s-delivery34.mxdcontent.net/d/l63dvjl6sqgz4pe/0ie8eqftprgjpmu46ai35qzsoep?ab=0&r=https://lzmods.com/
168.80.32.23498 Invalid Token 91 B URL HTTP/1.1 s-delivery34.mxdcontent.net/d/l63dvjl6sqgz4pe/0ie8eqftprgjpmu46ai35qzsoep?ab=0&r=https://lzmods.com/
IP 168.80.32.23:0
ASN #202769 Cooperative Investments LLC
File type HTML document, ASCII text, with no line terminators
Hash d931dfe0a8a9f0ab5fba4fcee88f0832
e886f8a9d690018a24c2cd7a931bcb5b06fd8e6f
6184ec30cb66cffa51932121759d4617945120ac75ce0c8d688baaebc602e7b2
GET /d/l63dvjl6sqgz4pe/0ie8eqftprgjpmu46ai35qzsoep?ab=0&r=https://lzmods.com/ HTTP/1.1
Host: s-delivery34.mxdcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 498 Invalid Token
Server: nginx
Date: Tue, 07 Feb 2023 13:06:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.22
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8578
Expires: Tue, 07 Feb 2023 15:29:19 GMT
Date: Tue, 07 Feb 2023 13:06:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8990
Expires: Tue, 07 Feb 2023 15:36:11 GMT
Date: Tue, 07 Feb 2023 13:06:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 12:36:31 GMT
content-type: application/json
age: 1791
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16709
Expires: Tue, 07 Feb 2023 17:44:51 GMT
Date: Tue, 07 Feb 2023 13:06:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4rYvqkj3uT4xsp+AdLG7ww09dwy/yd3z5OLgp8j25TiOoyJySKeNQRv6/Cx7aAuqd3SHMMJwFcQ=
x-amz-request-id: 5JE294XFDKWYA9R0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 12:45:34 GMT
age: 1248
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 13:06:22 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4b0f294f4bc17f09ea4d31269af15c80
4f3982c3ecf88cbb46efe6ad157cb764daa05fa5
7134bc45f0b695a74d209574ef86a3e645ef6b1ffaebe02761c40adec0403a57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7134BC45F0B695A74D209574EF86A3E645EF6B1FFAEBE02761C40ADEC0403A57"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=358
Expires: Tue, 07 Feb 2023 13:12:20 GMT
Date: Tue, 07 Feb 2023 13:06:22 GMT
Connection: keep-alive
mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
31.220.1.173200 OK 6.3 kB URL HTTP/1.1 mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5156), with CRLF, LF line terminators
Hash cd3f200b2c1f6833080025a4997e190e
b2994991d999b3be8f2a1c06fa968d453d36f7be
c99a45cfb7626ce2a6cea7285f3294ea0da5d4b00613e6f6a0bb4d9f921de544
GET /f/l63dvjl6sqgz4pe?download&err=2 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s-delivery34.mxdcontent.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq; path=/; secure; SameSite=None
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
mixdrop.co/js/slidebars/slidebars.css?v=0.1
31.220.1.173200 OK 924 B URL HTTP/1.1 mixdrop.co/js/slidebars/slidebars.css?v=0.1
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
Hash 158201c4a4981a5cc8e6a28ea7c61d30
57cd586c0bf9cf03615ffbf5ce0f3258008f7405
5f34e1efd59d808afcf183fa77028717542c214f9a5a4737aaec571eec67e293
GET /js/slidebars/slidebars.css?v=0.1 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 24 Aug 2018 12:43:34 GMT
ETag: W/"5b7ffd76-c03"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
mixdrop.co/js/modal/modal.css?d=0.1
31.220.1.173200 OK 835 B URL HTTP/1.1 mixdrop.co/js/modal/modal.css?d=0.1
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF line terminators
Hash fa96ac91dba9d9065af34072afb73716
7c8993a06aef485a118c1d5da8e7dd4dbd1dc85e
77053a5329d471e1471e38dc2aa573947714e15f93b5a4956b53381d81834416
GET /js/modal/modal.css?d=0.1 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 30 Oct 2018 15:29:54 GMT
ETag: W/"5bd878f2-9f3"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
code.jquery.com/jquery-3.3.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:22 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675775182.dop201.sk1.t,1675775182.cds252.sk1.hn,1675775182.cds240.sk1.c
X-Firefox-Spdy: h2
mixdrop.co/js/jquery-upload/js/jquery.fileupload.js?v=0.1
31.220.1.173200 OK 6.2 kB URL HTTP/1.1 mixdrop.co/js/jquery-upload/js/jquery.fileupload.js?v=0.1
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (18868)
Hash d0afd72a56172c859ef570f424b30846
4799a3b9881f94747c049eb7ba9d16df2be9a6fc
84d5865d6f2bf908d8c444c85ec592f17cc760279a05e0ed57b50057a14db1b7
GET /js/jquery-upload/js/jquery.fileupload.js?v=0.1 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Sep 2018 14:48:31 GMT
ETag: W/"5ba261bf-49b5"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
code.jquery.com/ui/1.12.1/jquery-ui.min.js
69.16.175.10200 OK 68 kB URL HTTP/2 code.jquery.com/ui/1.12.1/jquery-ui.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32073)
Hash f0bace743f1df1ed27e2fe6611e39946
e5f42b8d964a6bf9962b8a5e68a2b7cdeb9e59e2
ff0566efdda39b480ab9871deddb3358906449518c2db3c105aa0b461c3c742d
GET /ui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:22 GMT
content-encoding: gzip
content-length: 67751
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-3dee4"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675775182.dop201.sk1.t,1675775182.cds252.sk1.hn,1675775182.cds227.sk1.c
X-Firefox-Spdy: h2
mixdrop.co/css/style.min.css?v=0.1
31.220.1.173200 OK 6.8 kB URL HTTP/1.1 mixdrop.co/css/style.min.css?v=0.1
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (27056)
Hash 003be9961d70be4b943720cfc18463a5
da4d8d6aecfbf241320d001ac33ca6e8b9343e26
c223e30c1bc2bc9ac0d55b057b6ecb7d02a7a947bd3d35092053e47bb2dce8a0
GET /css/style.min.css?v=0.1 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 24 Feb 2020 16:00:08 GMT
ETag: W/"5e53f308-69b1"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
mixdrop.co/js/modal/modal.js
31.220.1.173200 OK 594 B URL HTTP/1.1 mixdrop.co/js/modal/modal.js
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF line terminators
Hash 731d81e6692b8956ea3f3d4bba8ae653
a4379b7c3456bbdb2770d827a08b11b87f30cc9f
74828d6ad9fb116a391741d7706ad92aa13059575e4dbe342b71e3759b23bfb6
GET /js/modal/modal.js HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Oct 2018 14:32:53 GMT
ETag: W/"5bc74815-535"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
mixdrop.co/js/slidebars/slidebars.min.js
31.220.1.173200 OK 1.2 kB URL HTTP/1.1 mixdrop.co/js/slidebars/slidebars.min.js
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (3122)
Hash de4350d5f299380df61de919c28a5ede
3f9690d32c2c0ad9936d6801595d4a4ba428110a
03ede3ba2bc5351e7f8a6371b14ee9f711ec487dccef9b755d03750a21d4567b
GET /js/slidebars/slidebars.min.js HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 24 Aug 2018 12:43:33 GMT
ETag: W/"5b7ffd75-d47"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
mixdrop.co/js/circular-progress/circle-progress.min.js?v=0.1
31.220.1.173200 OK 1.8 kB URL HTTP/1.1 mixdrop.co/js/circular-progress/circle-progress.min.js?v=0.1
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (4395)
Hash adb48d3eade1a6b6235eb2d3e4cf7afe
5ba010a0342e01bedbd4a39212947ba7c5e52fd2
bcf7d8dd4f96343fb4651f73d3e06bf6412638c79dd42151b07a695bc7f9a2d6
GET /js/circular-progress/circle-progress.min.js?v=0.1 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Oct 2018 16:09:50 GMT
ETag: W/"5bc0c74e-112c"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
mixdrop.co/js/jquery-upload/js/main.js
31.220.1.173200 OK 311 B URL HTTP/1.1 mixdrop.co/js/jquery-upload/js/main.js
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
Hash 1f7968edcaf43f9b2ebd58d74311ff7c
f53ca538e9a2c0cd87b51babe9d03d2f91cf6d2c
be076d81c5a67334d5f78a5b77db41b966fb7d254586b483ac5d1f155e89a91f
GET /js/jquery-upload/js/main.js HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: application/javascript
Content-Length: 311
Connection: keep-alive
Last-Modified: Wed, 19 Sep 2018 17:23:35 GMT
ETag: "5ba28617-137"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
mixdrop.co/panel/js/scroll/perfect-scrollbar.min.js
31.220.1.173200 OK 5.4 kB URL HTTP/1.1 mixdrop.co/panel/js/scroll/perfect-scrollbar.min.js
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (18216)
Hash 9a7cd31c06fcd02a0d7407b17277bb48
031d234a0e769e9798bb10b924bc464807f8568c
7659b144ab880b769167b86afef93346fdfccd5e8bd4098d0a6e07f907aa0015
GET /panel/js/scroll/perfect-scrollbar.min.js HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Sep 2018 11:51:16 GMT
ETag: W/"5b98fdb4-4773"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
mixdrop.co/panel/js/scroll/perfect-scrollbar.css
31.220.1.173200 OK 655 B URL HTTP/1.1 mixdrop.co/panel/js/scroll/perfect-scrollbar.css
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type troff or preprocessor input, ASCII text
Hash 17746aab8ba4b2c7030c4e03914baff1
4dd77be805f076828eca2a5d45fb79d04fa9cdf8
ea7c7b652eaab9beeb8b2860489d41aaa7ca14a0870b4e9e36ae4f9507c2df5c
GET /panel/js/scroll/perfect-scrollbar.css HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 12 Sep 2018 11:51:24 GMT
ETag: W/"5b98fdbc-a26"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
mixdrop.co/js/script.min.js?v=0.35
31.220.1.173200 OK 2.8 kB URL HTTP/1.1 mixdrop.co/js/script.min.js?v=0.35
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type HTML document, ASCII text, with very long lines (7217)
Hash f6b34acaf38852bad56ffda7f07b8796
eb856a4d425a155d710ca4c0d65921fa5b01570f
950ee59f9eef51e6f135e27119ee61c68130f5b343d48e8144ca94db7e776486
GET /js/script.min.js?v=0.35 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 29 Mar 2022 12:45:12 GMT
ETag: W/"6242ff58-1c32"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
mixdrop.co/js/ads.js
31.220.1.173200 OK 50 B IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
Hash 170cb502f8f209ca64ca4c271c7041e2
bdce5bceee905dacef001063aa1d9c5f3c8f693c
789581e03b9915bd79ea82a241817dcbbdeb1c240e540e9470fabf1998b41a6b
GET /js/ads.js HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: application/javascript
Content-Length: 50
Connection: keep-alive
Last-Modified: Wed, 03 Jul 2019 14:57:19 GMT
ETag: "5d1cc24f-32"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0c18b789b296a2b3cc9adb04c94e6f7
a0fa241f813c414178f5dffd30d5c2b82d16669b
95ec61ae9d1384fdbcee256ec441d6db4e3243ed3f8e1801b3607ce3c2e1e3f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/_KfNf3zKBvE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/_KfNf3zKBvE
IP 142.250.74.131:0
Hash d4a6077a70e8afd908fabb29db72cda6
43385dacabd1dfa86bbdea0790c55844e6056e09
57cdaded7dcfe6c917b385d1b9456a015984f55d5f86982c5bf83545e6face2d
POST /s/gts1p5/_KfNf3zKBvE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mixdrop.co/imgs/mobile2.png?v=0.1
31.220.1.173200 OK 993 B URL HTTP/1.1 mixdrop.co/imgs/mobile2.png?v=0.1
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ed6b523d8e911eff110c2699a1fc00b
611fc8ffd07799bee49c3ac5c6f6d9a64d49ee69
aa094a912e7162ad56b13826669e54affbb706ad8316b777ff19a336901edf7b
GET /imgs/mobile2.png?v=0.1 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: image/png
Content-Length: 993
Connection: keep-alive
Last-Modified: Mon, 03 Sep 2018 08:56:26 GMT
ETag: "5b8cf73a-3e1"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
mixdrop.co/imgs/illustration-file.png?v=0.1
31.220.1.173200 OK 6.1 kB URL HTTP/1.1 mixdrop.co/imgs/illustration-file.png?v=0.1
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 156 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash ac7bc3165693ceb2310ce242b42aad2c
92eaa7fe672a7dc08fb29efceb391b8d7ae48a89
f22650b424a6477019ffe0bd386bf8973d055e8f81379a746bc2956acd341ee7
GET /imgs/illustration-file.png?v=0.1 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: image/png
Content-Length: 6094
Connection: keep-alive
Last-Modified: Thu, 06 Sep 2018 10:44:37 GMT
ETag: "5b910515-17ce"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
mixdrop.co/imgs/illustration-file2.png?v=0.1
31.220.1.173200 OK 2.9 kB URL HTTP/1.1 mixdrop.co/imgs/illustration-file2.png?v=0.1
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 64 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash 38231e6e14fd6a5fe17efe57621ebcd9
8dcbb8de61de3bab911fad9de4ad0f3a2c66d919
6d47d144ca9452baf8933f652742be411348dce7f6aac5fe0e2271166d8ae47a
GET /imgs/illustration-file2.png?v=0.1 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: image/png
Content-Length: 2860
Connection: keep-alive
Last-Modified: Mon, 10 Sep 2018 12:14:30 GMT
ETag: "5b966026-b2c"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
mixdrop.co/imgs/icon-file.png
31.220.1.173200 OK 1.1 kB URL HTTP/1.1 mixdrop.co/imgs/icon-file.png
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 16 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 519eb7f23ba68ebff98936182ed4a2c1
97be81807b05760c9b1c4e7a0b75e3fe3fe55ab1
c3eba7092875d21659ac3227dda7d5894d336e31822505b193963385b5af18c3
GET /imgs/icon-file.png HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: image/png
Content-Length: 1113
Connection: keep-alive
Last-Modified: Thu, 06 Sep 2018 09:45:59 GMT
ETag: "5b90f757-459"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
mixdrop.co/imgs/mixdrop-logo2.png
31.220.1.173200 OK 3.8 kB URL HTTP/1.1 mixdrop.co/imgs/mixdrop-logo2.png
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 201 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash ec87e2c11db36aeb63d2257bb853fbd8
00b8093649535f7feae5ee8345f8cd806882fc55
672839daf4036a0c4f1842f2c6aae5370cfd407b19149ab10099e14431cf638c
GET /imgs/mixdrop-logo2.png HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: image/png
Content-Length: 3838
Connection: keep-alive
Last-Modified: Tue, 04 Sep 2018 08:49:58 GMT
ETag: "5b8e4736-efe"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
www.google.com/recaptcha/api.js?render=6LetXaoUAAAAAB6axgg4WLG9oZ_6QLTsFXZj-5sd
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LetXaoUAAAAAB6axgg4WLG9oZ_6QLTsFXZj-5sd
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 27a5a830331f016113225add9172b726
605a6160563df046f9e30c76583346a4124bd13c
9643e1bf15e24ed967b6c547cad653be1386529b2f917b0c1c637d26db15e2d1
GET /recaptcha/api.js?render=6LetXaoUAAAAAB6axgg4WLG9oZ_6QLTsFXZj-5sd HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 07 Feb 2023 13:06:22 GMT
date: Tue, 07 Feb 2023 13:06:22 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
westats.dev/js/plausible.js
188.114.96.1200 OK 1.2 kB URL HTTP/2 westats.dev/js/plausible.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (1332), with no line terminators
Hash 3bfc71718208b32a61ac91b539fceb98
34c26bd2773686b799f2933a57003fe88c67d8e2
ec09b3c97bcf47b263334906c10f627ca0d87e8a25a4d5355ced274dc8558624
GET /js/plausible.js HTTP/1.1
Host: westats.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:22 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1iWBw4iBVUsBtkPNCLo0p5MJgBhd%2F5Wpc5HFCOsyX%2BBSw4YKBNpHX6iMM2ndZttQu1Yew3p9%2Fhhk3xt7xyWcF3kFUB%2F5jrHUCT748EAfSiOZMVj5W67%2FBdb21rwYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57aaec16b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 12:51:19 GMT
age: 903
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mixdrop.co/js/modal/patBg2.png
31.220.1.173200 OK 484 B URL HTTP/1.1 mixdrop.co/js/modal/patBg2.png
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash f98155bff0432c0b9f4c5387630a5d4b
80bc6a515c6b18ea491b75b51d1cf9692724944c
5883b864f6c5f5bd58cc1f09ea643b26be03feaae8b9567b54b259a5a94108f2
GET /js/modal/patBg2.png HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/js/modal/modal.css?d=0.1
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: image/png
Content-Length: 484
Connection: keep-alive
Last-Modified: Mon, 20 Aug 2018 13:49:06 GMT
ETag: "5b7ac6d2-1e4"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
mixdrop.co/imgs/illustration-triangles4.png
31.220.1.173200 OK 35 kB URL HTTP/1.1 mixdrop.co/imgs/illustration-triangles4.png
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 1080 x 212, 8-bit colormap, non-interlaced\012- data
Hash 158f9dab7217ae89001fed8a440b4c67
c143c50400d5960390e66dd4e524189f2afb320e
8d37e5f52e6a36c2c01634c4d3e3ec0bd7cf4505a2690d31ee0978a36e81921c
GET /imgs/illustration-triangles4.png HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/css/style.min.css?v=0.1
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:22 GMT
Content-Type: image/png
Content-Length: 35025
Connection: keep-alive
Last-Modified: Wed, 22 Aug 2018 12:32:18 GMT
ETag: "5b7d57d2-88d1"
Expires: Thu, 09 Mar 2023 13:06:22 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 140662
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 03:37:24 GMT
expires: Thu, 01 Feb 2024 03:37:24 GMT
cache-control: public, max-age=31536000
age: 552538
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19150
Expires: Tue, 07 Feb 2023 18:25:32 GMT
Date: Tue, 07 Feb 2023 13:06:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ef94e717b9a7d0a382d4fc910674febf
8108a2714b22a200ef368310ef86abe208f5c0d6
15851bdd1cd59fa1c3d8c574be1e18c7afa93562d33ed6b2332faeaf37e4292b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15851BDD1CD59FA1C3D8C574BE1E18C7AFA93562D33ED6B2332FAEAF37E4292B"
Last-Modified: Sun, 05 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3274
Expires: Tue, 07 Feb 2023 14:00:56 GMT
Date: Tue, 07 Feb 2023 13:06:22 GMT
Connection: keep-alive
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4YHLxbRn6FKXCAMZI8CJqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pJOsGLxJTfTFPgS7aV6OGzK1xZI=
triggerfrontagefaultless.com//dc/0c/86/dc0c86e71026f09bbedfbc463727ff69.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 triggerfrontagefaultless.com//dc/0c/86/dc0c86e71026f09bbedfbc463727ff69.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37184), with no line terminators
Hash fd0118c381291f17ec24d768149767ab
16b1389f19b00faefe36e5f4be3e1b1f84b89513
d73fe1881d2a95f36e46a1d671fedd85f8cdaf426fc644a48c45bb265291360c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET //dc/0c/86/dc0c86e71026f09bbedfbc463727ff69.js HTTP/1.1
Host: triggerfrontagefaultless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 13:06:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5cf69908a43b508002d22064f2dcbe14
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
westats.dev/api/event
188.114.96.1202 Accepted 2 B IP 188.114.96.1:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /api/event HTTP/1.1
Host: westats.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 144
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Tue, 07 Feb 2023 13:06:23 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: F0GMpo78gR8cNZACStYh
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MErYvcIB%2FvXOUEz6R9LFAnbrUvAwp8mBdBzFnocqZ7vJ3mVEaRBYfmz%2B0VZZInhyDoKRQePNLAW%2FKDWG%2BKXqnJhQpiu78ayGAqXE21MngU5q9F4EIHCoAkBfx8q0Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795c57afcb6bb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d78afea3244fcbc9f75d23035d38db9b
fa62310ca27a4e4c48f55da85442925c6c5b033c
47b8b1a427b8fb7aadbacad1efca1920a64999a1939ca5891d542d7b18c779ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "47B8B1A427B8FB7AADBACAD1EFCA1920A64999A1939CA5891D542D7B18C779EE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2953
Expires: Tue, 07 Feb 2023 13:55:36 GMT
Date: Tue, 07 Feb 2023 13:06:23 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 9440397da9d5b01754ccf615efe0a0a7
ab644db2c89bbcafc8c39622c8983967d94b2022
4b07519c62e60e4129da6afea41291f3ffaa8a18135ecd0d2f348f1b27b2113b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 13:06:23 GMT
Last-Modified: Tue, 07 Feb 2023 11:23:39 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VDUm4NYE-t9pOezhlcjdTSJFyqobtIF3ziDBuoBUf8aJYyRbvhLRTQ==
Age: 6165
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 0b4ec9f0aaca91d22a6824c8d0c6d2df
45b288d46f71914c6b1fca7a7201359c3b6d343c
c2dd13ac2922e614015a16c56f96969c71e20d768eb56ec5fa80f3fd257e0677
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mixdrop.co
access-control-allow-credentials: true
set-cookie: uid_id2=2aa23d81-e99b-49a7-a6bb-ed75e037b448:2:1; expires=Fri, 04 Feb 2033 13:06:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d78afea3244fcbc9f75d23035d38db9b
fa62310ca27a4e4c48f55da85442925c6c5b033c
47b8b1a427b8fb7aadbacad1efca1920a64999a1939ca5891d542d7b18c779ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "47B8B1A427B8FB7AADBACAD1EFCA1920A64999A1939CA5891D542D7B18C779EE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2953
Expires: Tue, 07 Feb 2023 13:55:36 GMT
Date: Tue, 07 Feb 2023 13:06:23 GMT
Connection: keep-alive
mixdrop.co/imgs/favicon-16x16.png
31.220.1.173200 OK 588 B URL HTTP/1.1 mixdrop.co/imgs/favicon-16x16.png
IP 31.220.1.173:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 3672b93a001a0214f5f4214981f8649d
502cdab0cda0e09ddef3eb86841ca891c307689b
2ec57857d65e944c4701e454c22cee289718cdd5edb773883cd80a2d78f2e06a
GET /imgs/favicon-16x16.png HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/f/l63dvjl6sqgz4pe?download&err=2
Cookie: PHPSESSID=fhn2m5tf2cve95ifkl2eraa8mq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 13:06:23 GMT
Content-Type: image/png
Content-Length: 588
Connection: keep-alive
Last-Modified: Fri, 21 Aug 2020 16:49:42 GMT
ETag: "5f3ffb26-24c"
Expires: Thu, 09 Mar 2023 13:06:23 GMT
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
216.58.211.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:53:11 GMT
expires: Wed, 07 Feb 2024 08:53:11 GMT
cache-control: public, max-age=31536000
age: 15192
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.194200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (3642)
Hash 9666a9824c8ad59997d8576b65e720c2
b8909c1c6c20d4bc955850b1b3903eddd45eb7d2
5a0077ea756136b903602280f9d8fda1c091023108391cca22bc69cc71feb237
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Feb 2023 13:06:23 GMT
expires: Tue, 07 Feb 2023 13:06:23 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17660007756725868749
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49977
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230202/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 07 Feb 2023 03:35:48 GMT
expires: Tue, 21 Feb 2023 03:35:48 GMT
cache-control: public, max-age=1209600
age: 34235
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 523212af1292f3b9ec327b54db27bab4
1576f13dc17c31de76875abfeae4112bad17b769
e35833e376042163993d9ec60d613f520c7abdb6dd026cea12a8a0acc78949e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3595
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:23 GMT
Last-Modified: Tue, 07 Feb 2023 12:06:29 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 523212af1292f3b9ec327b54db27bab4
1576f13dc17c31de76875abfeae4112bad17b769
e35833e376042163993d9ec60d613f520c7abdb6dd026cea12a8a0acc78949e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3058
Cache-Control: max-age=106053
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:23 GMT
Etag: "63e13c22-118"
Expires: Wed, 08 Feb 2023 18:33:56 GMT
Last-Modified: Mon, 06 Feb 2023 17:42:58 GMT
Server: ECS (amb/6BB0)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 523212af1292f3b9ec327b54db27bab4
1576f13dc17c31de76875abfeae4112bad17b769
e35833e376042163993d9ec60d613f520c7abdb6dd026cea12a8a0acc78949e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3595
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:23 GMT
Last-Modified: Tue, 07 Feb 2023 12:06:29 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 400701
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:20:45 GMT
expires: Tue, 06 Feb 2024 17:20:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 71139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8137f1d72b1382207ea43cbac07e3ccd
a84f90d7e9f809eb94a91a6d797adb6c85c8577e
5a5bb4a953b87c20a45add1ca8e079ceff7595b2d734bd6ae029334a4f1c5427
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A5BB4A953B87C20A45ADD1CA8E079CEFF7595B2D734BD6AE029334A4F1C5427"
Last-Modified: Mon, 06 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9265
Expires: Tue, 07 Feb 2023 15:40:49 GMT
Date: Tue, 07 Feb 2023 13:06:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3796
Expires: Tue, 07 Feb 2023 14:09:40 GMT
Date: Tue, 07 Feb 2023 13:06:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3796
Expires: Tue, 07 Feb 2023 14:09:40 GMT
Date: Tue, 07 Feb 2023 13:06:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3796
Expires: Tue, 07 Feb 2023 14:09:40 GMT
Date: Tue, 07 Feb 2023 13:06:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3796
Expires: Tue, 07 Feb 2023 14:09:40 GMT
Date: Tue, 07 Feb 2023 13:06:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59419fb1cf4689bed183d0e9a6aed782
47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a
e6009407bd61bee1ae16ec30ea5914be77c56ee65dfb30595b10a1cedc6798c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12682
x-amzn-requestid: d858d90a-b1ca-401c-8e00-8ccd9c0a7504
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78mUEsfIAMFreg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1748e-2783de3e3de9c520246bf06e;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:43:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _D5bI_flPN8fUn6aTGqO76FRSDwwC379nkVCBptmZkALErIVFCZfpA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
age: 54665
etag: "47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
age: 54665
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 04:57:37 GMT
age: 29327
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: e7653b49-3160-42e3-8292-8ae32604f775
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc8KEoPoAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb4-68fd76a95ffa656318bedff6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KaitXsesZ9mJducJ54ChzQGfb-2-hEN4W_QojGMKXYEji4xsjNdWCA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 09:07:41 GMT
age: 14323
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d29e7077f69b88a0108efeb7a2efe7e9
1958f83edeb8c6b68f17cead3fb5714f44e619eb
371f02a5b36ac3e52cc6c4e78f0980107a0f92105e79ee53278089ae5ff6de93
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10788
x-amzn-requestid: 8e1c8026-1eea-4eb0-810e-7ea43ed11f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyymWEsSoAMFykg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddcaf5-20fc23b535fa86f56a34fbae;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 03:03:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nb86Kj6pqD3DFzCeTNtTGNXsNfHLvu4kgYq6qmhu2Ygya462lBl0lg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 05:13:55 GMT
age: 28349
etag: "1958f83edeb8c6b68f17cead3fb5714f44e619eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 54665
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
irritateinformantmeddle.com/sbar.json?key=dc0c86e71026f09bbedfbc463727ff69&uuid=2aa23d81-e99b-49a7-a6bb-ed75e037b448%3A2%3A1
100.25.236.192200 OK 4.2 kB URL HTTP/1.1 irritateinformantmeddle.com/sbar.json?key=dc0c86e71026f09bbedfbc463727ff69&uuid=2aa23d81-e99b-49a7-a6bb-ed75e037b448%3A2%3A1
IP 100.25.236.192:0
File type JSON data\012- , ASCII text, with very long lines (5745), with no line terminators
Hash 7c72947a08168ac84faea3d82a0199eb
8d32a25a08784e95659e9d51c33d011cdff22d05
f4d7d2f8e07f22e3be7cfe647b2a409b34df2f049f6e09a7902195eb0fc0ffba
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=dc0c86e71026f09bbedfbc463727ff69&uuid=2aa23d81-e99b-49a7-a6bb-ed75e037b448%3A2%3A1 HTTP/1.1
Host: irritateinformantmeddle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 13:06:24 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mixdrop.co
Access-Control-Allow-Origin: https://mixdrop.co
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17128990; expires=Wed, 08 Feb 2023 13:06:24 GMT; secure; SameSite=None
uid_id2=2aa23d81-e99b-49a7-a6bb-ed75e037b448:2:1; expires=Tue, 14 Feb 2023 13:06:24 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 Feb 2023 13:06:24 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 Feb 2023 13:06:24 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 08 Feb 2023 13:06:24 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 08 Feb 2023 13:06:24 GMT; secure; SameSite=None
slecdc0c86e71026f09bbedfbc463727ff69=[3870584]; expires=Tue, 07 Feb 2023 13:06:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0cea071ed44dd39d9703127fcf5f0973
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 42708619cb3c92b527533b520229f2d0
cbc1ff690691653198683f16f806e845bc841e82
2f0256dab18791c69682fc936807d391a136c4b7dbae14ad5a9082dc6535bada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 13:06:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 20:06:29 GMT
Expires: Mon, 13 Feb 2023 20:06:28 GMT
Etag: "cbc1ff690691653198683f16f806e845bc841e82"
Cache-Control: max-age=543003,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795c57b6cfe41bfa-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28722a81dd6194f41bee4e8714bd4af3
181ca47fb7d681257ceae92c3af80ed0f8798088
13d9f4e4a5e2ea847b2593614f3c1cda45bfe22913b3f76dcbefddb50c94b532
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13D9F4E4A5E2EA847B2593614F3C1CDA45BFE22913B3F76DCBEFDDB50C94B532"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4315
Expires: Tue, 07 Feb 2023 14:18:19 GMT
Date: Tue, 07 Feb 2023 13:06:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b317d1ec3f151d7348a57c62f689a6ef
1fe7df7bc019e321f82943119fae230b0126258d
8fc767ad26c25f2f3b37af2517babae85f1a274b54cca3db1df4c80e939fd50f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FC767AD26C25F2F3B37AF2517BABAE85F1A274B54CCA3DB1DF4C80E939FD50F"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2370
Expires: Tue, 07 Feb 2023 13:45:54 GMT
Date: Tue, 07 Feb 2023 13:06:24 GMT
Connection: keep-alive
irritateinformantmeddle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9k48GCj5EgxCwBQVIePNmv4cUESEEWRjHSoIsKJDe16wffjtv9N7MztqVRSQUiWbTUY7P2rFIIkRERREJrWmQG9gUaAuMxF9AUKNdr7Rwi7n3zrnSO%2Fec%2B%2BV%2Bfkoocjbd%2BMjuamPYpWaVVt7c1Im0ha%2Bs366EtEovVzZ10mpcrgxmH9d%2FJ6TNKn2r8oES2%2FZSjYaUhjSsXNdOxXZwaY5Cp4%2BisBrRaqNWDZsNDNz%2Fe58H8CyA7J%2BSF6Hl5OLWz4%2BhxRhJ77trym9nNn37%2FV5uWGYd%2BvLo42Q7sUWC3rKMXYA4OVpMw%2FoJIV%2Bfg02OFhvA9g9mG4DrCQl%2BC8GTowVN8P7hGVNuoBJw%2BSyK%2FhjKjKHZGMLegZa%2FEkBIrN9A0ru%2Fbl3Bds5QNkMn5MI%2Ff0EXE3Lh95eQ9L69avSgcsuaPNM28RjEJfRgDN0dI82Pke0G0MUxRPYFtCRIeiW0nL5RY6xWl51wRUURX2lErL3CWpyvKNluKlpv80ajM5dG6zF0PIZRQzB%2FDrkPkOsAeRwgTwP05LTCmlFMaTvmcb3eaQgh6nUhmp2WbMp6oxNT5GLGfYgsHUKYIYTbQ%2Br2sK3vTQj542%2B4%2FEf4rRJeBvAZQV%2BWKBRB4QkKRlBogiIjKPrloTS%2B5sv70vich4tcW%2BR6ObJZd58d2qyrErKfnpIXZqoFFz97DdtqWpGCik5LtUNaa8U04lzJmItGq96uteO4FcHrEtqfA%2FMBdvWEvDJ9inRm5Vc%2FgLNjeHMMoZ8Hy18FK0btGgXbGjU6FLvJg54eSGfTamYhbYk0u4BsJ9g3p%2BTluXeXnxtAiZMr39fnAeFKpK7E5%2Fongq65O7ppC3Jw0xaePL6RZrqnd9nM11sZy9T5Bx%2BqncI6uXrND795V8yAWfnotvLZGkukTrqePLyqpVTuunVCkSerflPxjdxvXc1dkqdrG%2B9dX%2B2lTnmvbTIG0xNCpqsQekKeefLp%2FGZff%2FgJtBvD5SV6%2BQlZBLQ9hkj34NMlf28JnFnO8DRAkZcjV%2BPLn0YTGLXsGS%2Fh%2F9PzZb3v76LrArDszvxS%2B65E35RgZgifnx9lqTu58nTxODfBiBsXHHDjzL0zcb2eVlQzprGiNcXjiMdtRmUUNyLOolC1eZOFyPxE%2FLn2y78AAAD%2F%2FwEAAP%2F%2FTsPWposEAAA%3D
100.25.236.192200 OK 7 B URL HTTP/1.1 irritateinformantmeddle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9k48GCj5EgxCwBQVIePNmv4cUESEEWRjHSoIsKJDe16wffjtv9N7MztqVRSQUiWbTUY7P2rFIIkRERREJrWmQG9gUaAuMxF9AUKNdr7Rwi7n3zrnSO%2Fec%2B%2BV%2Bfkoocjbd%2BMjuamPYpWaVVt7c1Im0ha%2Bs366EtEovVzZ10mpcrgxmH9d%2FJ6TNKn2r8oES2%2FZSjYaUhjSsXNdOxXZwaY5Cp4%2BisBrRaqNWDZsNDNz%2Fe58H8CyA7J%2BSF6Hl5OLWz4%2BhxRhJ77trym9nNn37%2FV5uWGYd%2BvLo42Q7sUWC3rKMXYA4OVpMw%2FoJIV%2Bfg02OFhvA9g9mG4DrCQl%2BC8GTowVN8P7hGVNuoBJw%2BSyK%2FhjKjKHZGMLegZa%2FEkBIrN9A0ru%2Fbl3Bds5QNkMn5MI%2Ff0EXE3Lh95eQ9L69avSgcsuaPNM28RjEJfRgDN0dI82Pke0G0MUxRPYFtCRIeiW0nL5RY6xWl51wRUURX2lErL3CWpyvKNluKlpv80ajM5dG6zF0PIZRQzB%2FDrkPkOsAeRwgTwP05LTCmlFMaTvmcb3eaQgh6nUhmp2WbMp6oxNT5GLGfYgsHUKYIYTbQ%2Br2sK3vTQj542%2B4%2FEf4rRJeBvAZQV%2BWKBRB4QkKRlBogiIjKPrloTS%2B5sv70vich4tcW%2BR6ObJZd58d2qyrErKfnpIXZqoFFz97DdtqWpGCik5LtUNaa8U04lzJmItGq96uteO4FcHrEtqfA%2FMBdvWEvDJ9inRm5Vc%2FgLNjeHMMoZ8Hy18FK0btGgXbGjU6FLvJg54eSGfTamYhbYk0u4BsJ9g3p%2BTluXeXnxtAiZMr39fnAeFKpK7E5%2Fongq65O7ppC3Jw0xaePL6RZrqnd9nM11sZy9T5Bx%2BqncI6uXrND795V8yAWfnotvLZGkukTrqePLyqpVTuunVCkSerflPxjdxvXc1dkqdrG%2B9dX%2B2lTnmvbTIG0xNCpqsQekKeefLp%2FGZff%2FgJtBvD5SV6%2BQlZBLQ9hkj34NMlf28JnFnO8DRAkZcjV%2BPLn0YTGLXsGS%2Fh%2F9PzZb3v76LrArDszvxS%2B65E35RgZgifnx9lqTu58nTxODfBiBsXHHDjzL0zcb2eVlQzprGiNcXjiMdtRmUUNyLOolC1eZOFyPxE%2FLn2y78AAAD%2F%2FwEAAP%2F%2FTsPWposEAAA%3D
IP 100.25.236.192:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9k48GCj5EgxCwBQVIePNmv4cUESEEWRjHSoIsKJDe16wffjtv9N7MztqVRSQUiWbTUY7P2rFIIkRERREJrWmQG9gUaAuMxF9AUKNdr7Rwi7n3zrnSO%2Fec%2B%2BV%2Bfkoocjbd%2BMjuamPYpWaVVt7c1Im0ha%2Bs366EtEovVzZ10mpcrgxmH9d%2FJ6TNKn2r8oES2%2FZSjYaUhjSsXNdOxXZwaY5Cp4%2BisBrRaqNWDZsNDNz%2Fe58H8CyA7J%2BSF6Hl5OLWz4%2BhxRhJ77trym9nNn37%2FV5uWGYd%2BvLo42Q7sUWC3rKMXYA4OVpMw%2FoJIV%2Bfg02OFhvA9g9mG4DrCQl%2BC8GTowVN8P7hGVNuoBJw%2BSyK%2FhjKjKHZGMLegZa%2FEkBIrN9A0ru%2Fbl3Bds5QNkMn5MI%2Ff0EXE3Lh95eQ9L69avSgcsuaPNM28RjEJfRgDN0dI82Pke0G0MUxRPYFtCRIeiW0nL5RY6xWl51wRUURX2lErL3CWpyvKNluKlpv80ajM5dG6zF0PIZRQzB%2FDrkPkOsAeRwgTwP05LTCmlFMaTvmcb3eaQgh6nUhmp2WbMp6oxNT5GLGfYgsHUKYIYTbQ%2Br2sK3vTQj542%2B4%2FEf4rRJeBvAZQV%2BWKBRB4QkKRlBogiIjKPrloTS%2B5sv70vich4tcW%2BR6ObJZd58d2qyrErKfnpIXZqoFFz97DdtqWpGCik5LtUNaa8U04lzJmItGq96uteO4FcHrEtqfA%2FMBdvWEvDJ9inRm5Vc%2FgLNjeHMMoZ8Hy18FK0btGgXbGjU6FLvJg54eSGfTamYhbYk0u4BsJ9g3p%2BTluXeXnxtAiZMr39fnAeFKpK7E5%2Fongq65O7ppC3Jw0xaePL6RZrqnd9nM11sZy9T5Bx%2BqncI6uXrND795V8yAWfnotvLZGkukTrqePLyqpVTuunVCkSerflPxjdxvXc1dkqdrG%2B9dX%2B2lTnmvbTIG0xNCpqsQekKeefLp%2FGZff%2FgJtBvD5SV6%2BQlZBLQ9hkj34NMlf28JnFnO8DRAkZcjV%2BPLn0YTGLXsGS%2Fh%2F9PzZb3v76LrArDszvxS%2B65E35RgZgifnx9lqTu58nTxODfBiBsXHHDjzL0zcb2eVlQzprGiNcXjiMdtRmUUNyLOolC1eZOFyPxE%2FLn2y78AAAD%2F%2FwEAAP%2F%2FTsPWposEAAA%3D HTTP/1.1
Host: irritateinformantmeddle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Cookie: u_pl=17128990; uid_id2=2aa23d81-e99b-49a7-a6bb-ed75e037b448:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 13:06:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b4e37ba7ba19d864aa96a8f71d4f68c
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 13 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2031e042e0189c6abc8822fc75fc245f
8343c7bfec8f4d5715d4511bfd76b8063d855c6d
4c917ea180f9dbca43f22e4a8acecdeb8cd37bfa6c1c413c2daa7c267e0a0381
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A014AAEBCDBB4BEABF4EC663C1C2837735C1D78DA37A2AF01EEC068D597938AA"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2346
Expires: Tue, 07 Feb 2023 13:45:30 GMT
Date: Tue, 07 Feb 2023 13:06:24 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 42708619cb3c92b527533b520229f2d0
cbc1ff690691653198683f16f806e845bc841e82
2f0256dab18791c69682fc936807d391a136c4b7dbae14ad5a9082dc6535bada
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 13:06:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 20:06:29 GMT
Expires: Mon, 13 Feb 2023 20:06:28 GMT
Etag: "cbc1ff690691653198683f16f806e845bc841e82"
Cache-Control: max-age=543003,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795c57b85a0e1bfa-OSL
unseenreport.com/pxf.gif?uuid=2aa23d81-e99b-49a7-a6bb-ed75e037b448&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=dc0c86e71026f09bbedfbc463727ff69&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=2aa23d81-e99b-49a7-a6bb-ed75e037b448&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=dc0c86e71026f09bbedfbc463727ff69&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=2aa23d81-e99b-49a7-a6bb-ed75e037b448&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=dc0c86e71026f09bbedfbc463727ff69&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 13:06:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bafaf249f0e5717e8c2ab05c098ff311
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
172.64.166.9200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/img/close.png
IP 172.64.166.9:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/v2/new/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 05 Jul 2022 10:43:39 GMT
etag: "62c415db-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7254924
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7nyUpmUdLb5u%2FEyUTSUSUIgsypU66iYyyngPmYKEQt2ut1pwXXQX0ZNhONiX6sGrbOLcrRj1cwj%2Bby0ro3B7yy4IQ3Pb1Jk2raulFIx5p4%2BQEOBr7vuXlfA4J%2Fe8dFnuLcG8TLpMqQz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b8ccbd772c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ac77572440f440a84d10291367c5699
580a0335b000a30b95ec8176c2b03b8342b53754
1947f953a2895c290fb53aca99f2702232d35eee392bd30f5743934bda6b684a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5831
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:24 GMT
Last-Modified: Tue, 07 Feb 2023 11:29:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
discovernative.com/script/native.php?nwpsv=1&r=5412643&cbrandom=0.8661270372681313&cbWidth=1280&cbHeight=939&cbtitle=MixDrop%20-%20Download%20AliceAwakening-v042-STABLE&cbref=http%3A%2F%2Fs-delivery34.mxdcontent.net%2F&cbdescription=&cbkeywords=mixdrop%2Cshare%20file%2Cshare%20video%2Cupload%20file%2Cupload%20video&cbiframe=0&&callback=jsonp651077
130.211.31.231200 OK 4.2 kB URL HTTP/2 discovernative.com/script/native.php?nwpsv=1&r=5412643&cbrandom=0.8661270372681313&cbWidth=1280&cbHeight=939&cbtitle=MixDrop%20-%20Download%20AliceAwakening-v042-STABLE&cbref=http%3A%2F%2Fs-delivery34.mxdcontent.net%2F&cbdescription=&cbkeywords=mixdrop%2Cshare%20file%2Cshare%20video%2Cupload%20file%2Cupload%20video&cbiframe=0&&callback=jsonp651077
IP 130.211.31.231:0
Hash 8361cd9ec648d2f920438d4bbea56587
0db4da6a741da736592be4dbb62b1e60d9191d0f
7db579d9909420bd31d0b10a6946c1b302b0dd0d77cd08b24750030b434e2849
GET /script/native.php?nwpsv=1&r=5412643&cbrandom=0.8661270372681313&cbWidth=1280&cbHeight=939&cbtitle=MixDrop%20-%20Download%20AliceAwakening-v042-STABLE&cbref=http%3A%2F%2Fs-delivery34.mxdcontent.net%2F&cbdescription=&cbkeywords=mixdrop%2Cshare%20file%2Cshare%20video%2Cupload%20file%2Cupload%20video&cbiframe=0&&callback=jsonp651077 HTTP/1.1
Host: discovernative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
link: <//discovernative.com>; rel=dns-prefetch,<//discovernative.com>; rel=preconnect,<//cdnativ.com>; rel=dns-prefetch,<//cdnativ.com>; rel=preconnect
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ac77572440f440a84d10291367c5699
580a0335b000a30b95ec8176c2b03b8342b53754
1947f953a2895c290fb53aca99f2702232d35eee392bd30f5743934bda6b684a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2459
Cache-Control: max-age=142160
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:24 GMT
Etag: "63e1cb85-117"
Expires: Thu, 09 Feb 2023 04:35:44 GMT
Last-Modified: Tue, 07 Feb 2023 03:54:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ac77572440f440a84d10291367c5699
580a0335b000a30b95ec8176c2b03b8342b53754
1947f953a2895c290fb53aca99f2702232d35eee392bd30f5743934bda6b684a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 130
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:24 GMT
Etag: "63e1cb85-117"
Last-Modified: Tue, 07 Feb 2023 13:04:14 GMT
Server: ECS (amb/6B98)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ac77572440f440a84d10291367c5699
580a0335b000a30b95ec8176c2b03b8342b53754
1947f953a2895c290fb53aca99f2702232d35eee392bd30f5743934bda6b684a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 472
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:24 GMT
Etag: "63e1cb85-117"
Last-Modified: Tue, 07 Feb 2023 12:58:32 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1ac77572440f440a84d10291367c5699
580a0335b000a30b95ec8176c2b03b8342b53754
1947f953a2895c290fb53aca99f2702232d35eee392bd30f5743934bda6b684a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5831
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 13:06:24 GMT
Last-Modified: Tue, 07 Feb 2023 11:29:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
cdnativ.com/extban/323908020/creatives/23580738/5928366b590a583ed19a6fb8a2f58787_7808.jpg
104.21.1.203200 OK 60 kB URL HTTP/2 cdnativ.com/extban/323908020/creatives/23580738/5928366b590a583ed19a6fb8a2f58787_7808.jpg
IP 104.21.1.203:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Hash 805d66972936f944b170c6bda3744f45
690998983020e398b2eba4b8882148e43c045457
9dfaa645499e32b3513989fd428c6b5fed1fb79579f3d8e45e7a52227cc0953a
GET /extban/323908020/creatives/23580738/5928366b590a583ed19a6fb8a2f58787_7808.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: image/jpeg
last-modified: Sun, 05 Feb 2023 21:24:19 GMT
etag: W/"63e01e83-ea91"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 4236
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8lhb0MQW5b0Q1Cgtl2tTG800kA4PqMNFhUpzjDIggAPeuWsaonN9Y6QZsSVjwUdUeDp0qDD3HKVnA0xyjZYUfwHeTyKK2AHKs6EopZpxZMlTSRWEHSedNlQ0MpbVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b8ebfab4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnativ.com/extban/323908020/creatives/23580744/b53d75a0ff83c531e8cf161129cdf2d5_2868.jpg
104.21.1.203200 OK 71 kB URL HTTP/2 cdnativ.com/extban/323908020/creatives/23580744/b53d75a0ff83c531e8cf161129cdf2d5_2868.jpg
IP 104.21.1.203:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x500, components 3\012- data
Hash b50fb7c506c31921bcf97c2a3919f80c
4fdd8fbb5263266f3f487beeb4167fb2e05487d3
b9f105ed1a45c810f25e87ac7af3a417fdd2637194a3139420026596c7514d4c
GET /extban/323908020/creatives/23580744/b53d75a0ff83c531e8cf161129cdf2d5_2868.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: image/jpeg
last-modified: Sun, 05 Feb 2023 21:31:53 GMT
etag: W/"63e02049-113d6"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 5032
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ujbyg9BoM6fuyAcXp%2F9uRQ%2FQpQfuu%2FDC%2FaBtIZ3dcVZ4wj0TWllMpn8fo49Dg0a8AROmkuLhjF4ligrPkE2rf%2Bpnej%2B8Kuqx5SL9Baazh5X895lBUNVL9isNXusVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b8fc07b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png
45.133.44.9200 OK 80 kB URL HTTP/2 cdn.cloudimagesb.com/si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 422ab27df20d8765e0fcd3aa74306f6b
3b69a90b3d1a5bd964280b7bad97c2a5baaa6951
9f2c6b29335b1545ddfa2f7e84286472468f737e1d73f6f0562babac6e3afa5a
GET /si/4f/21/b6/4f21b6f8926b18cc8cec37ffa47004e5/1671506253.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: image/png
content-length: 79704
server: nginx/1.17.6
last-modified: Tue, 20 Dec 2022 03:17:41 GMT
etag: "63a12955-13758"
expires: Thu, 09 Feb 2023 13:06:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
irritateinformantmeddle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSO28cVRS%2Bk0cDBQ%2FRIARsQQES3sxrX6SICCHIwjhWEmRBgXRfs7747tzRvTM7a1cWkVAkmk1HOf7WjkUSISIqikhoTYPcwKZAW2Ak%2FgKCGu16pYVTzDlnviPd73zf%2BXK%2FOCU%2BCjrd%2BMjsKq3ppUbdr725qVJhSldbv10L%2FLp%2Fubap0mZ8uTaYfWz%2FncBv1P23ah9Ivm0uhX7g%2B4Ef1K4rKxMzuDRHobJHnaDe8etxWA8aMQb2%2F70rPDjqQfRPyYtQYnJx6%2BfHUHyMtPfdNem2c5O9%2FX6v0DQ3Fn1x9HG6nZoyRW9ZJtZDkh4tpmHchJCvz8GkR4sNYPoHsw3A1IR4vwVg6dGCJlj%2F8Iwp05ApmHgWZX8MqcdQdAxu7kCJXwnABdZvIO3dXze2pDtnKJ2hE3Lhn7%2Bgygm58PtLSHvfXtVqULtldJErkzoMkgpqMIbqjpEVx8h3PajyGDz%2FAkoQpL0KSkzfCCkNI9EOVmSnw1biDm2t0CZjK1K0GtKPWiyO23NplBpDJWNoOQR151A4D4XyUCQeisxDT0xrtNFJfL%2BVsCSK2jHnPIo4b7SboiGiuJ34KPiM%2BxB5NgTXQ3C7h8zuYVvdmxDyx9%2BwxY9wWxWc8OBygr6oUEqC0hGUlKBUBGVOUParQ6Fd6Kr7QruCBYscLnJUjUze3aeHJu%2FKlOxnp%2BSFmWrexc9ew7ac1gT3ebspW4EfNhO%2Fw5gUCeNxM2qFrSRpduBUBeXOgToPu2pCXpk%2BRTaz8qsfwOgxnD4GV8%2BDFq%2BClqNW6INujeK2j930QU8NhDVZPTcQpkKWX0C%2B4%2B3rU%2FLy3LvLzw0g%2BcmV76N5gNsKma3wufqJoKvvjm6akhzcNKUjj29kueqpXTrz9VZOc3n%2BwYdypzRWrF5zw2%2Fe5TNgVj66LV2%2BRlOh0q4jD68qIaS9biyX5Mmq25Rso3BbVwubFtnaxnvXV3uZlc4pk45B1YSQ6Sq4mpBnnnw6v9nXH34CZcewRYVecUIWAWWOwbM9uGzJ3xkCq5czLPNQFtXIhmz5UysCLZc9ZRXcf3q2rPfdXXStB5rfmV9q31bo6wpUD%2BGK86M8sydXni4eZ9obMW29A6atvncmrlPTWiOIZZu1W1wIJrkIWmHUjnw%2FFCJudWTQQe4m%2FM%2B1X%2F4FAAD%2F%2FwEAAP%2F%2FWstYQIsEAAA%3D
100.25.236.192200 OK 7 B URL HTTP/1.1 irritateinformantmeddle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSO28cVRS%2Bk0cDBQ%2FRIARsQQES3sxrX6SICCHIwjhWEmRBgXRfs7747tzRvTM7a1cWkVAkmk1HOf7WjkUSISIqikhoTYPcwKZAW2Ak%2FgKCGu16pYVTzDlnviPd73zf%2BXK%2FOCU%2BCjrd%2BMjsKq3ppUbdr725qVJhSldbv10L%2FLp%2Fubap0mZ8uTaYfWz%2FncBv1P23ah9Ivm0uhX7g%2B4Ef1K4rKxMzuDRHobJHnaDe8etxWA8aMQb2%2F70rPDjqQfRPyYtQYnJx6%2BfHUHyMtPfdNem2c5O9%2FX6v0DQ3Fn1x9HG6nZoyRW9ZJtZDkh4tpmHchJCvz8GkR4sNYPoHsw3A1IR4vwVg6dGCJlj%2F8Iwp05ApmHgWZX8MqcdQdAxu7kCJXwnABdZvIO3dXze2pDtnKJ2hE3Lhn7%2Bgygm58PtLSHvfXtVqULtldJErkzoMkgpqMIbqjpEVx8h3PajyGDz%2FAkoQpL0KSkzfCCkNI9EOVmSnw1biDm2t0CZjK1K0GtKPWiyO23NplBpDJWNoOQR151A4D4XyUCQeisxDT0xrtNFJfL%2BVsCSK2jHnPIo4b7SboiGiuJ34KPiM%2BxB5NgTXQ3C7h8zuYVvdmxDyx9%2BwxY9wWxWc8OBygr6oUEqC0hGUlKBUBGVOUParQ6Fd6Kr7QruCBYscLnJUjUze3aeHJu%2FKlOxnp%2BSFmWrexc9ew7ac1gT3ebspW4EfNhO%2Fw5gUCeNxM2qFrSRpduBUBeXOgToPu2pCXpk%2BRTaz8qsfwOgxnD4GV8%2BDFq%2BClqNW6INujeK2j930QU8NhDVZPTcQpkKWX0C%2B4%2B3rU%2FLy3LvLzw0g%2BcmV76N5gNsKma3wufqJoKvvjm6akhzcNKUjj29kueqpXTrz9VZOc3n%2BwYdypzRWrF5zw2%2Fe5TNgVj66LV2%2BRlOh0q4jD68qIaS9biyX5Mmq25Rso3BbVwubFtnaxnvXV3uZlc4pk45B1YSQ6Sq4mpBnnnw6v9nXH34CZcewRYVecUIWAWWOwbM9uGzJ3xkCq5czLPNQFtXIhmz5UysCLZc9ZRXcf3q2rPfdXXStB5rfmV9q31bo6wpUD%2BGK86M8sydXni4eZ9obMW29A6atvncmrlPTWiOIZZu1W1wIJrkIWmHUjnw%2FFCJudWTQQe4m%2FM%2B1X%2F4FAAD%2F%2FwEAAP%2F%2FWstYQIsEAAA%3D
IP 100.25.236.192:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSO28cVRS%2Bk0cDBQ%2FRIARsQQES3sxrX6SICCHIwjhWEmRBgXRfs7747tzRvTM7a1cWkVAkmk1HOf7WjkUSISIqikhoTYPcwKZAW2Ak%2FgKCGu16pYVTzDlnviPd73zf%2BXK%2FOCU%2BCjrd%2BMjsKq3ppUbdr725qVJhSldbv10L%2FLp%2Fubap0mZ8uTaYfWz%2FncBv1P23ah9Ivm0uhX7g%2B4Ef1K4rKxMzuDRHobJHnaDe8etxWA8aMQb2%2F70rPDjqQfRPyYtQYnJx6%2BfHUHyMtPfdNem2c5O9%2FX6v0DQ3Fn1x9HG6nZoyRW9ZJtZDkh4tpmHchJCvz8GkR4sNYPoHsw3A1IR4vwVg6dGCJlj%2F8Iwp05ApmHgWZX8MqcdQdAxu7kCJXwnABdZvIO3dXze2pDtnKJ2hE3Lhn7%2Bgygm58PtLSHvfXtVqULtldJErkzoMkgpqMIbqjpEVx8h3PajyGDz%2FAkoQpL0KSkzfCCkNI9EOVmSnw1biDm2t0CZjK1K0GtKPWiyO23NplBpDJWNoOQR151A4D4XyUCQeisxDT0xrtNFJfL%2BVsCSK2jHnPIo4b7SboiGiuJ34KPiM%2BxB5NgTXQ3C7h8zuYVvdmxDyx9%2BwxY9wWxWc8OBygr6oUEqC0hGUlKBUBGVOUParQ6Fd6Kr7QruCBYscLnJUjUze3aeHJu%2FKlOxnp%2BSFmWrexc9ew7ac1gT3ebspW4EfNhO%2Fw5gUCeNxM2qFrSRpduBUBeXOgToPu2pCXpk%2BRTaz8qsfwOgxnD4GV8%2BDFq%2BClqNW6INujeK2j930QU8NhDVZPTcQpkKWX0C%2B4%2B3rU%2FLy3LvLzw0g%2BcmV76N5gNsKma3wufqJoKvvjm6akhzcNKUjj29kueqpXTrz9VZOc3n%2BwYdypzRWrF5zw2%2Fe5TNgVj66LV2%2BRlOh0q4jD68qIaS9biyX5Mmq25Rso3BbVwubFtnaxnvXV3uZlc4pk45B1YSQ6Sq4mpBnnnw6v9nXH34CZcewRYVecUIWAWWOwbM9uGzJ3xkCq5czLPNQFtXIhmz5UysCLZc9ZRXcf3q2rPfdXXStB5rfmV9q31bo6wpUD%2BGK86M8sydXni4eZ9obMW29A6atvncmrlPTWiOIZZu1W1wIJrkIWmHUjnw%2FFCJudWTQQe4m%2FM%2B1X%2F4FAAD%2F%2FwEAAP%2F%2FWstYQIsEAAA%3D HTTP/1.1
Host: irritateinformantmeddle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Cookie: u_pl=17128990; uid_id2=2aa23d81-e99b-49a7-a6bb-ed75e037b448:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 13:06:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b941ef1f0e42c2351a4cfc7073c31be5
Strict-Transport-Security: max-age=0; includeSubdomains
irritateinformantmeddle.com/pixel/sbs?c=1
100.25.236.192200 OK 0 B URL HTTP/1.1 irritateinformantmeddle.com/pixel/sbs?c=1
IP 100.25.236.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: irritateinformantmeddle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Cookie: u_pl=17128990; uid_id2=2aa23d81-e99b-49a7-a6bb-ed75e037b448:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 13:06:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
X-Request-ID: 95d5209a6aa26d923b516a548646b355
Strict-Transport-Security: max-age=0; includeSubdomains
superonclick.com/script/native_render.js
172.67.189.120200 OK 0 B URL HTTP/2 superonclick.com/script/native_render.js
IP 172.67.189.120:0
GET /script/native_render.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:23 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdswAoKQXHWGzqZIK1jJz9tUShC3cniiZVLvAgYem5_C2GcQm066VRb-EH5V8BDKUbr6Y5Qu7uwFRo9OwR-yQvzBsg
x-goog-generation: 1550052950916101
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4285
x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 07 Feb 2023 13:29:24 GMT
cache-control: public, max-age=14400
age: 2209
last-modified: Wed, 13 Feb 2019 10:15:50 GMT
etag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLF3QgF%2FjXdLrFOzsKyQXsfw7%2Fq9CgMkEsfwbUVc648177a53GbWZZc9L86yEAxIwsZTrp6QgK4CEXGbP4Z4fHWfUpID6%2BRMazRmhO74Tl9%2BBetMG1%2FsLtP4h3HhBmKhc%2FWm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b37c271c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnativ.com/extban/323908020/creatives/23580750/f12619bc25ac0c39c5db20b908226972_7891.jpg
104.21.1.203200 OK 0 B URL HTTP/2 cdnativ.com/extban/323908020/creatives/23580750/f12619bc25ac0c39c5db20b908226972_7891.jpg
IP 104.21.1.203:0
GET /extban/323908020/creatives/23580750/f12619bc25ac0c39c5db20b908226972_7891.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: image/jpeg
last-modified: Sun, 05 Feb 2023 21:33:52 GMT
etag: W/"63e020c0-ed8a"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 5032
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bativDGN36Q1LpHIE1RHxoul%2FNfXIkMWEfLFJ3g33Ib3Aa1ylCVydu%2B8qB5gi0lUp1dXzrm1MN5YOmfg%2FvzSHejpBPYZAApe0eijpe2EVGggE8zjEZGfegFZajph8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b8fc06b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.202.23200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.202.23:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:23 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 424d63c4f1a220404d76e6bd243020bb
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 07 Feb 2023 13:06:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgk7yBC%2BPI%2BKt457FlBZ%2FaxgD93NwO8xV%2BOlBB6G4Q1Bgse5PjR5s9xxLiD8rI3uqxf1WPuhezIW2zVmr%2BMkgbFI1T58Ky7Lqoo0geIvnM0G2Fu3dV1r4WTcbm1Jqg3l5qKAvqI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b07bd2776e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:400,900|Roboto
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:400,900|Roboto
IP 142.250.74.106:0
GET /css?family=Raleway:400,900|Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 13:06:22 GMT
date: Tue, 07 Feb 2023 13:06:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
IP 172.64.166.9:0
GET /sb/chat/mob/ssp/v2/new/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:58 GMT
etag: W/"62ceb706-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7254924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ODyfp1RqSnne6c%2BikBlT8aUDEyJVD72X8G8uEmQ42btJv0aR9h%2BpHDdFM6vw3XH%2FkxAe13iIUkQFSiwcdNikhVSVFGvJ85GAslmeurK1N0v%2BezAt0gJPva%2FqZVfAUkZD%2Fga%2Fyjm69mt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b8ccc0772c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnativ.com/extban/323908020/creatives/23580732/fe773ae4339a8cce4c6eb6b4c6aeeb42_3148.jpg
104.21.1.203200 OK 0 B URL HTTP/2 cdnativ.com/extban/323908020/creatives/23580732/fe773ae4339a8cce4c6eb6b4c6aeeb42_3148.jpg
IP 104.21.1.203:0
GET /extban/323908020/creatives/23580732/fe773ae4339a8cce4c6eb6b4c6aeeb42_3148.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: image/jpeg
last-modified: Sun, 05 Feb 2023 21:21:47 GMT
etag: W/"63e01deb-10dc7"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 2988
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kTdrT3csT2vWdIr55ZVCKjnnssSLmn2YEvmFCVD2N8lbXqOJkxxv0Pv1d7zBPj6APRuvEaU1JoIrUiqthL%2F8Ff%2F%2BlRVtOIqduXNW%2F%2FxW8T8mx2JhumzSWg9gqa5Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b91c24b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
superonclick.com/script/native_server.js
172.67.189.120200 OK 0 B URL HTTP/2 superonclick.com/script/native_server.js
IP 172.67.189.120:0
GET /script/native_server.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:23 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtt2MsOxBTyp24RcF5JL2Md2lozd8rfudOEDTyb1kZBruT9DzgpYc3rqT4P_GG1vz59kW6HXduepeidMYY1AqLKuA
x-goog-generation: 1550052952705094
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9260
x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 07 Feb 2023 12:44:56 GMT
cache-control: public, max-age=14400
age: 3211
last-modified: Wed, 13 Feb 2019 10:15:52 GMT
etag: W/"51d87e9ebd831fccab6a016079a60793"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jajKOv%2FXhyqMsYFbzdl%2FBLh2yG%2BoEC8CMikV5bripiEAFmTj1fAtNz7a%2BgrJAUJ2TpnW5aQwz1KzYNb0pGiYXuEW6rNDA4wTW3Snf%2BlOPyIlc97B9%2B7wMcY7dFqH8sf%2F2leS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b34bfa1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 13 Jul 2022 12:11:03 GMT
etag: W/"62ceb657-4a6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 07 Feb 2023 14:06:24 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
IP 172.64.166.9:0
GET /sb/chat/mob/ssp/v2/new/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:55 GMT
etag: W/"62ceb703-1229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1247991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otwl9FNqNbA%2BfqncwQWYm5MwG%2FP%2FoUy%2FYI7l2%2F%2B51SGh%2BtC8BMpTFw%2FJun4tWjd0zW4s60EDfwHREE%2BMwJlvt6OBZbSYj8ypISCBpIMo0Kr2rdwCsf1eIdm4sUaPTbTWfX9kBHjEQEiM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b87c59772c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
IP 172.64.166.9:0
GET /sb/chat/mob/ssp/v2/new/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.co
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7254734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvHZgKzjUEwsJxbaihNFFwbsyBfPfpahNtyHCHEnqAOmRevNnG16UDXLz6bl0HjX62hIyxw7yZrHgFUqE5lWIngHnsfoNJRsToaCv8HkGVFGji0Rbn1aQhw%2BYKypCVNFgo1Xk373Ug7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b87c5e772c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnativ.com/extban/323908020/creatives/23580734/abfc66529c28c05865d998785c03bcd1_5569.jpg
104.21.1.203200 OK 0 B URL HTTP/2 cdnativ.com/extban/323908020/creatives/23580734/abfc66529c28c05865d998785c03bcd1_5569.jpg
IP 104.21.1.203:0
GET /extban/323908020/creatives/23580734/abfc66529c28c05865d998785c03bcd1_5569.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: image/jpeg
last-modified: Sun, 05 Feb 2023 21:22:08 GMT
etag: W/"63e01e00-10dd8"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 4236
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxOKQnALAS%2FJb%2FmqWINGfw50emBqa2Qkf2CC6clcTJZaB1c7ZURtmXfbTlu4htWnNG5p1BvFuPpU6tpM7euDViuDKG47U%2FB1A1MrJk6N9QmYrUkuEVVZ1WWEdzpHZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b8fc05b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnativ.com/extban/323908020/creatives/23580746/abfc66529c28c05865d998785c03bcd1_4719.jpg
104.21.1.203200 OK 0 B URL HTTP/2 cdnativ.com/extban/323908020/creatives/23580746/abfc66529c28c05865d998785c03bcd1_4719.jpg
IP 104.21.1.203:0
GET /extban/323908020/creatives/23580746/abfc66529c28c05865d998785c03bcd1_4719.jpg HTTP/1.1
Host: cdnativ.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mixdrop.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 13:06:24 GMT
content-type: image/jpeg
last-modified: Sun, 05 Feb 2023 21:32:24 GMT
etag: W/"63e02068-10dd8"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 6010
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKLULiuBFW9tJQJE8uS%2FIUYHOdCqnMq5q0e0v4zvGrEnZsEELSJnd2W9CGZYX%2FsZ84pc%2Bncu9S1eVK2B981NZmyHfUMxL9DaI4%2BtJ2CImXZ7tbHDh0RF01kJprLYJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795c57b91c3cb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2