firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 03:50:25 GMT
Expires: Sun, 16 Oct 2022 03:59:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HzTAjaxFYveI4RGd5BvIQGLzbXKsfjohI2r-i4GRJPZ0yJHbQ--Cyg==
Age: 2147
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6878
Expires: Sun, 16 Oct 2022 06:20:50 GMT
Date: Sun, 16 Oct 2022 04:26:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8209
Expires: Sun, 16 Oct 2022 06:43:01 GMT
Date: Sun, 16 Oct 2022 04:26:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m9DYmS6kAL/2l1k8rjSHgxILZscUAWnatcGlPK7ncjN7LHPH2XFF+0WPQhreo6eotJT/toQwTkM=
x-amz-request-id: FJGZ8JYZMQJB40VH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 04:02:51 GMT
age: 1401
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 16 Oct 2022 04:07:43 GMT
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 05:06:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rJq-cjYnWvaXV6W-fvzUxqN5Wd2aI4TJH7lGGNe_DjmCdlvVdFx_YA==
Age: 1109
eroloves.top/
198.251.65.36302 Found 0 B IP 198.251.65.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: eroloves.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 16 Oct 2022 04:26:12 GMT
Server: Apache/2.4.38 (Debian)
Location: https://brazz.icu/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 301aafc13bc66315321d9476df002258
e6bfd29899543fcd4d1b332623757bbad355306f
c64315afdfcf146b16942d981588ed912650472c5e2bba7b6f8dee396d820860
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2748
Cache-Control: max-age=102390
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:26:13 GMT
Etag: "634a6a1f-1d7"
Expires: Mon, 17 Oct 2022 08:52:43 GMT
Last-Modified: Sat, 15 Oct 2022 08:06:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6496c7c03105086f707d474bd98762a7
c356c16fcb481175f02d86be63bdb258c095e7b4
bc4ea777eb6a7d350a07115c72826d0c61786e95ccf9711aefd71c1c901ffa50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC4EA777EB6A7D350A07115C72826D0C61786E95CCF9711AEFD71C1C901FFA50"
Last-Modified: Fri, 14 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5555
Expires: Sun, 16 Oct 2022 05:58:48 GMT
Date: Sun, 16 Oct 2022 04:26:13 GMT
Connection: keep-alive
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vP9Y0nrmAmtMkldHfL7P+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C4qtMps4B5oGsKsZOnzX4XyxUZw=
brazz.icu/
198.251.65.36200 OK 1.7 kB IP 198.251.65.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text
Hash d1da5706a300882754b401471638580b
63adc04aecb119961eaa94823a7d935a033f188c
dcb2bcc19c2588f1e7487ae926f54cfea5f4b4a8dc39fdf639bcac789345a0b4
GET / HTTP/1.1
Host: brazz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 04:26:13 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: PHPSESSID=p4bk897dc3mr70rpknbb9f1v2f; expires=Sun, 16-Oct-2022 05:11:14 GMT; Max-Age=2700; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1693
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
brazz.icu/style.css
198.251.65.36200 OK 1.3 kB IP 198.251.65.36:0
Hash 4dd6eaa6486dffffad403464e706bbf3
2d97469678e36dc8ac0099e0b233aa1681200e83
662301031a5d36e110a54a241f94c6b09d84c93b7983c758138f7142ffb0939b
GET /style.css HTTP/1.1
Host: brazz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Cookie: PHPSESSID=p4bk897dc3mr70rpknbb9f1v2f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 04:26:14 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Sun, 27 Mar 2022 01:36:46 GMT
ETag: "104c-5db293a8ce801-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1322
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
qa24ljic4i.com/get/1898044?p=1898044&jp=_clmnnsbwf91f1rrktkjfe8
62.122.171.6200 OK 7 B URL HTTP/2 qa24ljic4i.com/get/1898044?p=1898044&jp=_clmnnsbwf91f1rrktkjfe8
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1898044?p=1898044&jp=_clmnnsbwf91f1rrktkjfe8 HTTP/1.1
Host: qa24ljic4i.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:14 GMT
content-type: text/javascript
content-length: 7
x-route-id: config
set-cookie: UID=22101523261e21bff6f6594dadb886f7914d; Path=/; Expires=Mon, 16 Oct 2023 04:26:14 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14299
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 04:26:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14299
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 04:26:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14299
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 04:26:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69fc0752-6b07-48bd-b8a9-72181c2eda68.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69fc0752-6b07-48bd-b8a9-72181c2eda68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fadc98d6bc21bda450cb9e1636983db
8cfa603d1b6d476695c06e31a906e9eeea638528
9f50f8c29af0752dfa8b1bfe6e80c462bec7308c94d770e99a1f5eb1a76bbc04
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69fc0752-6b07-48bd-b8a9-72181c2eda68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6938
x-amzn-requestid: 0b81a240-35b7-4570-97d2-1efb1037c78a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEM7eHDkIAMF0lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2849-6ca6b04355a2f6e61cf6da1a;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nVuf6wvP_7Majrgd3jtvOSWwUItWg_DDyjT2Zkg_E5DWACFV9RLY5Q==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:57:12 GMT
age: 23342
etag: "8cfa603d1b6d476695c06e31a906e9eeea638528"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f852a58da0bf5c1c5b3d4c9531078b08
96b58ac0e71afe7d4ba43fa592130f3611eb6df7
d404e20f16943bf168b422da6477716f9b37f38927ce078bf19504a581558f75
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f6f17e-fdd5-44d5-bb67-afeda66ec08c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 668570b9-a33b-4645-88f7-1dc31ae938da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEN2PGJGIAMF1oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b29c1-176688ab716ea6102238fb0d;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:44:33 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BTZvMjz3PJ5xfENpFregpHJ36BDnD-lRpL2bsySa4L4_ez3Evtc7rg==
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:54:02 GMT
age: 23532
etag: "96b58ac0e71afe7d4ba43fa592130f3611eb6df7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3de9de60463838cdf30a974f092684
542b753fe420651c67739d3c51927e10ececa4aa
b69cc2d2af1d3bfb36a82198562fefbe822f58249e6f85903b3bbe8c207468b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a1f1175-4b02-4c87-a3f1-9bf1f46d8149.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4070
x-amzn-requestid: 2de050df-01e6-487a-99ff-ac452ecb3706
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFCpbFUbIAMF9dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b7e3c-2ee6c44f4993d1a51ba3e9cb;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:45:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pZjRH7IfMdLhJexGioaByUi4ASNvUMhq41oYLzcH5VKXL228XdRP-w==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 03:49:28 GMT
age: 2206
etag: "542b753fe420651c67739d3c51927e10ececa4aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e20daa74ab04b1b9859672acfc070f7e
d291947f161c928e6c6682a05835478b5f0cffc5
ebbe051930f46dd25de2a4c5795f3bdddf1513c0657cdc986c48f3dfdc90f575
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9260
x-amzn-requestid: dfd8deb0-fc73-4321-b024-330b2a3d1759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aENyFH9RoAMF24w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b29a6-0aaf75c43b51d5775bc48a95;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:44:06 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 61ygCro-e2iz9SdywbShi7CWHcWLovGr7Ob2wWno2E2bpRWujT_OOA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:53:51 GMT
age: 23543
etag: "d291947f161c928e6c6682a05835478b5f0cffc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 42dc2299-203a-4269-a252-e239978fe80d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLHX0IAMF89g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-1357899758d9403e4b920418;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WTKaFQ0rZbiSiVD_qjSwbcvMoCoWsf8hfsXsC7cVkT-hm04EXHWASA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 04:05:54 GMT
age: 1220
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FDpKbEtkkBwyl0pq3hI50XU9_5Qk43D5_CCq2mdq6phymrT0Op_wzg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:00:32 GMT
age: 23142
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c52a73dd8edce42507d669bc3660e470
6581f0d38d408917df6ff6ec1411297aebfc2a07
ada55718be474195bdece468b0a122d3c352c5c9e1051ecf363da22dbb77c786
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 119
Cache-Control: max-age=149414
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:26:14 GMT
Etag: "634b2c15-117"
Expires: Mon, 17 Oct 2022 21:56:28 GMT
Last-Modified: Sat, 15 Oct 2022 21:54:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c52a73dd8edce42507d669bc3660e470
6581f0d38d408917df6ff6ec1411297aebfc2a07
ada55718be474195bdece468b0a122d3c352c5c9e1051ecf363da22dbb77c786
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 119
Cache-Control: max-age=149414
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:26:14 GMT
Etag: "634b2c15-117"
Expires: Mon, 17 Oct 2022 21:56:28 GMT
Last-Modified: Sat, 15 Oct 2022 21:54:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
cdn.pncloudfl.com/pn/b3c/a46/243/b3ca46243dd1beb6a1169d26cfa361bac2d7b97e.jpg
172.67.25.161200 OK 44 kB URL HTTP/2 cdn.pncloudfl.com/pn/b3c/a46/243/b3ca46243dd1beb6a1169d26cfa361bac2d7b97e.jpg
IP 172.67.25.161:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5b5185d2fccd2dca3c94db1ba3359efc
5be904c10086b3af052ea9a79f6b60e1150ecf4b
a4834b0c05e82cc70c7778348a3c205f25f3a22e9775e137c3d8187b3f6a3fb5
GET /pn/b3c/a46/243/b3ca46243dd1beb6a1169d26cfa361bac2d7b97e.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:26:14 GMT
content-type: image/webp
content-length: 43534
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=77637
content-disposition: inline; filename="b3ca46243dd1beb6a1169d26cfa361bac2d7b97e.webp"
etag: 1b8a2ca51633977e4d71e0297479bdcf
expires: Sun, 16 Oct 2022 20:31:24 GMT
last-modified: Thu, 22 Sep 2022 10:27:55 GMT
vary: Accept
x-openstack-request-id: txe70ca3ba19e54f508ede7-00632c38e6
x-proxy-cache: HIT
x-timestamp: 1663842474.88163
x-trans-id: txe70ca3ba19e54f508ede7-00632c38e6
cf-cache-status: HIT
age: 114890
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 75ae0902bf84b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg
172.67.25.161200 OK 42 kB URL HTTP/2 cdn.pncloudfl.com/pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg
IP 172.67.25.161:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b2ac395fa2c95bbd2ac7f937211be4e7
99504a9db48306c2aa86d2d29bfda5332b6255e4
88ea6bdf10b50b53cc79a4686a58fa6e3c4e960d996e657b0caecced92a6cd37
GET /pn/597/84e/2a6/59784e2a61ac3aa5638fa67202b8a4f6230736b3.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 04:26:14 GMT
content-type: image/webp
content-length: 41918
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=75213
content-disposition: inline; filename="59784e2a61ac3aa5638fa67202b8a4f6230736b3.webp"
etag: de579877c115109ec9ca833aab057d1a
expires: Sun, 16 Oct 2022 21:09:33 GMT
last-modified: Sun, 19 Jun 2022 15:39:25 GMT
vary: Accept
x-openstack-request-id: tx107f7e6e2a7f43d895cc2-0062af4764
x-proxy-cache: HIT
x-timestamp: 1655653164.18243
x-trans-id: tx107f7e6e2a7f43d895cc2-0062af4764
cf-cache-status: HIT
age: 112601
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 75ae0902cf88b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 15311607f4011abf888e438c207a1be5
3a1654b578a25ddd847829a4051600f5a01b7504
1886ea8bb9803967d2a674d4e6b0e8496635c5c32c927e1efb054e5198437e85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1886EA8BB9803967D2A674D4E6B0E8496635C5C32C927E1EFB054E5198437E85"
Last-Modified: Thu, 13 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14067
Expires: Sun, 16 Oct 2022 08:20:41 GMT
Date: Sun, 16 Oct 2022 04:26:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c52a73dd8edce42507d669bc3660e470
6581f0d38d408917df6ff6ec1411297aebfc2a07
ada55718be474195bdece468b0a122d3c352c5c9e1051ecf363da22dbb77c786
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 119
Cache-Control: max-age=149414
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 04:26:14 GMT
Etag: "634b2c15-117"
Expires: Mon, 17 Oct 2022 21:56:28 GMT
Last-Modified: Sat, 15 Oct 2022 21:54:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
brazz.icu/search-16.png
198.251.65.36200 OK 350 B IP 198.251.65.36:0
File type PNG image data, 15 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f4590cdf9813c9b26676f86803bbf00
55f14aaef94a983d0021354f4b3d5d9e75098890
0ba4538eb01fd6b19ffaca2e1513d76db32b8f4c9a1c9da74e6fc03378e71574
GET /search-16.png HTTP/1.1
Host: brazz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/style.css
Cookie: PHPSESSID=p4bk897dc3mr70rpknbb9f1v2f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 04:26:14 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Sun, 27 Mar 2022 01:36:46 GMT
ETag: "15e-5db293a8ce801"
Accept-Ranges: bytes
Content-Length: 350
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
forlumineoner.com/zone?pub=1&zone_id=1898045&is_mobile=false&domain=brazz.icu&var=&ymid=&var_3=
139.45.197.229200 OK 619 B URL HTTP/2 forlumineoner.com/zone?pub=1&zone_id=1898045&is_mobile=false&domain=brazz.icu&var=&ymid=&var_3=
IP 139.45.197.229:0
File type JSON data\012- , ASCII text, with very long lines (618)
Hash 9c476c638f3b8dd27f75c328aef4c644
3255a76fb67e34b64b1629e2b1a93171cfa3cd31
9eeae98e4402a9bf0065509efcfd002fe27ce8283e1916e77352cb1f43b4518f
GET /zone?pub=1&zone_id=1898045&is_mobile=false&domain=brazz.icu&var=&ymid=&var_3= HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://brazz.icu/
Origin: https://brazz.icu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:11 GMT
content-type: application/json; charset=utf-8
content-length: 619
x-trace-id: 52dc9929dc2f3f89cc91e9ebab51c859
access-control-allow-origin: https://brazz.icu
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
brazz.icu/top-slots-bestof-casino.png
198.251.65.36200 OK 43 kB URL HTTP/1.1 brazz.icu/top-slots-bestof-casino.png
IP 198.251.65.36:0
File type PNG image data, 479 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ff24406315978478cd7c484cebad1da
6babb9a1d24c0f1afa1a463e385cefed4b379570
f5e150318efab614b0659c8b06c14a48bbda84dceef1ee4122e4c103ddef9d66
GET /top-slots-bestof-casino.png HTTP/1.1
Host: brazz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Cookie: PHPSESSID=p4bk897dc3mr70rpknbb9f1v2f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 04:26:14 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Sun, 27 Mar 2022 01:36:46 GMT
ETag: "a680-5db293a8da383"
Accept-Ranges: bytes
Content-Length: 42624
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
forlumineoner.com/custom
139.45.197.229200 OK 0 B IP 139.45.197.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://brazz.icu/
Origin: https://brazz.icu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://brazz.icu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
brazz.icu/brazz-icu.png
198.251.65.36200 OK 306 kB IP 198.251.65.36:0
File type PNG image data, 1200 x 228, 8-bit/color RGBA, non-interlaced\012- data
Size 306 kB (305913 bytes)
Hash e0766df6fcb47fa1458d77adc8f1b26e
3c78449bec92f5a2b8cd524c265849e75562c4b2
168ce679fc66c58bd35465c5831552ab1394b69d032c75d4bf39102d040ca6ed
GET /brazz-icu.png HTTP/1.1
Host: brazz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Cookie: PHPSESSID=p4bk897dc3mr70rpknbb9f1v2f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 04:26:14 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Sun, 27 Mar 2022 01:44:54 GMT
ETag: "4aaf9-5db2957a31180"
Accept-Ranges: bytes
Content-Length: 305913
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
forlumineoner.com/custom
139.45.197.229200 OK 39 B IP 139.45.197.229:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://brazz.icu/
Content-Type: application/json
Origin: https://brazz.icu
Content-Length: 372
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 298ff45cc092c78e59b527ef85389a30
access-control-allow-origin: https://brazz.icu
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
forlumineoner.com/custom
139.45.197.229200 OK 39 B IP 139.45.197.229:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://brazz.icu/
Content-Type: application/json
Origin: https://brazz.icu
Content-Length: 742
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 171dd168ea9644383d71bd5559abb147
access-control-allow-origin: https://brazz.icu
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
brazz.icu/favicon.ico
198.251.65.36404 Not Found 3.8 kB IP 198.251.65.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text
Hash 22aff8fefa6984616eca11ce8286736b
f00ffe17874aaa39d1f7fcfc421a64d8f7831728
d1e2896b2835a67fc3c023f88c35ad21d0d72a1f8cfae93f40417c0f2352383f
GET /favicon.ico HTTP/1.1
Host: brazz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Cookie: PHPSESSID=p4bk897dc3mr70rpknbb9f1v2f; pnState={"impressions":0,"delayStarted":1665894377309,"page":"/"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 04:26:15 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: brazz-mvisits=1; expires=Sun, 16-Oct-2022 06:26:15 GMT; Max-Age=7200
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Length: 3814
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
vzigttqgqx.com/chicken.gif?z=1898043&pb=4a49693dfc5897792fad2f445932961c1665901574&psp=0usZqu57zIhI7YeedjjVx1hEJayk9gFC7ea13z_vttdpb2yz2--fgtJFMpi7EGgxOcIFMz6k47uyGGZBpG7wN2I5h_cjk1lHXEEXVHFrtL38AifJc_kk48JSCRQIxhJddwpOVrXHhOTfFBJwEgtdjmpFP3j5nEGtP0JZF0RI78X_SNZNGK3YhNc81ISNnifNgSUD26EINxPsI8csjUIZzvMQER-buZOiyvjMDeIS8K6GQswgfvN0g5ElCrK7NcVmpZAqVFjZjmgj4BFqvn8ZhpcM17UXpJ44Vj6Wnz_kPl4LOaIDm52FDzGQGf4XuEfWdlJp5mjee8Azy1303zGdXN9XLSrSVi0etBmrnTpaYKap1w0uT6MTf6M1WVHT7KuSSSFIS3BwtF-wT13K8tZj_w3XwquzyNRx2_f5MdSCCciL9IHcCaBDnwnlsiXJ5hGJhZ5wDLl5ZKizuIA1NSk6iISukyQPVGcjZujnnAOW7a_p-mkoE4Om0s-gcTwn2hndT14xZEa-gm8d_rXlbeQQsqI3GWjdR3lXTTAH2qQqzpL0dQiAtHX1nMY2dmPB8Rup5DXaqie3UFgt0g_JFUKWzh5YtFl-l-h4khMP5JTXgs9PrGnJ85cod4RGB8g5FvAiXvEd70iZU6v2B-d1MiNjjmjYdnaMw-2xpWO9K_j-_SiahNtYksL8da5NAVAfOgqZq3D9rqSAMEtkC_L5cFwCc2aiClVZR3IeHiee_MhCBxn4-5ty0mpXMQMS6G6iJfcn1aOjeDdgiuN7leMtHxUzmkR-xDWkRc3wPxSpEpTjkjqF3BkUbxMvqyd0CuWL0aCmyGAZYGBzzOWPStOcvzFIPn12Z_qpadU7DRWdNU0MsjIXkO6I97sp2kDKct09SXGSKzu_aTvHFjDTSeso3DcTRmNtA7L79NhmghoeGR-z1aZ94r8A3DUmOk3B4k3Z12TIc4yPxs-zicoknRxRLSVy5MoQEa0m2SbyiuIPx7YMIyRrRnCVKVGZKORa5vgxIPToDAhhmQoXOC3HJqy9iuA0Q-0-kamlIM-4w4-0QfSOCSh1kbcQy9Jxk4mNQArZXKOWO5CSuih8baDlOm8ExjyzyLQ25MeW1VVJ5wjbtmLWOBYxkT3aTiswYkgm8GgLU-vp0iLyO8TA7-WnQFyPE_qM5PfLLTqIaPLIQc3nEni20SWyUx5fwAJxELC9VmMPsZ-dGzTl__8DKk0_VXVPWNCS5HvoMLZL_WSYvBY2WEfj3oPtW5R-9ZzljgLVKUzUKr6TWlxmT_zNGyK8sCK4tLDDj4V_mP9jX2f8gIfUFy4Zbp2eUz80pYhB7D3kDXf96AUZofxCBadK7ThktJ8h6fcnKQ_lGC7Z60haEdoOGlalEBgY1zm_zixfWxZKSPvucSrzYOMzgneoGj6FodA90HRJppMgweS_tcUHp93fJ4S_RdWE2D0sedTVro7TQoLI1AuUznlm0hhH2KvxlowOibXZtjvDR4OagSp6d2JOqR9XIs2DUu9Aw3-h-6xcP3LiMPCI3bULKO0cec9jXicLeWSppfeyFV3HrmlS_6SoQFiBdaQRAYII2oRn3r0tTz_95o_dc2fpspNY6QtqdyZQAhXFDeD4n_GnWmo5UcaVaxxH0Dchjcx0HhJv9bAnoIIGGCvD_yF720xpKF54WD1ICfzbsPP86mER20LkSAm0Fomxy-dQB_IE-d0cZkIy9g==&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 vzigttqgqx.com/chicken.gif?z=1898043&pb=4a49693dfc5897792fad2f445932961c1665901574&psp=0usZqu57zIhI7YeedjjVx1hEJayk9gFC7ea13z_vttdpb2yz2--fgtJFMpi7EGgxOcIFMz6k47uyGGZBpG7wN2I5h_cjk1lHXEEXVHFrtL38AifJc_kk48JSCRQIxhJddwpOVrXHhOTfFBJwEgtdjmpFP3j5nEGtP0JZF0RI78X_SNZNGK3YhNc81ISNnifNgSUD26EINxPsI8csjUIZzvMQER-buZOiyvjMDeIS8K6GQswgfvN0g5ElCrK7NcVmpZAqVFjZjmgj4BFqvn8ZhpcM17UXpJ44Vj6Wnz_kPl4LOaIDm52FDzGQGf4XuEfWdlJp5mjee8Azy1303zGdXN9XLSrSVi0etBmrnTpaYKap1w0uT6MTf6M1WVHT7KuSSSFIS3BwtF-wT13K8tZj_w3XwquzyNRx2_f5MdSCCciL9IHcCaBDnwnlsiXJ5hGJhZ5wDLl5ZKizuIA1NSk6iISukyQPVGcjZujnnAOW7a_p-mkoE4Om0s-gcTwn2hndT14xZEa-gm8d_rXlbeQQsqI3GWjdR3lXTTAH2qQqzpL0dQiAtHX1nMY2dmPB8Rup5DXaqie3UFgt0g_JFUKWzh5YtFl-l-h4khMP5JTXgs9PrGnJ85cod4RGB8g5FvAiXvEd70iZU6v2B-d1MiNjjmjYdnaMw-2xpWO9K_j-_SiahNtYksL8da5NAVAfOgqZq3D9rqSAMEtkC_L5cFwCc2aiClVZR3IeHiee_MhCBxn4-5ty0mpXMQMS6G6iJfcn1aOjeDdgiuN7leMtHxUzmkR-xDWkRc3wPxSpEpTjkjqF3BkUbxMvqyd0CuWL0aCmyGAZYGBzzOWPStOcvzFIPn12Z_qpadU7DRWdNU0MsjIXkO6I97sp2kDKct09SXGSKzu_aTvHFjDTSeso3DcTRmNtA7L79NhmghoeGR-z1aZ94r8A3DUmOk3B4k3Z12TIc4yPxs-zicoknRxRLSVy5MoQEa0m2SbyiuIPx7YMIyRrRnCVKVGZKORa5vgxIPToDAhhmQoXOC3HJqy9iuA0Q-0-kamlIM-4w4-0QfSOCSh1kbcQy9Jxk4mNQArZXKOWO5CSuih8baDlOm8ExjyzyLQ25MeW1VVJ5wjbtmLWOBYxkT3aTiswYkgm8GgLU-vp0iLyO8TA7-WnQFyPE_qM5PfLLTqIaPLIQc3nEni20SWyUx5fwAJxELC9VmMPsZ-dGzTl__8DKk0_VXVPWNCS5HvoMLZL_WSYvBY2WEfj3oPtW5R-9ZzljgLVKUzUKr6TWlxmT_zNGyK8sCK4tLDDj4V_mP9jX2f8gIfUFy4Zbp2eUz80pYhB7D3kDXf96AUZofxCBadK7ThktJ8h6fcnKQ_lGC7Z60haEdoOGlalEBgY1zm_zixfWxZKSPvucSrzYOMzgneoGj6FodA90HRJppMgweS_tcUHp93fJ4S_RdWE2D0sedTVro7TQoLI1AuUznlm0hhH2KvxlowOibXZtjvDR4OagSp6d2JOqR9XIs2DUu9Aw3-h-6xcP3LiMPCI3bULKO0cec9jXicLeWSppfeyFV3HrmlS_6SoQFiBdaQRAYII2oRn3r0tTz_95o_dc2fpspNY6QtqdyZQAhXFDeD4n_GnWmo5UcaVaxxH0Dchjcx0HhJv9bAnoIIGGCvD_yF720xpKF54WD1ICfzbsPP86mER20LkSAm0Fomxy-dQB_IE-d0cZkIy9g==&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1898043&pb=4a49693dfc5897792fad2f445932961c1665901574&psp=0usZqu57zIhI7YeedjjVx1hEJayk9gFC7ea13z_vttdpb2yz2--fgtJFMpi7EGgxOcIFMz6k47uyGGZBpG7wN2I5h_cjk1lHXEEXVHFrtL38AifJc_kk48JSCRQIxhJddwpOVrXHhOTfFBJwEgtdjmpFP3j5nEGtP0JZF0RI78X_SNZNGK3YhNc81ISNnifNgSUD26EINxPsI8csjUIZzvMQER-buZOiyvjMDeIS8K6GQswgfvN0g5ElCrK7NcVmpZAqVFjZjmgj4BFqvn8ZhpcM17UXpJ44Vj6Wnz_kPl4LOaIDm52FDzGQGf4XuEfWdlJp5mjee8Azy1303zGdXN9XLSrSVi0etBmrnTpaYKap1w0uT6MTf6M1WVHT7KuSSSFIS3BwtF-wT13K8tZj_w3XwquzyNRx2_f5MdSCCciL9IHcCaBDnwnlsiXJ5hGJhZ5wDLl5ZKizuIA1NSk6iISukyQPVGcjZujnnAOW7a_p-mkoE4Om0s-gcTwn2hndT14xZEa-gm8d_rXlbeQQsqI3GWjdR3lXTTAH2qQqzpL0dQiAtHX1nMY2dmPB8Rup5DXaqie3UFgt0g_JFUKWzh5YtFl-l-h4khMP5JTXgs9PrGnJ85cod4RGB8g5FvAiXvEd70iZU6v2B-d1MiNjjmjYdnaMw-2xpWO9K_j-_SiahNtYksL8da5NAVAfOgqZq3D9rqSAMEtkC_L5cFwCc2aiClVZR3IeHiee_MhCBxn4-5ty0mpXMQMS6G6iJfcn1aOjeDdgiuN7leMtHxUzmkR-xDWkRc3wPxSpEpTjkjqF3BkUbxMvqyd0CuWL0aCmyGAZYGBzzOWPStOcvzFIPn12Z_qpadU7DRWdNU0MsjIXkO6I97sp2kDKct09SXGSKzu_aTvHFjDTSeso3DcTRmNtA7L79NhmghoeGR-z1aZ94r8A3DUmOk3B4k3Z12TIc4yPxs-zicoknRxRLSVy5MoQEa0m2SbyiuIPx7YMIyRrRnCVKVGZKORa5vgxIPToDAhhmQoXOC3HJqy9iuA0Q-0-kamlIM-4w4-0QfSOCSh1kbcQy9Jxk4mNQArZXKOWO5CSuih8baDlOm8ExjyzyLQ25MeW1VVJ5wjbtmLWOBYxkT3aTiswYkgm8GgLU-vp0iLyO8TA7-WnQFyPE_qM5PfLLTqIaPLIQc3nEni20SWyUx5fwAJxELC9VmMPsZ-dGzTl__8DKk0_VXVPWNCS5HvoMLZL_WSYvBY2WEfj3oPtW5R-9ZzljgLVKUzUKr6TWlxmT_zNGyK8sCK4tLDDj4V_mP9jX2f8gIfUFy4Zbp2eUz80pYhB7D3kDXf96AUZofxCBadK7ThktJ8h6fcnKQ_lGC7Z60haEdoOGlalEBgY1zm_zixfWxZKSPvucSrzYOMzgneoGj6FodA90HRJppMgweS_tcUHp93fJ4S_RdWE2D0sedTVro7TQoLI1AuUznlm0hhH2KvxlowOibXZtjvDR4OagSp6d2JOqR9XIs2DUu9Aw3-h-6xcP3LiMPCI3bULKO0cec9jXicLeWSppfeyFV3HrmlS_6SoQFiBdaQRAYII2oRn3r0tTz_95o_dc2fpspNY6QtqdyZQAhXFDeD4n_GnWmo5UcaVaxxH0Dchjcx0HhJv9bAnoIIGGCvD_yF720xpKF54WD1ICfzbsPP86mER20LkSAm0Fomxy-dQB_IE-d0cZkIy9g==&abvar=0&os=0 HTTP/1.1
Host: vzigttqgqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2210152326126ac0a0fb9146df976e1df5f1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:16 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACHfJgAAAAAAAAAB; Path=/; Expires=Tue, 15 Nov 2022 04:26:16 GMT; Secure; SameSite=None
OACIBLOCK=ACHfJgAAAABjSucQ; Path=/; Expires=Tue, 15 Nov 2022 04:26:16 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Mon, 17 Oct 2022 04:26:16 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
vzigttqgqx.com/chicken.gif?z=1898043&pb=4a49693dfc5897792fad2f445932961c1665901574&psp=QBXPqZgryKhUcAe11yYCUMSz-fYR2Gmt2yQcnuMUQxUXHXUneOjLJPAc0Ub9MoiTY45HLHljEoutrLYj-jNC-hqw94WSsaiLfLKbg576XViObx-XCiG6FmhkoG931kAxZ4ABI8k184o_F9o7opyIOLMpywvCVBXv7KEe4eIDQmJK-wcCFOcpBSuONWVL6f0EqUj-6nNHkMkgz99G2Zt19ABLvL5lQFRgDzstNsFGZm3jKiLY6IKbHK1qzTyF9GiKLBQk8IKyo9UD0iP38mkNS3bO8fMYX6uQNa7NeKUvk_1WDGvxBYOnMWH-pNWjc-Tg53xSZXDWTebJM6lIFNdh1YiNr3siCxM_3Jk6wS0ue1XqnJZ6ZNNmq0o8MyjM1qoxhUIAOa3y9vwYGZNCQuK5SfanVXiapoJtHEAfpwP_hpc5WqR9Jam2XoV_146mqXi8AqLHYlEkxd2mAi7v3ADsHNYf0V__p_b604_W8vgi9e6ULyXTq0Vgo5zXXq0KA11erXdweonvF7GZC322SI5Qrd85vaUZ-zR9hPqST_T6xTPlbospsEoOdJo2grapp5hqUYahsZ5PZhnN4t0Ok-7vlIcBip0c9e0r4nxQyPYv7M3eq1ktmJSd8YVwr37vfK7a8QyHTiQLaKYMWu_gRR3LFJVhJsAwa8UX_xOfLCs0qERBVFveIggH7PgBsyzg8fMb2zcDBSFfGkVlhhKXrLmOnXUbL8pfJ57wvMW2NxzuhFSWp4veTSY6NYfCZjbdYfnLLamnpKQn5Wwwq-W1DpysErsiQLXjVuCfpnq9NqdruAghRVrYwUHrfLvEh2A9v3uPymQpvcR98IZPYZcaElXvZWL8-9fg1kez1hC46fnuPOcdMgY6gv_t0LtQADzhphK-MYyz34nEzqsyIBVSja1Z_r6frInZ4MSQGtJHmT9GL_ozhyRW4SjV4HxBmBhSWEXkrNcu8O7SjZ7qgo-lh4VDe0Bsy9oFKXjJuq4SvSJkAcyyw_Qj9m32f9PwQTqyh1QWNKN7MkRXld86W5ESYkPqOj0pba2o_VWO4SQpx_-EXqb9sj1GXtZmfQg_f4um3xnuGGDBVAlhEzk2JyXjOfKwRvUeIceucUnKotYPIfirwlFihtKf3IvTuYQffS5a5ef3BicV8dNxrjXHXNfAtNfOHWUaeipnX7tWDIbpihfTh1XLuvDkk7vl4ZJ_-LRDnK3CQ4f_ZppPt1DsYth3L4QyN64QQXIaS4n-KYFPi4bSpsrcieG-PXgK70LegiQF5myXeYMNvnlhaWfSrGWn9wWPGc-PGaOJ7aS76LIY7I7rjxd9VbALOnY0r680KzgSgiLm_J5xZxUs_Vs4j-0WCAWjSULkGEeZPMFKH1SediCbESSn733bu1aOeYaM-9CSKeL1jNn7Y-Y_K0yOrRemf8QC-kvuWqpipoyPCuVzu3fxfV0Z__EmhAkTKS68Yjm9a7l8VP2L3_tJn4XbYFW-9SyAe1dAxpGP2EHQYPyMJC92Cwy3btJfSREI2zLUUSye3BjDSIat9q1JpgQafsWHjgEcyNx-j-FCpZNjNHwNBxW3IPoB_zcPYZJgW-Ckqe38tnXydg2xhbUjL2qQx_pcUENjWdC0DMsGz9R6M81GSZuzH6L5wRrRiLoUEbBN96aPztMn3qDnhlyg9GeyqUj25FZf_CuY2cwb29Dt72pgHYZmK_RShypWioWFbC1bYTKhbGBL9dvpNUjV&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 vzigttqgqx.com/chicken.gif?z=1898043&pb=4a49693dfc5897792fad2f445932961c1665901574&psp=QBXPqZgryKhUcAe11yYCUMSz-fYR2Gmt2yQcnuMUQxUXHXUneOjLJPAc0Ub9MoiTY45HLHljEoutrLYj-jNC-hqw94WSsaiLfLKbg576XViObx-XCiG6FmhkoG931kAxZ4ABI8k184o_F9o7opyIOLMpywvCVBXv7KEe4eIDQmJK-wcCFOcpBSuONWVL6f0EqUj-6nNHkMkgz99G2Zt19ABLvL5lQFRgDzstNsFGZm3jKiLY6IKbHK1qzTyF9GiKLBQk8IKyo9UD0iP38mkNS3bO8fMYX6uQNa7NeKUvk_1WDGvxBYOnMWH-pNWjc-Tg53xSZXDWTebJM6lIFNdh1YiNr3siCxM_3Jk6wS0ue1XqnJZ6ZNNmq0o8MyjM1qoxhUIAOa3y9vwYGZNCQuK5SfanVXiapoJtHEAfpwP_hpc5WqR9Jam2XoV_146mqXi8AqLHYlEkxd2mAi7v3ADsHNYf0V__p_b604_W8vgi9e6ULyXTq0Vgo5zXXq0KA11erXdweonvF7GZC322SI5Qrd85vaUZ-zR9hPqST_T6xTPlbospsEoOdJo2grapp5hqUYahsZ5PZhnN4t0Ok-7vlIcBip0c9e0r4nxQyPYv7M3eq1ktmJSd8YVwr37vfK7a8QyHTiQLaKYMWu_gRR3LFJVhJsAwa8UX_xOfLCs0qERBVFveIggH7PgBsyzg8fMb2zcDBSFfGkVlhhKXrLmOnXUbL8pfJ57wvMW2NxzuhFSWp4veTSY6NYfCZjbdYfnLLamnpKQn5Wwwq-W1DpysErsiQLXjVuCfpnq9NqdruAghRVrYwUHrfLvEh2A9v3uPymQpvcR98IZPYZcaElXvZWL8-9fg1kez1hC46fnuPOcdMgY6gv_t0LtQADzhphK-MYyz34nEzqsyIBVSja1Z_r6frInZ4MSQGtJHmT9GL_ozhyRW4SjV4HxBmBhSWEXkrNcu8O7SjZ7qgo-lh4VDe0Bsy9oFKXjJuq4SvSJkAcyyw_Qj9m32f9PwQTqyh1QWNKN7MkRXld86W5ESYkPqOj0pba2o_VWO4SQpx_-EXqb9sj1GXtZmfQg_f4um3xnuGGDBVAlhEzk2JyXjOfKwRvUeIceucUnKotYPIfirwlFihtKf3IvTuYQffS5a5ef3BicV8dNxrjXHXNfAtNfOHWUaeipnX7tWDIbpihfTh1XLuvDkk7vl4ZJ_-LRDnK3CQ4f_ZppPt1DsYth3L4QyN64QQXIaS4n-KYFPi4bSpsrcieG-PXgK70LegiQF5myXeYMNvnlhaWfSrGWn9wWPGc-PGaOJ7aS76LIY7I7rjxd9VbALOnY0r680KzgSgiLm_J5xZxUs_Vs4j-0WCAWjSULkGEeZPMFKH1SediCbESSn733bu1aOeYaM-9CSKeL1jNn7Y-Y_K0yOrRemf8QC-kvuWqpipoyPCuVzu3fxfV0Z__EmhAkTKS68Yjm9a7l8VP2L3_tJn4XbYFW-9SyAe1dAxpGP2EHQYPyMJC92Cwy3btJfSREI2zLUUSye3BjDSIat9q1JpgQafsWHjgEcyNx-j-FCpZNjNHwNBxW3IPoB_zcPYZJgW-Ckqe38tnXydg2xhbUjL2qQx_pcUENjWdC0DMsGz9R6M81GSZuzH6L5wRrRiLoUEbBN96aPztMn3qDnhlyg9GeyqUj25FZf_CuY2cwb29Dt72pgHYZmK_RShypWioWFbC1bYTKhbGBL9dvpNUjV&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1898043&pb=4a49693dfc5897792fad2f445932961c1665901574&psp=QBXPqZgryKhUcAe11yYCUMSz-fYR2Gmt2yQcnuMUQxUXHXUneOjLJPAc0Ub9MoiTY45HLHljEoutrLYj-jNC-hqw94WSsaiLfLKbg576XViObx-XCiG6FmhkoG931kAxZ4ABI8k184o_F9o7opyIOLMpywvCVBXv7KEe4eIDQmJK-wcCFOcpBSuONWVL6f0EqUj-6nNHkMkgz99G2Zt19ABLvL5lQFRgDzstNsFGZm3jKiLY6IKbHK1qzTyF9GiKLBQk8IKyo9UD0iP38mkNS3bO8fMYX6uQNa7NeKUvk_1WDGvxBYOnMWH-pNWjc-Tg53xSZXDWTebJM6lIFNdh1YiNr3siCxM_3Jk6wS0ue1XqnJZ6ZNNmq0o8MyjM1qoxhUIAOa3y9vwYGZNCQuK5SfanVXiapoJtHEAfpwP_hpc5WqR9Jam2XoV_146mqXi8AqLHYlEkxd2mAi7v3ADsHNYf0V__p_b604_W8vgi9e6ULyXTq0Vgo5zXXq0KA11erXdweonvF7GZC322SI5Qrd85vaUZ-zR9hPqST_T6xTPlbospsEoOdJo2grapp5hqUYahsZ5PZhnN4t0Ok-7vlIcBip0c9e0r4nxQyPYv7M3eq1ktmJSd8YVwr37vfK7a8QyHTiQLaKYMWu_gRR3LFJVhJsAwa8UX_xOfLCs0qERBVFveIggH7PgBsyzg8fMb2zcDBSFfGkVlhhKXrLmOnXUbL8pfJ57wvMW2NxzuhFSWp4veTSY6NYfCZjbdYfnLLamnpKQn5Wwwq-W1DpysErsiQLXjVuCfpnq9NqdruAghRVrYwUHrfLvEh2A9v3uPymQpvcR98IZPYZcaElXvZWL8-9fg1kez1hC46fnuPOcdMgY6gv_t0LtQADzhphK-MYyz34nEzqsyIBVSja1Z_r6frInZ4MSQGtJHmT9GL_ozhyRW4SjV4HxBmBhSWEXkrNcu8O7SjZ7qgo-lh4VDe0Bsy9oFKXjJuq4SvSJkAcyyw_Qj9m32f9PwQTqyh1QWNKN7MkRXld86W5ESYkPqOj0pba2o_VWO4SQpx_-EXqb9sj1GXtZmfQg_f4um3xnuGGDBVAlhEzk2JyXjOfKwRvUeIceucUnKotYPIfirwlFihtKf3IvTuYQffS5a5ef3BicV8dNxrjXHXNfAtNfOHWUaeipnX7tWDIbpihfTh1XLuvDkk7vl4ZJ_-LRDnK3CQ4f_ZppPt1DsYth3L4QyN64QQXIaS4n-KYFPi4bSpsrcieG-PXgK70LegiQF5myXeYMNvnlhaWfSrGWn9wWPGc-PGaOJ7aS76LIY7I7rjxd9VbALOnY0r680KzgSgiLm_J5xZxUs_Vs4j-0WCAWjSULkGEeZPMFKH1SediCbESSn733bu1aOeYaM-9CSKeL1jNn7Y-Y_K0yOrRemf8QC-kvuWqpipoyPCuVzu3fxfV0Z__EmhAkTKS68Yjm9a7l8VP2L3_tJn4XbYFW-9SyAe1dAxpGP2EHQYPyMJC92Cwy3btJfSREI2zLUUSye3BjDSIat9q1JpgQafsWHjgEcyNx-j-FCpZNjNHwNBxW3IPoB_zcPYZJgW-Ckqe38tnXydg2xhbUjL2qQx_pcUENjWdC0DMsGz9R6M81GSZuzH6L5wRrRiLoUEbBN96aPztMn3qDnhlyg9GeyqUj25FZf_CuY2cwb29Dt72pgHYZmK_RShypWioWFbC1bYTKhbGBL9dvpNUjV&abvar=0&os=0 HTTP/1.1
Host: vzigttqgqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2210152326126ac0a0fb9146df976e1df5f1; OACICAP=ACHfJgAAAAAAAAAB; OACIBLOCK=ACHfJgAAAABjSucQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:17 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACHfJgAAAAAAAAABACImuQAAAAAAAAAB; Path=/; Expires=Tue, 15 Nov 2022 04:26:17 GMT; Secure; SameSite=None
OACIBLOCK=ACHfJgAAAABjSucQACImuQAAAABjSj5Q; Path=/; Expires=Tue, 15 Nov 2022 04:26:17 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Mon, 17 Oct 2022 04:26:17 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
vzigttqgqx.com/pn07uscr/f/tr/zavbn/1898045/lib.js
62.122.171.6200 OK 0 B URL HTTP/2 vzigttqgqx.com/pn07uscr/f/tr/zavbn/1898045/lib.js
IP 62.122.171.6:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /pn07uscr/f/tr/zavbn/1898045/lib.js HTTP/1.1
Host: vzigttqgqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:14 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: script
set-cookie: UID=2210152326126ac0a0fb9146df976e1df5f1; Path=/; Expires=Mon, 16 Oct 2023 04:26:14 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
vzigttqgqx.com/get/1898043?zoneid=1898043&jp=_cllepvlklghuqs5b9sd3g7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=672126007349392
62.122.171.6200 OK 0 B URL HTTP/2 vzigttqgqx.com/get/1898043?zoneid=1898043&jp=_cllepvlklghuqs5b9sd3g7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=672126007349392
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1898043?zoneid=1898043&jp=_cllepvlklghuqs5b9sd3g7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=672126007349392 HTTP/1.1
Host: vzigttqgqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Cookie: UID=2210152326126ac0a0fb9146df976e1df5f1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:14 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
forlumineoner.com/pfe/current/tag.min.js?pub=1&t=standalone&z=1898045&var=
139.45.197.229200 OK 0 B URL HTTP/2 forlumineoner.com/pfe/current/tag.min.js?pub=1&t=standalone&z=1898045&var=
IP 139.45.197.229:0
GET /pfe/current/tag.min.js?pub=1&t=standalone&z=1898045&var= HTTP/1.1
Host: forlumineoner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:11 GMT
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 15:34:31 GMT
etag: W/"63483007-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
qa24ljic4i.com/q/tdl/95/dnt/1898044/kep.js
62.122.171.6200 OK 0 B URL HTTP/2 qa24ljic4i.com/q/tdl/95/dnt/1898044/kep.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /q/tdl/95/dnt/1898044/kep.js HTTP/1.1
Host: qa24ljic4i.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:14 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 09:37:01 GMT
vary: Accept-Encoding
etag: W/"6343e7bd-c3e1"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
vzigttqgqx.com/bultykh/ipp24/7/bazinga/1898043
62.122.171.6200 OK 0 B URL HTTP/2 vzigttqgqx.com/bultykh/ipp24/7/bazinga/1898043
IP 62.122.171.6:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /bultykh/ipp24/7/bazinga/1898043 HTTP/1.1
Host: vzigttqgqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brazz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 04:26:14 GMT
content-type: application/javascript
last-modified: Mon, 10 Oct 2022 09:37:02 GMT
vary: Accept-Encoding
etag: W/"6343e7be-34819"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2