r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5089
Expires: Sun, 05 Feb 2023 08:43:18 GMT
Date: Sun, 05 Feb 2023 07:18:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8263
Expires: Sun, 05 Feb 2023 09:36:12 GMT
Date: Sun, 05 Feb 2023 07:18:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 06:36:17 GMT
content-type: application/json
age: 2532
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15933
Expires: Sun, 05 Feb 2023 11:44:02 GMT
Date: Sun, 05 Feb 2023 07:18:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tjImBqXibYXb5DhfvMAEs6OWq3qFuNpkqxeUok8F7grOvUTKpcLBms7mJUGtdOJjIYV4ApdWQc0=
x-amz-request-id: K74NG42HG407SS96
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 06:53:10 GMT
age: 1519
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 07:18:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 06:49:07 GMT
age: 1763
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5268
Expires: Sun, 05 Feb 2023 08:46:18 GMT
Date: Sun, 05 Feb 2023 07:18:30 GMT
Connection: keep-alive
push.services.mozilla.com/
34.216.140.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.140.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3Jo/Vfm0bTPhlVevPTJFfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NuuAqzcBGTTujoMO7h1xUfOQ3nA=
siska.video/video.php?videoID=143230
172.67.218.83200 OK 6.3 kB URL HTTP/1.1 siska.video/video.php?videoID=143230
IP 172.67.218.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1449), with CRLF, LF line terminators
Hash 60f96c3edbe17875b28c2c548edb76db
58731ce0c799e8c0c19981667dc70178893d3004
acd25d4f25079b000de1ff53405685a1e398208bf7c9fa9ff82c8754aa1eb9b8
NIDS Severity Alert suricata high ET INFO Suspicious Darkwave Popads Pop Under Redirect
GET /video.php?videoID=143230 HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZH3KOID37kP83HX6kVLjbKQbuzJ3ay%2FDd02X3cI2FLsLXnxk4S92HFMqnaDptyqRID7MBRFVX1IlHFTREn1OLPtzy1Wbc1EZqQ0YVCwyC%2FI6JIL3MQna7WZaL4LG7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7949df52ffc2b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
siska.video/theme.css?12
172.67.218.83200 OK 26 kB IP 172.67.218.83:0
File type ASCII text, with very long lines (1970), with CRLF line terminators
Hash d8e3a9cfdbbc5c10e715c17f5ece54ea
b73decde1b6b9b3a3d6a0de35acf168815d1412e
dbe88ce0c5c872f5ca462eae3736120b3079c6b433645d77820111d1f3fa22c1
GET /theme.css?12 HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/video.php?videoID=143230
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 04 May 2021 19:59:08 GMT
ETag: W/"6091a78c-1d439"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2124
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qp2aAA7bL2wsC2FOlXjC1VRK0zDLU1LG1h2Wvi1DQBn%2BZw0aZh9Nlz9QYQiH9ZPp1ftPrl8jO%2FqYOAPxTDAR4kvyeBgt%2Bc1wVWr0qaSxAS2zq1HoQ9tA%2BIOPtLu4g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df5c1fbfb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
siska.video/all.js?1
172.67.218.83200 OK 80 kB IP 172.67.218.83:0
File type ASCII text, with very long lines (583)
Hash 688409f81649d691cb218e9d65279d0f
ad6484b3eda125622c81147d5d19a940ede6da96
71f091ae8e05a4fe8c59f0b05fdb0785133d84e080843168398b0273d13d7790
GET /all.js?1 HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/video.php?videoID=143230
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 04 May 2021 19:57:20 GMT
ETag: W/"6091a720-46fd5"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2161
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raqFOxUiH4S54AxtrxWpxwzOWeKs1mElKQojVZ15KQweieMVE1bS6KS9cqTROk20725QyxfdVphl4hHPiVpptLoISHqdR9BDIJGs4FBjtGaSzwQDw4C1TcmAwTCp8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df5c2fd1b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 33ec4b7c00ba6ae9de0c637f69c1f40f
f13ed6a40da94e79bd42370d0ea585e858c93fd6
705a946eb69fb404e6e41a23ab0bd4ca03561b263bc4a0055b9a1b195e798422
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 18:04:03 GMT
Expires: Fri, 10 Feb 2023 18:04:02 GMT
Etag: "f13ed6a40da94e79bd42370d0ea585e858c93fd6"
Cache-Control: max-age=470130,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7949df5febc5b523-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2954
Expires: Sun, 05 Feb 2023 08:07:46 GMT
Date: Sun, 05 Feb 2023 07:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2954
Expires: Sun, 05 Feb 2023 08:07:46 GMT
Date: Sun, 05 Feb 2023 07:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2954
Expires: Sun, 05 Feb 2023 08:07:46 GMT
Date: Sun, 05 Feb 2023 07:18:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2954
Expires: Sun, 05 Feb 2023 08:07:46 GMT
Date: Sun, 05 Feb 2023 07:18:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 71285
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bee08788da5b88dde69aeb1d4de005c9
537c7a19a9395a60452b6b0b3ae08d47f4705181
02365d88ae9ff3ace3f29509df0e436ab0838d44714ef0f25dea463d665f794a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 544d13b9-8d45-4029-88e0-280f27cc0fa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi4-SHN1IAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76ec1-3f1ee84f53fe45cc01439a28;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:16:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TtyPO9j12ZpU3XdElRgCrqB4XNERrppavwJZJn5As8mqjjDLyZBmsw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
age: 34506
etag: "537c7a19a9395a60452b6b0b3ae08d47f4705181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 34506
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 32914
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 71285
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e0c38abfcd86f8074d4182d49fc354f
1367bebb73fa652695242100b26c394f1bfe4457
e42d110060133ac05e6cdfafa6473c55473220fdc7eaf03e3a89f58aa3603670
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11056
x-amzn-requestid: 4acc3364-4a33-4934-bdcb-41284d952113
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPFrwEW4IAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8317-33872f461a2faab552322837;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:04:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4xmWa9XVzQ3xzjzIZyrdv3GpFSaTcoacse6b0lgGch2IMvV69AZ57w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:45:28 GMT
age: 34384
etag: "1367bebb73fa652695242100b26c394f1bfe4457"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
siska.video/hbckutmxym.php
172.67.218.83200 OK 11 kB URL HTTP/1.1 siska.video/hbckutmxym.php
IP 172.67.218.83:0
File type ASCII text, with very long lines (10335)
Hash a9a87c9f3cdb983f327734cad61af275
2e4bd313309dd41af1fab822e57137792e588d03
996e15ff00a32ddb8aedbc6a4baee712253a443f0c499813c5ed794f7a374143
GET /hbckutmxym.php HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/video.php?videoID=143230
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1f0pBbPq0yliPDTi%2Bn4WWRxk1dhC4GyROJQJh1R30q0RtPk0NLAZQryX5lTnbJpYQ5ndyhd%2Bg6yMEJBZO3t4cZ%2FkN8FA17TsBwFLwoVmr2fZFmkJ6fAE8dCdn9jHA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7949df5c1f1fb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
siska.video/images/touch-icon-android-precomposed.png?12
172.67.218.83200 OK 45 kB URL HTTP/1.1 siska.video/images/touch-icon-android-precomposed.png?12
IP 172.67.218.83:0
File type PNG image data, 196 x 196, 8-bit/color RGB, non-interlaced\012- data
Hash dbcbd7082b69c2191a4cc81fa111c2ca
e3f750c1236cd2d8544dd0bb78932a388bad046e
df149cb670974cddfe60f0a3ef31ca797920951b0386aea8e9762024aef3b180
GET /images/touch-icon-android-precomposed.png?12 HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/video.php?videoID=143230
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:35 GMT
Content-Type: image/png
Content-Length: 45249
Connection: keep-alive
Last-Modified: Tue, 04 May 2021 20:31:34 GMT
ETag: "6091af26-b0c1"
Expires: Sat, 04 Mar 2023 05:41:47 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 265008
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYcfbmV8x3Pff2Ua67xzxY81osR0BaYdAGwfMJoF0f97neYV2yoehQ22dbe16NXEdatUsCLuHV%2F8gC8F%2FLVlo6nIhuTaCp4juD9pWCcR2W2lY1kFARtZBqu9ufzaxg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df7a9a7eb4f4-OSL
alt-svc: h2=":443"; ma=60
siska.video/images/logo.png?5
172.67.218.83200 OK 21 kB URL HTTP/1.1 siska.video/images/logo.png?5
IP 172.67.218.83:0
File type PNG image data, 241 x 60, 8-bit/color RGBA, interlaced\012- data
Hash 0975048af787117d891ece5209ea919b
dda3c57894a6e440d26716126949b3640276497c
816ff30e6bb124bec9ddff2b2f5f50a5d3d043e9b5b998c9951aa2aeee4c42d2
GET /images/logo.png?5 HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/video.php?videoID=143230
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:35 GMT
Content-Type: image/png
Content-Length: 21080
Connection: keep-alive
Last-Modified: Tue, 04 May 2021 19:59:36 GMT
ETag: "6091a7a8-5258"
Expires: Fri, 24 Feb 2023 04:16:14 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 961341
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agSBUcp4AEojisBLqoPawvWw8%2FEUWwinLSKYk0RFzcRvt9k7%2FeU4wmO6zbPqU%2Fea7lP6nYEiti8cnQk4PBs15pryJycGFoVsf3wFmrPhncYZwFB4fOPapRwCXqYWtw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df7a9f4ab511-OSL
alt-svc: h2=":443"; ma=60
siska.video/images/sprite-s9d610a2ce1.png
172.67.218.83200 OK 50 kB URL HTTP/1.1 siska.video/images/sprite-s9d610a2ce1.png
IP 172.67.218.83:0
File type PNG image data, 48 x 3822, 8-bit/color RGBA, non-interlaced\012- data
Hash 447660359cd55678ec3668298c2f319f
019b078f135d461ac9a4127f3601f5afb4882be1
c28ecba52973a31a28a7ed4c808791932139320e5e9ab66298ab0e5b900e2d53
GET /images/sprite-s9d610a2ce1.png HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/theme.css?12
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:35 GMT
Content-Type: image/png
Content-Length: 50191
Connection: keep-alive
Last-Modified: Tue, 04 May 2021 19:59:36 GMT
ETag: "6091a7a8-c40f"
Expires: Sat, 04 Mar 2023 02:38:57 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 275978
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZshYFhZ6K9whOElsh2hDNIvF11tGi5p8XtubPM11QYTDagEQ%2BulGk7ktDQ28rzAfn1%2BS1PGtgvON9bU9ge5FTAtSfE9t7lM9TLsOmhVpFZxX%2B1qX%2Bl%2BC6EVr61oXg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df7adad9b4f4-OSL
alt-svc: h2=":443"; ma=60
dood.la/e/09200re9xd3if8k6k676sxc6k9cbidvb
104.26.1.94301 Moved Permanently 0 B URL HTTP/1.1 dood.la/e/09200re9xd3if8k6k676sxc6k9cbidvb
IP 104.26.1.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/09200re9xd3if8k6k676sxc6k9cbidvb HTTP/1.1
Host: dood.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 07:18:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 08:18:36 GMT
Location: https://dood.la/e/09200re9xd3if8k6k676sxc6k9cbidvb
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvD%2FdZzBCD0IxIw%2B1yDYsjwaGX1ayd6%2BTfLv8ykmz%2BnfJhQtrIPqCAR%2FMmuv%2BvoeI9%2BULrD8DvDlmN8xdbwUrOtWv1FN0QzZKTiB%2BJC%2F32AX%2FM1UwDyw67E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df7b2fa0b4e8-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6b805d3f23f8f84b19d5ab55646db7bf
b82dd861f04cb960ddd0b113904e64c8d35e02c2
914d14c0a0bf23a258b60bf0e0bec94651ac0b5789b38fb5e994270e17323110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Etag: "63dd7fcf-116"
Last-Modified: Sun, 05 Feb 2023 06:36:07 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 279
siska.video/favicon.ico?12
172.67.218.83404 Not Found 116 B URL HTTP/1.1 siska.video/favicon.ico?12
IP 172.67.218.83:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d30dc29a0a37021c19ce82dfd63f38e2
f8a5f684b1ceff1df00e7b98f206721db21c8c80
f86707006f9eb679fe56a9238e5d5194aac6f4168a3f366f57128a1001a2857d
GET /favicon.ico?12 HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/video.php?videoID=143230
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AynkhZPRbzync7N%2FScuVthsdQ1BV8qi9H1Ys0leSYN%2FighLpI8wT3%2FPieYyAohAgFS%2BqlrCARVYCVnFJgURHyjbozSe5L9RxGKTdbfYnYHnzhbPOEmCyZ74HWBpN%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df7a9a7fb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2bff42a2516be5154643a931334079c0
1475863b22395af4bdad027ed866923837fd2d42
65073467f508f70231c62fd8f1176076fd86e0df44c83728caae86988ff2880a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3638
Cache-Control: max-age=94013
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Etag: "63de1653-117"
Expires: Mon, 06 Feb 2023 09:25:29 GMT
Last-Modified: Sat, 04 Feb 2023 08:24:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
siska.video/images/touch-24.png?2
172.67.218.83404 Not Found 116 B URL HTTP/1.1 siska.video/images/touch-24.png?2
IP 172.67.218.83:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d30dc29a0a37021c19ce82dfd63f38e2
f8a5f684b1ceff1df00e7b98f206721db21c8c80
f86707006f9eb679fe56a9238e5d5194aac6f4168a3f366f57128a1001a2857d
GET /images/touch-24.png?2 HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/video.php?videoID=143230
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9KX7i0A6pA5%2BG0crVCQclqLXA0B8T5sPuynX9a4MCtC%2FN4arOzIVwtk3a2P8RqKl0kiGRyqdpZef%2FNbkHtHgnJ6GYovEs8rnAaEdezUtR421StvUWJIQcUkoxRgUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df7a9832b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
siska.video/images/video-load.gif
172.67.218.83404 Not Found 116 B URL HTTP/1.1 siska.video/images/video-load.gif
IP 172.67.218.83:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d30dc29a0a37021c19ce82dfd63f38e2
f8a5f684b1ceff1df00e7b98f206721db21c8c80
f86707006f9eb679fe56a9238e5d5194aac6f4168a3f366f57128a1001a2857d
GET /images/video-load.gif HTTP/1.1
Host: siska.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/video.php?videoID=143230
HTTP/1.1 404 Not Found
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbkkdKH6PeGjxwq%2FP4zKGiH5XW30JGOKVyJ96c%2BcfHRrgUHLQ9Yvip52G6qIqpUB9L7c15gWEmNk7EJ1PaUBWjVonJyIDIIbXyoRVVk7ApEKn%2FVM%2BovjMvarp6DJow%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df7aef8db511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
dood.la/e/09200re9xd3if8k6k676sxc6k9cbidvb
104.26.1.94302 Found 0 B URL HTTP/2 dood.la/e/09200re9xd3if8k6k676sxc6k9cbidvb
IP 104.26.1.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/09200re9xd3if8k6k676sxc6k9cbidvb HTTP/1.1
Host: dood.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://siska.video/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 07:18:36 GMT
content-length: 0
set-cookie: lang=1; domain=.dood.la; path=/
referer=; domain=.dood.la; path=/; expires=Sun, 05-Feb-2023 07:19:36 GMT
location: /e/vj55yq9jy0v9pokcn77b25lrnbh3lc0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMsQAHu9pCiYfJM48mhIFmHxD252sJzSonBAXWNrLNOdSmAEONcz4DtM54RuJepToA08SpUpwdcGSj512fHsSdFws2bOdcSlcwfyv7sA%2FQkazB9IAcjxmxU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7b98b11bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2bff42a2516be5154643a931334079c0
1475863b22395af4bdad027ed866923837fd2d42
65073467f508f70231c62fd8f1176076fd86e0df44c83728caae86988ff2880a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3638
Cache-Control: max-age=94013
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Etag: "63de1653-117"
Expires: Mon, 06 Feb 2023 09:25:29 GMT
Last-Modified: Sat, 04 Feb 2023 08:24:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ab0e00e3fe4d150afb247957e07fe306
2f5baf1ef30d8fdc9a87e9a0e1f84d976247b69a
0add1a2345aee8b986914461a10c4531c67ea9d15ba7457f85a56d81c7aebb71
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0ADD1A2345AEE8B986914461A10C4531C67EA9D15BA7457F85A56D81C7AEBB71"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20248
Expires: Sun, 05 Feb 2023 12:56:04 GMT
Date: Sun, 05 Feb 2023 07:18:36 GMT
Connection: keep-alive
nosotoros.com/x3rVZj?return=js.client&videoID=143230&se_referrer=&default_keyword=Aries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li!%20%7C%20siska.video&landing_url=siska.video%2Fvideo.php&name=_PZ9zdmdhQg2Z3MGr&host=https%3A%2F%2Fnosotoros.com%2Fx3rVZj
5.42.199.45200 OK 1.5 kB URL HTTP/1.1 nosotoros.com/x3rVZj?return=js.client&videoID=143230&se_referrer=&default_keyword=Aries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li!%20%7C%20siska.video&landing_url=siska.video%2Fvideo.php&name=_PZ9zdmdhQg2Z3MGr&host=https%3A%2F%2Fnosotoros.com%2Fx3rVZj
IP 5.42.199.45:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (3813), with no line terminators
Hash efa2d259b7764f891a4688ba06d3cf90
d385f6abf30d1415bcbb1b7fa1bb93eee60b0581
e17afa69cac0de4f8a426e48884c22ebb7f928448943ba452598cc0f9d945c71
GET /x3rVZj?return=js.client&videoID=143230&se_referrer=&default_keyword=Aries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li!%20%7C%20siska.video&landing_url=siska.video%2Fvideo.php&name=_PZ9zdmdhQg2Z3MGr&host=https%3A%2F%2Fnosotoros.com%2Fx3rVZj HTTP/1.1
Host: nosotoros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://siska.video/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1548
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpad12mct;Expires=Saturday, 04-Apr-2076 14:37:12 GMT;Max-Age=1677655116;Path=/x3rVZj;HttpOnly
208c9=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIyNDdcIjoxNjc1NTgxNTE2fSxcImNhbXBhaWduc1wiOntcIjQ3NlwiOjE2NzU1ODE1MTZ9LFwidGltZVwiOjE2NzU1ODE1MTZ9In0.vaipL6_pBE4tkqhhP79DfWNjR_-eO1vabp_LVIltRq4;Expires=Saturday, 04-Apr-2076 14:37:12 GMT;Max-Age=1677655116;Path=/x3rVZj;HttpOnly
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5902
Cache-Control: max-age=139491
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 22:03:27 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f8f25c92dab1b93d20244e871574b29e
0ec9789f10384073f7cd3102fed394d6dde4de6c
6bf7160882374d0c2887959a333b8d204b991e64fb955f808b7b29999b60f26f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2164
Cache-Control: max-age=115599
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Etag: "63de7067-118"
Expires: Mon, 06 Feb 2023 15:25:15 GMT
Last-Modified: Sat, 04 Feb 2023 14:49:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 50873a55c7df710a9e830804722b3860
610711bc3fe8d8e917486fb0e41b05a552b9b4ac
7c44b05f3285f6106ba9ea15faae26b50aa530e03bddd5614a3649eacd80be7e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7C44B05F3285F6106BA9EA15FAAE26B50AA530E03BDDD5614A3649EACD80BE7E"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=48
Expires: Sun, 05 Feb 2023 07:19:24 GMT
Date: Sun, 05 Feb 2023 07:18:36 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.la/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1427975
expires: Fri, 26 Jan 2024 07:18:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmkieG949V0ZeVuquK6RIj1mtOzqNXTGxCIYgcKdF8RRWUZ0p2l%2FuWFnAZgGYSydCM0wZH4vla2iKI9CACzljvYLXenwi330goeLBm9SvSowTJ1JurCLTp6PKRXQ4j%2FrNs9ZPlFm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7949df7cc92db4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/css/embed.css
104.26.6.74200 OK 80 kB URL HTTP/2 i.doodcdn.co/css/embed.css
IP 104.26.6.74:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 010e9740f2148647b93ae896d452119c
888e44accbd7e78a0654fd4eaf7541269d95e4e9
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47
GET /css/embed.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.la/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: text/css
content-length: 79720
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: minify
cf-polished: origSize=79890
etag: "61d3187c-13812"
expires: Mon, 06 Mar 2023 05:03:47 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cf-cache-status: HIT
age: 24755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D%2F8qVWzChNrnO6vnMV60vhZTnZAIRgAW5mPD5xzhzYvDQFZ1S6d7q8%2FlUuyTHViy9VgS7lVLzo0ZsneaDlCgWdaovnHWNUFsRWvjxOolXwfnaWofIGVqPzNX039mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7949df7cdbe40b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6555
Cache-Control: max-age=140144
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 22:14:20 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f8f25c92dab1b93d20244e871574b29e
0ec9789f10384073f7cd3102fed394d6dde4de6c
6bf7160882374d0c2887959a333b8d204b991e64fb955f808b7b29999b60f26f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5830
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Last-Modified: Sun, 05 Feb 2023 05:41:26 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 50873a55c7df710a9e830804722b3860
610711bc3fe8d8e917486fb0e41b05a552b9b4ac
7c44b05f3285f6106ba9ea15faae26b50aa530e03bddd5614a3649eacd80be7e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7C44B05F3285F6106BA9EA15FAAE26B50AA530E03BDDD5614A3649EACD80BE7E"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=48
Expires: Sun, 05 Feb 2023 07:19:24 GMT
Date: Sun, 05 Feb 2023 07:18:36 GMT
Connection: keep-alive
c1.popads.net/pop.js
185.76.9.26200 OK 9.9 kB IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash d2f092c2525456135a6412df048cb9e1
73d6962cb750fd9cc5a06ac6db82718c90bd6296
4ff692ff710346275b517e846bdaf0df85bc82f25484ecc6954b5462e98caf9e
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://siska.video
Connection: keep-alive
Referer: http://siska.video/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
Last-Modified: Sun, 03 Jul 2022 20:49:14 GMT
ETag: W/"62c200ca-7b48"
Access-Control-Allow-Origin: *
X-Accel-Expires: @1676581399
Server: CDN77-Turbo
X-77-NZT: AblMCRSTo4z/NZAAAA
X-77-NZT-Ray: af585630ada731884c58df63a87feb16
X-Cache: HIT
X-Age: 36917
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
counter.yadro.ru/hit?t44.6;r;s1280*1024*24;uhttp%3A//siska.video/video.php%3FvideoID%3D143230;hAries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li%21%20%7C%20siska.video;0.7702225128261723
88.212.201.204302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t44.6;r;s1280*1024*24;uhttp%3A//siska.video/video.php%3FvideoID%3D143230;hAries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li%21%20%7C%20siska.video;0.7702225128261723
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t44.6;r;s1280*1024*24;uhttp%3A//siska.video/video.php%3FvideoID%3D143230;hAries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li%21%20%7C%20siska.video;0.7702225128261723 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/
HTTP/1.1 302 Moved Temporarily
Date: Sun, 05 Feb 2023 07:18:36 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t44.6;r;s1280*1024*24;uhttp%3A//siska.video/video.php%3FvideoID%3D143230;hAries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li%21%20%7C%20siska.video;0.7702225128261723
Content-Length: 32
Expires: Fri, 04 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
korall.xyz/ad/api/popunder.js
104.21.92.11200 OK 21 B URL HTTP/2 korall.xyz/ad/api/popunder.js
IP 104.21.92.11:0
File type ASCII text, with no line terminators
Hash 533a813ddb8f84d7e018bf8e6296c44d
8c95af23d5dc502f1bc3395a6d2e339e696c0d3e
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
GET /ad/api/popunder.js HTTP/1.1
Host: korall.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=UTF-8
content-length: 21
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: "6141fdde-15"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-l: HIT
cf-cache-status: HIT
age: 12330378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsGTuwbiVdrw5A8b5khni5OaBVeMCZSYu9rnG9tcEPrWc7vSX%2F7x5ZIAH3Res1MZ635AcesGmGYxqKo9u%2Far1YZIUi6Av30mDS7e73XhlRTS3LIiWR%2FaOI4aMXfY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7949df7e0a08b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6b805d3f23f8f84b19d5ab55646db7bf
b82dd861f04cb960ddd0b113904e64c8d35e02c2
914d14c0a0bf23a258b60bf0e0bec94651ac0b5789b38fb5e994270e17323110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 136
Cache-Control: max-age=138377
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Etag: "63ded14d-117"
Expires: Mon, 06 Feb 2023 21:44:53 GMT
Last-Modified: Sat, 04 Feb 2023 21:42:37 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 279
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 6db3615a97e64f2325b68ab13f6f2369
3a8232df2731c2d163018fa3c0fc73344621577e
5225f786e6df74578f0fc8c271658ec4d950b43f3600057d90b8131e8d3e97fc
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 09 Feb 2023 03:34:51 GMT
ETag: "3a8232df2731c2d163018fa3c0fc73344621577e"
Last-Modified: Sun, 05 Feb 2023 03:34:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1041
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df7e4875b4ff-OSL
hqq.tv/ad/api/popunder.js
190.115.19.71200 OK 21 B URL HTTP/2 hqq.tv/ad/api/popunder.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with no line terminators
Hash 533a813ddb8f84d7e018bf8e6296c44d
8c95af23d5dc502f1bc3395a6d2e339e696c0d3e
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
GET /ad/api/popunder.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:35 GMT
content-type: application/javascript; charset=UTF-8
content-length: 21
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: "6141fdde-15"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
X-Firefox-Spdy: h2
korall.xyz/js/websocket_ip.min.js
104.21.92.11200 OK 3.2 kB URL HTTP/2 korall.xyz/js/websocket_ip.min.js
IP 104.21.92.11:0
File type ASCII text, with very long lines (4292)
Hash 61f0493d02522c0061cfac83e1c20ab1
6e3435dea3fecfc5a732dca7cdc799bb43fbff6e
54d220bbd2533e0fdacc1fd0e633d9dfd6fdb646cce39f4fcefd3daeac7d80b0
GET /js/websocket_ip.min.js HTTP/1.1
Host: korall.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 1358741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXfWTHV0DnB8swuD%2F6I3mNr18zcW8aA4EQ32bpnLk5eQ6weK%2BAu8B%2FfGYkvXchWIQMw8ZshSCemUHpR5e4ngUqTIqnE6BpRkYwEQx%2Bl%2B%2FWgisTMf6hLnjxPdZ8qy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7dd9dcb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t44.6;r;s1280*1024*24;uhttp%3A//siska.video/video.php%3FvideoID%3D143230;hAries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li%21%20%7C%20siska.video;0.7702225128261723
88.212.201.204200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit?t44.6;r;s1280*1024*24;uhttp%3A//siska.video/video.php%3FvideoID%3D143230;hAries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li%21%20%7C%20siska.video;0.7702225128261723
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash 0223d80a320a983871bfa82aa6d698ea
f4e06fe8e83c662bb565f175d7de22f51c1e7c9d
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
GET /hit?t44.6;r;s1280*1024*24;uhttp%3A//siska.video/video.php%3FvideoID%3D143230;hAries%20Li%20-%20Jay%20Tate%20Smashes%20His%20Dream%20Asian%20MILF%20Aries%20Li%21%20%7C%20siska.video;0.7702225128261723 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://siska.video/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Fri, 04 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash cca235bbbe05cc0ebb9bd291f113f0c6
bdd36e0742f6fd7812e08ef8789d64507c6a82ec
28fa69fd1abd5013a545fe2a0072d1160c0be080a5596901a4b2a534153f4707
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6343
Cache-Control: max-age=164399
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:18:36 GMT
Etag: "63df1eb4-118"
Expires: Tue, 07 Feb 2023 04:58:35 GMT
Last-Modified: Sun, 05 Feb 2023 03:12:52 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 280
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
104.16.123.175200 OK 8.8 kB URL HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP 104.16.123.175:0
File type ASCII text, with very long lines (29325)
Hash c41d6608d1196421ccb6cbbc831ab298
83d6358ab6f0daa9c6bfed6e92b75a453b0f55db
d1bf9402ec162f1eaadebe915595eba8c987731ed8fbf78271a3d50b14f5f341
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 24892280
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7949df7e3b54b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/b/925b3ffa/api.js
188.114.99.234200 OK 4.6 kB URL HTTP/2 challenges.cloudflare.com/turnstile/v0/b/925b3ffa/api.js
IP 188.114.99.234:0
File type ASCII text, with very long lines (11646)
Hash 5ca4a9aa0149bec45b1931e84ba42eb2
b5111578076cffa32ee9342d8fbf74d06aa42088
03807b3e32255edd45d41802d3e1a8d47336a0dfc4b4cc803d95f643fc28c8ff
GET /turnstile/v0/b/925b3ffa/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.la/
Connection: keep-alive
Cookie: __cf_bm=WuTw_Ixf2WQPaRPl7bFjinqXm0PvLsObXNc_JjYua5M-1675581516-0-AdZJPpc0AuJz7ikb5zohWEQBP0R7ueIk933CKza5kvnKfJFXxbp++BiwBcZI4zH6/zXihnJLYDFqrckm3IPLgcw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7949df7d0f34b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
korall.xyz/js/d_check.js?34
104.21.92.11200 OK 1.9 kB URL HTTP/2 korall.xyz/js/d_check.js?34
IP 104.21.92.11:0
File type ASCII text, with very long lines (821)
Hash 8c42b44f8dd9b675db3a7d1625bfe518
417eaf6255d2186a2c5442b8becbe4d7be164b3b
b21c27bbcf8dd033b8585a5edefdb30f491b2e72822956bc5da4b8cb2952290c
GET /js/d_check.js?34 HTTP/1.1
Host: korall.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-l: MISS
cf-cache-status: HIT
age: 23689496
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCn0vmmT1cAvaIvaqsefnGKKYCYbuo7xt%2BG1R3wMSbfi5FMtur1KIqS7d1bcwPBbcs2oK9ykHpw5itlmGKdQ7qAvZzlYDzApdxH5RT2gyUJajrZ7KDC%2BJwcd3R6J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7de9f2b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
commentsengine.com/js/js.load.1.js?9763146216906086
172.67.190.246200 OK 0 B URL HTTP/2 commentsengine.com/js/js.load.1.js?9763146216906086
IP 172.67.190.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?9763146216906086 HTTP/1.1
Host: commentsengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 21030841
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYXYjgLSGTN%2B8iwMr4XkZ6aaj9BRArBKwiCGoiN2uP4uaI209tlw%2Bw0%2BqwoQkMsXg4eGoAxJXfFhSb3yE%2FKGXuHgO7eVC8c4iJ9QzCru%2FOhy9ybchI%2F%2F%2Bs5zkQKdovWuPedI0GA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7949df7eec7db503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ca3abe2b57b107e9f66fc192d4cb85f0
5689fd47ca284d46884ce543ce6b132b2d113e8b
5e6e5b13d182bae5868a16cabf96324e6522ab8587ddf359271a96ae1c092e83
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5E6E5B13D182BAE5868A16CABF96324E6522AB8587DDF359271A96AE1C092E83"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=110
Expires: Sun, 05 Feb 2023 07:20:26 GMT
Date: Sun, 05 Feb 2023 07:18:36 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b32d45a75459dc3d6106bdaa187bad2
ac8c14aab07ccf9e2361b6e97dd99533a7cf663c
78d2731715d2c9787631e6e6d3d073b6e96af3e5373a25080d298b8214591bbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 00:04:31 GMT
Expires: Thu, 09 Feb 2023 00:04:30 GMT
Etag: "ac8c14aab07ccf9e2361b6e97dd99533a7cf663c"
Cache-Control: max-age=318953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7949df7e59f6b523-OSL
hqq.tv/cdn-cgi/trace
190.115.19.71404 Not Found 146 B IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /cdn-cgi/trace HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Cookie: uid=-fSgq-aGZ5RnqJsatYTKvrBP9Ed02Ktl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: text/html; charset=UTF-8
content-length: 146
x-origin-location: /
server: Google Frontend
x-cache-status-inferno: MISS
x-inferno-location: /
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b32d45a75459dc3d6106bdaa187bad2
ac8c14aab07ccf9e2361b6e97dd99533a7cf663c
78d2731715d2c9787631e6e6d3d073b6e96af3e5373a25080d298b8214591bbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 00:04:31 GMT
Expires: Thu, 09 Feb 2023 00:04:30 GMT
Etag: "ac8c14aab07ccf9e2361b6e97dd99533a7cf663c"
Cache-Control: max-age=318953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7949df7feb31b523-OSL
c.adsco.re/
104.17.166.186200 OK 30 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 815ef37110ac6b63648f05ba53184bee
bebecd11757b35c25edcbb317a4c54c5c8d23697
36bf07548480e148703dd77a427ddd38209b3a2c5f805ca04e563d5d3bef1a1f
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://siska.video/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Wed, 08 Mar 2023 07:18:36 GMT
ETag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2971478
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df806f86b4f4-OSL
alt-svc: h2=":443"; ma=60
dood.la/e/vj55yq9jy0v9pokcn77b25lrnbh3lc0
104.26.1.94200 OK 1.9 kB URL HTTP/2 dood.la/e/vj55yq9jy0v9pokcn77b25lrnbh3lc0
IP 104.26.1.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5121), with no line terminators
Hash 917802c70e1b2a6fcbd863f29f20b2a0
feb767cc638ea73ba1fae750eed5d4bac2715397
df6972452f8b800c0af53049b61f2b62bebf2d8de41d79bae8f683ddced51245
GET /e/vj55yq9jy0v9pokcn77b25lrnbh3lc0 HTTP/1.1
Host: dood.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://siska.video/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 04 Feb 2023 07:18:36 GMT
set-cookie: lang=1; domain=.dood.la; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwnJY%2F01vFp8EUh1XYtkAizOTGiDAyCIaPLqn4PQ9HDkaTjxGECxkaGF7A%2BMd7rdnrwFasrSucVpItVz08GZxQ4QA4d37OhNimfoWbNbMzq8qK6ZoFRr5gM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7c290a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://siska.video
Connection: keep-alive
Referer: http://siska.video/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://siska.video
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 96f7904b22bd10653bc0d4f67215f960
8cd6822ecd4e595745a92156ce72c81dafef9c07
b66e9f9073e01f210a393ee3d55ac5f381d3cc19b16728d797612ffb1bb77273
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B66E9F9073E01F210A393EE3D55AC5F381D3CC19B16728D797612FFB1BB77273"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7021
Expires: Sun, 05 Feb 2023 09:15:37 GMT
Date: Sun, 05 Feb 2023 07:18:36 GMT
Connection: keep-alive
qefi1cqogtsr.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 qefi1cqogtsr.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: qefi1cqogtsr.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://siska.video
Connection: keep-alive
Referer: http://siska.video/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:36 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
c.adsco.re/
104.17.166.186304 Not Modified 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c.adsco.re/
If-None-Match: W/"xkCBFtC0Wl/JiS60JFipuQ=="
HTTP/1.1 304 Not Modified
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Wed, 08 Mar 2023 07:18:37 GMT
ETag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
CF-Cache-Status: HIT
Age: 2971479
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df81c8b5b4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67beb107fa8c233e4034b4cf0dd56480
5051d6e54c06c9c24cef4100a87517b38740ddf6
a137e61ea77dfbc1b457c4bfd7ef05d4bfaf904f8b158bea63b8b7e5155ba34d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A137E61EA77DFBC1B457C4BFD7EF05D4BFAF904F8B158BEA63B8B7E5155BA34D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3597
Expires: Sun, 05 Feb 2023 08:18:34 GMT
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67beb107fa8c233e4034b4cf0dd56480
5051d6e54c06c9c24cef4100a87517b38740ddf6
a137e61ea77dfbc1b457c4bfd7ef05d4bfaf904f8b158bea63b8b7e5155ba34d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A137E61EA77DFBC1B457C4BFD7EF05D4BFAF904F8B158BEA63B8B7E5155BA34D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13269
Expires: Sun, 05 Feb 2023 10:59:46 GMT
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 576a17ec7fb5f36c6d5bb5f6b279b364
597aa074548b37188e076b4dfbb009a14545765e
aafa5e0c6f850cfefbf0729f539ad905161452f8eda46b9e2eedc287f817d2ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAFA5E0C6F850CFEFBF0729F539AD905161452F8EDA46B9E2EEDC287F817D2CE"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5067
Expires: Sun, 05 Feb 2023 08:43:04 GMT
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
192.243.59.20200 OK 11 kB URL HTTP/1.1 alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (32136), with no line terminators
Hash 238fff2d590b52dca17f6cb2bcc6439e
57d2830a027258235cb8eb660ab8bac1a63824ea
c80bc4b0dda7afe30e5325f28851f2a9a4c585e7ccaf5ff65ffc07959aa83b22
GET /a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 07:18:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cb811bcac6957069fe56dbbbcd458ab4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
192.243.59.20200 OK 11 kB URL HTTP/1.1 alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (32139), with no line terminators
Hash bc24122736bb34d326514f9e85050cff
778eeca9e377c32c74ec1cb66f8bac9f37af94b0
96191abd92121e7d7a341e66596761c5a2a21f69a7817329d41d835c204f4e02
GET /a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 07:18:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de4f5b0d9ed33240561f08a0e3b5f65d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bfea74a6190e45e6b339a9ed62e59fd1
52a5787e4375d9012a8653c14cd5c66d68909ffb
f1251329302001bd0d2de99dfe1100887ff6a7b69de4ad2b9a2a718efe6c91d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F1251329302001BD0D2DE99DFE1100887FF6A7B69DE4AD2B9A2A718EFE6C91D1"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Sun, 05 Feb 2023 08:44:50 GMT
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
qefi1cqogtsr.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 qefi1cqogtsr.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: qefi1cqogtsr.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://siska.video
Connection: keep-alive
Referer: http://siska.video/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:37 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 410 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash 42fc0199d0ebd26ed7a08dfb080db660
7e0bd25f3f7f69f960b74f904986730569287cb1
7faa179c4ea7c0a0e70cb62c5bec1f7512be6ff8760fa2c0cc0fba0e03aea655
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1883
Origin: http://siska.video
Connection: keep-alive
Referer: http://siska.video/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://siska.video
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash dccebcfaad6c97d820364ec92d4a511b
a1adef127bad0f85751b5a7b47025c33d40083c4
6be12cee36873a68c71f277876470b5a3807acf44b39a92b575595e9aa95c973
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114682
Date: Sun, 05 Feb 2023 07:18:37 GMT
Etag: "63de5e16-1d7"
Expires: Mon, 06 Feb 2023 15:09:59 GMT
Last-Modified: Sat, 04 Feb 2023 13:31:02 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y05t9ng_wDyJeM8L1XiFz6q-pg6O5CxlzoPb8BhaHnqSoE-0BpRFtA==
Age: 5937
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 297fd6125a23ea9f247e351a2ad54bef
13114b063334ec8bf415f35b1a300f61b6643b2e
9055d01ec38e8331e267094d7f84c4a75636adb0a85acea21366eeedf568f1c3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://korall.xyz
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://korall.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=33f1b6e3-aa40-468e-9317-24d5ef8fd6de:3:1; expires=Wed, 02 Feb 2033 07:18:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash dccebcfaad6c97d820364ec92d4a511b
a1adef127bad0f85751b5a7b47025c33d40083c4
6be12cee36873a68c71f277876470b5a3807acf44b39a92b575595e9aa95c973
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114447
Date: Sun, 05 Feb 2023 07:18:37 GMT
Etag: "63de5e16-1d7"
Expires: Mon, 06 Feb 2023 15:06:04 GMT
Last-Modified: Sat, 04 Feb 2023 13:31:02 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OOESvIhTXWVvT5yTEyPLShMx6OdOPKQ2cFedVwfQNVko_LBO6QRoHw==
Age: 5702
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash eb23b2cd27632d2cfc5d3ed84594e7cb
e05068edde69b9810663e0c5856bdb454ff509f0
d57d755347c147485e0e4eef911390e3d1d2e899a15955a86b58ef33f7fa4bdb
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.tv
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.tv
access-control-allow-credentials: true
set-cookie: uid_id2=038209d8-be8c-4d62-972d-4eb9124fbb55:3:1; expires=Wed, 02 Feb 2033 07:18:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd20b8e5802898377dba837f6f5b775d
34162008d3de3025378ac930d8cffd0cb4cf0c57
a6e7db76f7ad7706797e494c1f9d85bb01983a28bd112dabd63caa7220b85bb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6E7DB76F7AD7706797E494C1F9D85BB01983A28BD112DABD63CAA7220B85BB1"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=645
Expires: Sun, 05 Feb 2023 07:29:22 GMT
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bfea74a6190e45e6b339a9ed62e59fd1
52a5787e4375d9012a8653c14cd5c66d68909ffb
f1251329302001bd0d2de99dfe1100887ff6a7b69de4ad2b9a2a718efe6c91d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F1251329302001BD0D2DE99DFE1100887FF6A7B69DE4AD2B9A2A718EFE6C91D1"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Sun, 05 Feb 2023 08:44:50 GMT
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d3ef22c017706c86b3e3f3b6f21d04
b2402b28bd724cc39e82e2385d4f7313ed1c62dd
62a385b6b25a8d2e247f3fbd635accd1d7f6e929446fb8c3bc9603a8fa0dd03e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A385B6B25A8D2E247F3FBD635ACCD1D7F6E929446FB8C3BC9603A8FA0DD03E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10524
Expires: Sun, 05 Feb 2023 10:14:01 GMT
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
friendshipmale.com/sfp.js
104.21.234.92200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
Hash a81a82d3010ec9b9ed476dd8fdd9a6b1
acfd25d9ff0e6234c2940d20e543130d5837825e
e27ab022d9182a6f3210cf12724a3578a3d4073cb591ba0f1f858049e113e429
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 50dc4fd47ba588cc662296e037e08371
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 Feb 2023 07:18:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51AoVhcLvRTnjnylfbW9IPPSWopxyfUy50Z99VP9oomVUq5INsmio29vc3CSBOFF1D4Kp8R338nBU2WdV4UESTHyLUEQd7Xs1hS7mQGTjg66qkuW8aHG%2Fss6KOePDPgY1tGr3Lg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7949df83ddc52408-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 427bee7781e96d71d5eca974e63ff075
bacb532dc5e1a0a91c2199c1b42d87e6aac8d408
b063a01ba76acd7930f34ed619108a79c34b2d1ebf0a80e01d20fca1176f4c13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B063A01BA76ACD7930F34ED619108A79C34B2D1EBF0A80E01D20FCA1176F4C13"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10647
Expires: Sun, 05 Feb 2023 10:16:04 GMT
Date: Sun, 05 Feb 2023 07:18:37 GMT
Connection: keep-alive
prejudiceinsure.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
192.243.61.227200 OK 29 kB URL HTTP/1.1 prejudiceinsure.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash c56994379c07d5176dbccb1800e242e8
0624747d85a44b67c6ccd9c36e5e92ffc4bef8b9
1d7d653ae4ce0343ca38f6bbe8fcd00f038d41b78305df35d94bce879316b0df
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 07:18:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2e269c1ecb6503b29c06e4d3ae18c7e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
qefi1cqogtsr.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 qefi1cqogtsr.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: qefi1cqogtsr.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://siska.video
Connection: keep-alive
Referer: http://siska.video/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:37 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
withenvisagehurt.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
192.243.61.225200 OK 29 kB URL HTTP/1.1 withenvisagehurt.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 89f712c4113ccb3a7bced6a272ff6cd3
8a8c3968df0d21a217fc5bff10f5231a22645e1e
4e9944e50e878364ba4565d1021fa2176476c787db4351b713546a57b3efd2ad
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 07:18:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6649eca88a55408bb0f7e0901c1db82a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
prejudiceinsure.com/sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=33f1b6e3-aa40-468e-9317-24d5ef8fd6de%3A3%3A1
192.243.61.227200 OK 3.3 kB URL HTTP/1.1 prejudiceinsure.com/sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=33f1b6e3-aa40-468e-9317-24d5ef8fd6de%3A3%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5743), with no line terminators
Hash adbce021f9704291461c6017161d3043
eef9f76d90f7f72fc10814084ccc38904cbe8b89
2cb9bd80855392ee5a863292906c7173487e7784dad3e6d64bfa80ca2ff7006c
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=33f1b6e3-aa40-468e-9317-24d5ef8fd6de%3A3%3A1 HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://korall.xyz
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 07:18:38 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://korall.xyz
Access-Control-Allow-Origin: https://korall.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17334956; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
uid_id2=33f1b6e3-aa40-468e-9317-24d5ef8fd6de:3:1; expires=Sun, 12 Feb 2023 07:18:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
sleca6b0b8925d9b3a4154c035c24b4ed97e=[3870584]; expires=Sun, 05 Feb 2023 07:18:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: afed03b8bd02781f28def664ed0d0a41
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
withenvisagehurt.com/sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=038209d8-be8c-4d62-972d-4eb9124fbb55%3A3%3A1
192.243.61.225200 OK 3.9 kB URL HTTP/1.1 withenvisagehurt.com/sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=038209d8-be8c-4d62-972d-4eb9124fbb55%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5749), with no line terminators
Hash f19707e2ae1d70f2ab6f558256e6b326
59fa465f5b61beeca778b25a372b7dc9b2b61005
63d2ed3f95ab36ccee931bfb4aee87d80db35f8412a0dda8d21fbe3f5ec31443
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=038209d8-be8c-4d62-972d-4eb9124fbb55%3A3%3A1 HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.tv
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 07:18:38 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://hqq.tv
Access-Control-Allow-Origin: https://hqq.tv
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17334956; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
uid_id2=038209d8-be8c-4d62-972d-4eb9124fbb55:3:1; expires=Sun, 12 Feb 2023 07:18:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 Feb 2023 07:18:38 GMT; secure; SameSite=None
sleca6b0b8925d9b3a4154c035c24b4ed97e=[3870583]; expires=Sun, 05 Feb 2023 07:18:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e62ad3f2cedc87469ab7412d83b83fa3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fb1495442167a14a49ba788fefe4ce9
a16c69f4c65a9cd5749f26493d440b5dc32be878
2bff389795848a07abc28a725001d87aab31efde2356ed22ce132c9808602cea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BFF389795848A07ABC28A725001D87AAB31EFDE2356ED22CE132C9808602CEA"
Last-Modified: Sun, 05 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14219
Expires: Sun, 05 Feb 2023 11:15:37 GMT
Date: Sun, 05 Feb 2023 07:18:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6fdf2cc1432e9b9d48e91cfbb1ec827c
d8f106fb542283c654a2edd0c8ec4f99f3b0d2a3
ceae4a0d3c64968dc6b232b68eacd509ca112101fa5a54ea2d4540a37b4c8de8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAE4A0D3C64968DC6B232B68EACD509CA112101FA5A54EA2D4540A37B4C8DE8"
Last-Modified: Fri, 03 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6025
Expires: Sun, 05 Feb 2023 08:59:03 GMT
Date: Sun, 05 Feb 2023 07:18:38 GMT
Connection: keep-alive
prejudiceinsure.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NTM%2FfqILP3AjKPbChYLpqeqq6g9nMTiOkeCYCTMjUcHF%2B6rOM6%2Fr1bxX1dXJKsyAzLLduaycTiboBHFwHZCOG8nKdiENGv8IwbV0p6H1LureU%2BfCO%2Ffc%2B%2BV%2BcU58FHS68ZHZVVrTq3Hdr725qVJhSldbv1cL%2FLp%2Frbap0mZ0rTaYfWz%2FncCP6%2F5btQ8k3zZXG37g%2B4Ef1FaVlYkZXJ2zUNlxJ6h3%2FHrUqAdxhIH9L3aFB0c9iP45eQlKTP639fNTKD5G2vv%2BpnTbucnefr9XaJobi744%2BjjdTk2ZorcsE%2BshSY8W3TBuQsjXl2DSo8UEMP2D2QRgakK83wKw9GghE6x%2FeKGUacgUTDyHsj%2BG1GMoOgY3D6HELwTgAuu3kfYerxtb0p0Lls7YCbny919Q5YRc%2BeNlpL3vbmg1qN01usiVSR0GSQU1GEN1x8iKU%2BS7HlR5Cp4%2FgBIEaa%2BCEtM3wjAJWFOGK5RG%2FkrUbMuVThi0VhqRiGXSTkRTyLk1So2hkjG0HIK6yyich0J5KBIPReahJ6Y1GncS328lLAnDdsQ5D0PO43ZTxCKM2omPgs%2B0D5FnQ3A9BLd7yOwettUQtvgRbquCEx5cTtAXFUpJUDqCkhKUiqDMCcp%2BdSi0a7jqsdCuYMEiNxY5rEYm7%2B7TQ5N3ZUr2s3Py4sww75kHx9iW0xptMp%2B1O41YdFhIoyCOuB%2FGvBGxSIpOS8KpCspdAnUedtWEvHpSR6Ym5P%2Bf%2Fw5GT%2BH0Kbh6AbR4DbQctRo%2B6NYoavvYTY%2BpKHS%2BsnX%2Ffj03EKZCll9BvuPt63Pyynxx154fQPKz6z%2BE8wC3FTJb4Qv1E0FXPxrdMSU5uGNKR57eznLVU7t0ttS7Oc3l5W8%2FlDulsWLtpht%2B8y6fEbPy%2BJ50%2BS2aCpV2HXlyQwkh7aqxXJKTNbcp2Ubhtm4UNi2yWxvvra71MiudUyYdg6oJIdM1cDUhz558Nj%2FY1598CmXHsEWFXnFGFgFlTsGzPbhsqd8ZAquXPSzzUBbVyDbY8qdWBFouMWUV3L8wW9b77hG61gPNH87PtG8r9HUFqodwxeVRntmz678uHmfaGzFtvQOmrf7qwlynpjUZJ34i%2FYZkSYclLeqLThJ1GO0EssViGiB3E%2F7nJ%2Bv%2FAAAA%2F%2F8BAAD%2F%2F9cbq3iIBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 prejudiceinsure.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NTM%2FfqILP3AjKPbChYLpqeqq6g9nMTiOkeCYCTMjUcHF%2B6rOM6%2Fr1bxX1dXJKsyAzLLduaycTiboBHFwHZCOG8nKdiENGv8IwbV0p6H1LureU%2BfCO%2Ffc%2B%2BV%2BcU58FHS68ZHZVVrTq3Hdr725qVJhSldbv1cL%2FLp%2Frbap0mZ0rTaYfWz%2FncCP6%2F5btQ8k3zZXG37g%2B4Ef1FaVlYkZXJ2zUNlxJ6h3%2FHrUqAdxhIH9L3aFB0c9iP45eQlKTP639fNTKD5G2vv%2BpnTbucnefr9XaJobi744%2BjjdTk2ZorcsE%2BshSY8W3TBuQsjXl2DSo8UEMP2D2QRgakK83wKw9GghE6x%2FeKGUacgUTDyHsj%2BG1GMoOgY3D6HELwTgAuu3kfYerxtb0p0Lls7YCbny919Q5YRc%2BeNlpL3vbmg1qN01usiVSR0GSQU1GEN1x8iKU%2BS7HlR5Cp4%2FgBIEaa%2BCEtM3wjAJWFOGK5RG%2FkrUbMuVThi0VhqRiGXSTkRTyLk1So2hkjG0HIK6yyich0J5KBIPReahJ6Y1GncS328lLAnDdsQ5D0PO43ZTxCKM2omPgs%2B0D5FnQ3A9BLd7yOwettUQtvgRbquCEx5cTtAXFUpJUDqCkhKUiqDMCcp%2BdSi0a7jqsdCuYMEiNxY5rEYm7%2B7TQ5N3ZUr2s3Py4sww75kHx9iW0xptMp%2B1O41YdFhIoyCOuB%2FGvBGxSIpOS8KpCspdAnUedtWEvHpSR6Ym5P%2Bf%2Fw5GT%2BH0Kbh6AbR4DbQctRo%2B6NYoavvYTY%2BpKHS%2BsnX%2Ffj03EKZCll9BvuPt63Pyynxx154fQPKz6z%2BE8wC3FTJb4Qv1E0FXPxrdMSU5uGNKR57eznLVU7t0ttS7Oc3l5W8%2FlDulsWLtpht%2B8y6fEbPy%2BJ50%2BS2aCpV2HXlyQwkh7aqxXJKTNbcp2Ubhtm4UNi2yWxvvra71MiudUyYdg6oJIdM1cDUhz558Nj%2FY1598CmXHsEWFXnFGFgFlTsGzPbhsqd8ZAquXPSzzUBbVyDbY8qdWBFouMWUV3L8wW9b77hG61gPNH87PtG8r9HUFqodwxeVRntmz678uHmfaGzFtvQOmrf7qwlynpjUZJ34i%2FYZkSYclLeqLThJ1GO0EssViGiB3E%2F7nJ%2Bv%2FAAAA%2F%2F8BAAD%2F%2F9cbq3iIBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NTM%2FfqILP3AjKPbChYLpqeqq6g9nMTiOkeCYCTMjUcHF%2B6rOM6%2Fr1bxX1dXJKsyAzLLduaycTiboBHFwHZCOG8nKdiENGv8IwbV0p6H1LureU%2BfCO%2Ffc%2B%2BV%2BcU58FHS68ZHZVVrTq3Hdr725qVJhSldbv1cL%2FLp%2Frbap0mZ0rTaYfWz%2FncCP6%2F5btQ8k3zZXG37g%2B4Ef1FaVlYkZXJ2zUNlxJ6h3%2FHrUqAdxhIH9L3aFB0c9iP45eQlKTP639fNTKD5G2vv%2BpnTbucnefr9XaJobi744%2BjjdTk2ZorcsE%2BshSY8W3TBuQsjXl2DSo8UEMP2D2QRgakK83wKw9GghE6x%2FeKGUacgUTDyHsj%2BG1GMoOgY3D6HELwTgAuu3kfYerxtb0p0Lls7YCbny919Q5YRc%2BeNlpL3vbmg1qN01usiVSR0GSQU1GEN1x8iKU%2BS7HlR5Cp4%2FgBIEaa%2BCEtM3wjAJWFOGK5RG%2FkrUbMuVThi0VhqRiGXSTkRTyLk1So2hkjG0HIK6yyich0J5KBIPReahJ6Y1GncS328lLAnDdsQ5D0PO43ZTxCKM2omPgs%2B0D5FnQ3A9BLd7yOwettUQtvgRbquCEx5cTtAXFUpJUDqCkhKUiqDMCcp%2BdSi0a7jqsdCuYMEiNxY5rEYm7%2B7TQ5N3ZUr2s3Py4sww75kHx9iW0xptMp%2B1O41YdFhIoyCOuB%2FGvBGxSIpOS8KpCspdAnUedtWEvHpSR6Ym5P%2Bf%2Fw5GT%2BH0Kbh6AbR4DbQctRo%2B6NYoavvYTY%2BpKHS%2BsnX%2Ffj03EKZCll9BvuPt63Pyynxx154fQPKz6z%2BE8wC3FTJb4Qv1E0FXPxrdMSU5uGNKR57eznLVU7t0ttS7Oc3l5W8%2FlDulsWLtpht%2B8y6fEbPy%2BJ50%2BS2aCpV2HXlyQwkh7aqxXJKTNbcp2Ubhtm4UNi2yWxvvra71MiudUyYdg6oJIdM1cDUhz558Nj%2FY1598CmXHsEWFXnFGFgFlTsGzPbhsqd8ZAquXPSzzUBbVyDbY8qdWBFouMWUV3L8wW9b77hG61gPNH87PtG8r9HUFqodwxeVRntmz678uHmfaGzFtvQOmrf7qwlynpjUZJ34i%2FYZkSYclLeqLThJ1GO0EssViGiB3E%2F7nJ%2Bv%2FAAAA%2F%2F8BAAD%2F%2F9cbq3iIBAAA HTTP/1.1
Host: prejudiceinsure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Cookie: u_pl=17334956; uid_id2=33f1b6e3-aa40-468e-9317-24d5ef8fd6de:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 07:18:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a6decc343e325234cd90be66001c7faa
Strict-Transport-Security: max-age=0; includeSubdomains
subscribestormyapprobation.com/pixel/purst?dl=0&th=0&sc=0&rs=2110&rd=2110&fd=771&bv=22.10.v.10&tmpl=136
173.233.137.52200 OK 0 B URL HTTP/1.1 subscribestormyapprobation.com/pixel/purst?dl=0&th=0&sc=0&rs=2110&rd=2110&fd=771&bv=22.10.v.10&tmpl=136
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2110&rd=2110&fd=771&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 07:18:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 358c0cc441f7401b74509340db8b0014
19c0c7970d9a01d09daa48fd89a756d3da76a4d8
f4b0f1711cc67ff151c6ce05827d1663b2569b55a669e8bb4a1dd21b3972dfea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B0F1711CC67FF151C6CE05827D1663B2569B55A669E8BB4A1DD21B3972DFEA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6360
Expires: Sun, 05 Feb 2023 09:04:38 GMT
Date: Sun, 05 Feb 2023 07:18:38 GMT
Connection: keep-alive
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:18:38 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7949df8c68aab505-OSL
alt-svc: h2=":443"; ma=60
hqq.tv/js/script-2.12.5.js
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/js/script-2.12.5.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/script-2.12.5.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Cookie: uid=-fSgq-aGZ5RnqJsatYTKvrBP9Ed02Ktl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
korall.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.92.11200 OK 0 B URL HTTP/2 korall.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.92.11:0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: korall.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:56:26 GMT
etag: W/"63dd3cba-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbBCYcHGgOQHmFo6IlfoYmBJmlDhmxZvfx2OlA6eptftMbg9wpqVZ9m3BSX4OhAXXbBpC55pvcR0%2FN%2Fww8OdWRDoibuXR%2BQdVYU0RPc0VbNDtkPR4obZKYREMSGz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7949df7de9e7b500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 07 Feb 2023 07:18:36 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
korall.xyz/js/video.jquery_plugs/modernizr.js?12
104.21.92.11200 OK 0 B URL HTTP/2 korall.xyz/js/video.jquery_plugs/modernizr.js?12
IP 104.21.92.11:0
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: korall.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-l: HIT
cf-cache-status: HIT
age: 23689496
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOzi1d4rGoFT1six3OxULy1q3k91bm%2BIkZS%2B8a%2BafSYo%2FcwiIzWDMAQRPH6kIjf%2FP%2BI5ldCcM7p2Fj3MpOcXjynLDBWGsAMoGBKplu2bZPaSCvklMnO%2FlD25iz63"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7de9ebb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
korall.xyz/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
104.21.92.11200 OK 0 B URL HTTP/2 korall.xyz/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
IP 104.21.92.11:0
GET /player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no HTTP/1.1
Host: korall.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://siska.video/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//korall.xyz>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqYo00%2FfzMhHjK%2FFqbqDp4VDLXmZwsjZUSbvZrm%2FhJ6YFV%2Frr7yNY1RIz6OE8qqcEX%2BpbVhNfzrKreUkW9PVPSKKLpBiLWsJ8zXQJUFltTVVUNFHsl%2BwZFP0u1bM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7b8f7fb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
korall.xyz/styles/global/embed_player.3.css?130
104.21.92.11200 OK 0 B URL HTTP/2 korall.xyz/styles/global/embed_player.3.css?130
IP 104.21.92.11:0
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: korall.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 1474148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9zqulic9qCE49m3pUnUXUoIt7V%2F0PGXK8HvTjUKmfnsLCDKt%2FpXhhuDBYSZwhrozi7xFBFgG3wbkQRG95tKBQggQXnsr5r2HWzwCyF35prYn4TAsUsccvH9pekr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7de9eab500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/jquery@2.2.4/dist/jquery.min.js
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP 104.16.123.175:0
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 18625017
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7949df7e2b4cb4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP 104.16.123.175:0
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 18625017
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7949df7e3b53b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/api.js
188.114.99.234302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js
IP 188.114.99.234:0
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.la/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 07:18:36 GMT
vary: accept-encoding
cache-control: max-age=300, public
location: /turnstile/v0/b/925b3ffa/api.js
set-cookie: __cf_bm=WuTw_Ixf2WQPaRPl7bFjinqXm0PvLsObXNc_JjYua5M-1675581516-0-AdZJPpc0AuJz7ikb5zohWEQBP0R7ueIk933CKza5kvnKfJFXxbp++BiwBcZI4zH6/zXihnJLYDFqrckm3IPLgcw=; path=/; expires=Sun, 05-Feb-23 07:48:36 GMT; domain=.challenges.cloudflare.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7949df7cdf04b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://korall.xyz
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:38 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 13 Jul 2022 12:11:03 GMT
etag: W/"62ceb657-4a6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 05 Feb 2023 08:18:38 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
testingmetriksbre.ru/netu.php
104.21.50.109200 OK 0 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 104.21.50.109:0
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://korall.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvApA656bgLXo9wxPCmVNm7gEdmVbwK%2FwIciV%2FnYiRXoDyXUgrsRtQuPKMbgit6gDF8QlUyhnw1BlAh%2B6ki%2FoFDgEHbc5%2BubZNWDsKlQkP1XsMaKJtjhAwPcyaNmEN2baT5qY7Ucvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7e9a2e1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
testingmetriksbre.ru/netu.php
104.21.50.109200 OK 0 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 104.21.50.109:0
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:36 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hK0SSLd3q4hFxAV2aCl3g4oWBJsOHmfsrZm5EKXFj%2B6pjA1LKDSCy4wAmL%2B80Hg3R4M%2BsuTPwieLWkxd9UOmd4fSizZavX2XdPKpRspaWu3wEdrAReRNyYELK%2FHt5D09dOxBo0L9VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7949df7eda631c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.tv/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://siska.video/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.tv>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
hqq.tv/js/d_check.js?34
190.115.19.71200 OK 0 B IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/d_check.js?34 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
hqq.tv/js/embed.205.js?736
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/js/embed.205.js?736
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/embed.205.js?736 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
etag: W/"62ec0ae6-298ce"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
hqq.tv/js/adv/fuckadblock.js?2
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/js/adv/fuckadblock.js?2
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=c2xIeVB6bDg1UFVkb1BxODBmSWVYZz09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:18:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2