 50650
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash febaa50825802847e9cbc0479e7121ba
36355214d6f866681edc3eacd5f1af87b16bdcc2
7a808fbeb6ce87490299fb3d5de52ec450c9161d9098254f1b54a0d4a97b645c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3d8aaa4-a2c1-416d-a396-a4c00758ba53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9426
x-amzn-requestid: 6569d647-e17c-4456-8d54-b093e1cc1d7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl9trEPNoAMFteg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257657-7bba0e970a8114a11fd6bf32;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:25:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sO0jibO4hXSxONHRYPgA2WA9U9GBFbVhCGy9F3RwrJqZoAzU90Tpsg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 06:24:34 GMT
age: 20209
etag: "36355214d6f866681edc3eacd5f1af87b16bdcc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 66 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 423x625, components 3\012- data
Hash 69165810658253dc224db14d9bc2fd4a
81bcebb352c93a43d153abeca0c3d8a3c7aad7b5
93f54e47e09b1b6f70bae4f41a50948f9fb70ada0a4187f3876326c3a830d5cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 12:42:49 GMT
age: 83914
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f99c08fdd1a74ec569e02207b9919df8
3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df
7b5f48166db186dcf19987f5f91cb03cbd069ec74de8ea42059626019b00fc14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a5d9ce-7d6b-4006-832c-dda7f7999129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9371
x-amzn-requestid: dd94b1a0-f6a1-4e41-8b97-9c9904b6f6b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRFF6rIAMFY2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf39-289c5acb4e5bcb715b689f55;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DsGELoQ60sh4h4_QIO-_VcCyYtCVL5TfoVbM7blYfaqWXT1Nnxsqig==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 10:17:05 GMT
age: 6265
etag: "3f24ca8e9c96f3c9ca2e95946f1f67d242c7e5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
youradexchange.com/script/suurl4.php?r=5343547&cbur=0.15792773870796217&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Peliculas%20y%20Series%20estrenos%20gratis%20-%20atomohd.live&cbpage=https%3A%2F%2Fatomohd.live%2F&cbref=&cbdescription=gratis%2C%20lo%20ultimo%20en%20peliculas%2Cseries%2Cjuegos%2Csoftware%2Cmega%2Crapidgator%20y%20mucho%20mas%20%20-%20atomohd.live%20!!&cbkeywords=gratis%2C%2Cpeliculas%2Cseries%2Cseries%20hd%2Catomohd%27.wdom.%27%2CMega%2Crapidgator%2Conline%20gratis&cbcdn=uptimecdn.com&aggr=0
35.190.41.116200 OK 0 B URL HTTP/2 youradexchange.com/script/suurl4.php?r=5343547&cbur=0.15792773870796217&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Peliculas%20y%20Series%20estrenos%20gratis%20-%20atomohd.live&cbpage=https%3A%2F%2Fatomohd.live%2F&cbref=&cbdescription=gratis%2C%20lo%20ultimo%20en%20peliculas%2Cseries%2Cjuegos%2Csoftware%2Cmega%2Crapidgator%20y%20mucho%20mas%20%20-%20atomohd.live%20!!&cbkeywords=gratis%2C%2Cpeliculas%2Cseries%2Cseries%20hd%2Catomohd%27.wdom.%27%2CMega%2Crapidgator%2Conline%20gratis&cbcdn=uptimecdn.com&aggr=0
IP 35.190.41.116:0
GET /script/suurl4.php?r=5343547&cbur=0.15792773870796217&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Peliculas%20y%20Series%20estrenos%20gratis%20-%20atomohd.live&cbpage=https%3A%2F%2Fatomohd.live%2F&cbref=&cbdescription=gratis%2C%20lo%20ultimo%20en%20peliculas%2Cseries%2Cjuegos%2Csoftware%2Cmega%2Crapidgator%20y%20mucho%20mas%20%20-%20atomohd.live%20!!&cbkeywords=gratis%2C%2Cpeliculas%2Cseries%2Cseries%20hd%2Catomohd%27.wdom.%27%2CMega%2Crapidgator%2Conline%20gratis&cbcdn=uptimecdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Origin: https://atomohd.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 19 Sep 2022 12:01:23 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
104.21.86.231200 OK 0 B IP 104.21.86.231:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Origin: https://atomohd.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 19 Sep 2022 12:01:23 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://atomohd.live
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6758
last-modified: Mon, 19 Sep 2022 10:08:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdVPDSw5qK90HT7toApNjhPssUz8%2Fg%2Fu%2By6L9acxo1KrR5wqL%2BZ4FGL7HPzXxPkSHx%2BJO6C9MPb16SZLebZgGLYvho9PxmJVvJeMwEixkQz5aiH7%2B%2BNCKfhXO1EUZJGL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d22a97bcf2b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
104.21.86.231200 OK 0 B IP 104.21.86.231:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Origin: https://atomohd.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 12:01:23 GMT
content-type: text/plain
set-cookie: csu=1525949528198942@1@1663588883; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://atomohd.live
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xW9He84o6ocUvma3BUVHdNHKsKR9TIE2CokomxbmOy0N0MDpx7OAW1zeqIiNtbcnplG6Dwh54kVfbNJeD86ldTWdEgzcgJC7lnGq9bYR0KcelI8i9HAxlgtzYIKwK8CB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d22a97cd10b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
atomohd.live/
172.67.132.89200 OK 0 B IP 172.67.132.89:0
GET / HTTP/1.1
Host: atomohd.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 19 Sep 2022 12:01:21 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin
clear-site-data: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXJYJN7EjmgBJYxp%2FA8Vebq513o%2Fx1V23lIOsljU5zQOFMwAvSzsMnji2O%2FrFtW8sVEmWTwT983eURxEW8MYvNbwxp9ycpSleMKBQqfLtkXrbEn4Q5q9eOWZmLcUsKU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d22a8c5aad1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uptimecdn.com/script/bootstrap.js
104.21.46.116200 OK 0 B URL HTTP/2 uptimecdn.com/script/bootstrap.js
IP 104.21.46.116:0
GET /script/bootstrap.js HTTP/1.1
Host: uptimecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atomohd.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 12:01:22 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtIdFbEcftp9_8YvgIsPRNzE02uaUX_mG_-wT0H74a7FBpllpKZIxpROw0NQSvC2oOQjXICsOHH1mPH3i-gelIr
x-goog-generation: 1662626315119008
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100523
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Mon, 19 Sep 2022 11:48:18 GMT
cache-control: public, max-age=14400
last-modified: Thu, 08 Sep 2022 08:38:35 GMT
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
age: 1099
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HD1lpRrZdvkLqgQt3RG5%2FCpZXWNj%2BwnAVQT7C1YdoveJL0zl3y68QuVqB3ZfVtcNiErDVeUZIzA2so%2BpirfbfFplC6RPhw2A9T0oKgqy2VIRbrguuFFxKpN85j3JkF9Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d22a90e8300b69-OSL
content-encoding: br
X-Firefox-Spdy: h2