firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 05:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wwxZ7H1scDogLdorLELXmhSvimZs0FXWTyWnxXZwmq8NefGPCFeVag==
Age: 2074
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13372
Expires: Tue, 27 Sep 2022 09:32:56 GMT
Date: Tue, 27 Sep 2022 05:50:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Mon, 26 Sep 2022 09:17:07 GMT
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 18q_4j1X3m26RImyCinL-fgl0Kc-cX9v6vEJCg0RWzKqLSiGggOD8Q==
age: 73978
X-Firefox-Spdy: h2
xdesert3dgamex.com/Purb99d0745f9c8757824933c881516f6b51678e7f13f?q=Vmware+Player+12+Key&s3=Vmware+Player+12+Key&s2=mmaa&s1=1fHsiY20iOiJNYWMiLCJzcyI6IjE2NjI2ODAzOTAiLCJycyI6IjI1ODciLCJkcyI6IjEzOTQ2NiJ9fA
188.72.236.136302 Found 119 B URL HTTP/1.1 xdesert3dgamex.com/Purb99d0745f9c8757824933c881516f6b51678e7f13f?q=Vmware+Player+12+Key&s3=Vmware+Player+12+Key&s2=mmaa&s1=1fHsiY20iOiJNYWMiLCJzcyI6IjE2NjI2ODAzOTAiLCJycyI6IjI1ODciLCJkcyI6IjEzOTQ2NiJ9fA
IP 188.72.236.136:0
File type HTML document, ASCII text
Hash c60cebb08bf65eda845f6f9c3b52e2b8
e48f864380b100f98637ea18fb991ca9626d0e5f
1f746027dadb7029828609b0e6e9a10f6389cf7a10a67d0e7c9938173d12386f
GET /Purb99d0745f9c8757824933c881516f6b51678e7f13f?q=Vmware+Player+12+Key&s3=Vmware+Player+12+Key&s2=mmaa&s1=1fHsiY20iOiJNYWMiLCJzcyI6IjE2NjI2ODAzOTAiLCJycyI6IjI1ODciLCJkcyI6IjEzOTQ2NiJ9fA HTTP/1.1
Host: xdesert3dgamex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 27 Sep 2022 05:50:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 119
Connection: keep-alive
Location: http://click-v4.expmdiadi.com/click?i=y4jvP*w*uXc_0&aff_sub=AAyPMmPgiAAAtlQCAE5PFgAMADFSnPEA
Set-Cookie: bd_context=kh8/XzBfHA+5HtqkM74K8NDXfE66SjaLYU9CBX28fNsMzl+HQ8eHvr4LNmwYl5Wecz79D9QZm1I8tcLTE8REAU61zepOp8524yvQvFMQ4DPHQGU5cwVzwtuz8S5zRFJZpMen9eCFnqK+de5Sti0/bzSbt3AtK8g/W+/fH4vnOHjhsSSLkVXCaY2Gv8csVD9fCAP9xy52oYIQd9KD60l6U8cEiEMQf8zIT8qgvsCKeHQOpAad8gwc/HYI5FTpqS6gX/yesLQ9qnXSpSQJZ9QBOMgKnWkJeb2Pj1Rtv0a2WzjFQeQVB85F2K3fy0BaXjDR8wkIPgcFJ9waow==; Expires=Wed, 27 Sep 2023 05:50:04 GMT
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 05:50:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 05:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 05:38:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Go24fgq8EbdSP1jOoaR2eRbTnRnENoKPe7gzJVzii5bMc1EN4FRmUg==
Age: 2358
click-v4.expmdiadi.com/click?i=y4jvP*w*uXc_0&aff_sub=AAyPMmPgiAAAtlQCAE5PFgAMADFSnPEA
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.expmdiadi.com/click?i=y4jvP*w*uXc_0&aff_sub=AAyPMmPgiAAAtlQCAE5PFgAMADFSnPEA
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=y4jvP*w*uXc_0&aff_sub=AAyPMmPgiAAAtlQCAE5PFgAMADFSnPEA HTTP/1.1
Host: click-v4.expmdiadi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://c.srvpcn.com/click?id=ccp8u33jdlhrai4rdupg&e=77e65496-0354-47e8-b6ff-dc7aaca436ef&px=233
Pragma: no-cache
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2682
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:50:05 GMT
Last-Modified: Tue, 27 Sep 2022 05:05:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
c.srvpcn.com/click?id=ccp8u33jdlhrai4rdupg&e=77e65496-0354-47e8-b6ff-dc7aaca436ef&px=233
34.229.37.125303 See Other 0 B URL HTTP/1.1 c.srvpcn.com/click?id=ccp8u33jdlhrai4rdupg&e=77e65496-0354-47e8-b6ff-dc7aaca436ef&px=233
IP 34.229.37.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?id=ccp8u33jdlhrai4rdupg&e=77e65496-0354-47e8-b6ff-dc7aaca436ef&px=233 HTTP/1.1
Host: c.srvpcn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Length: 0
Connection: keep-alive
Location: http://eu.dspsuper.com/api/submit_form_request?p=20ed0d18-320b-4d2a-81ef-04ad766ef95e&ts=1664257804&z=3294095
eu.dspsuper.com/api/submit_form_request?p=20ed0d18-320b-4d2a-81ef-04ad766ef95e&ts=1664257804&z=3294095
139.45.195.207200 OK 5.7 kB URL HTTP/1.1 eu.dspsuper.com/api/submit_form_request?p=20ed0d18-320b-4d2a-81ef-04ad766ef95e&ts=1664257804&z=3294095
IP 139.45.195.207:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4753)
Hash 467f9bd1d8ce32c827ef496db0da4d41
24ffa65ff644dfbd3e35aaeae6a8fad347d67568
211fa981f23dda53f8ad8f442890bc894eff264f280e2691c3dcaaebf3dbe2c5
Analyzer Verdict Alert quad9 Sinkholed
GET /api/submit_form_request?p=20ed0d18-320b-4d2a-81ef-04ad766ef95e&ts=1664257804&z=3294095 HTTP/1.1
Host: eu.dspsuper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
push.services.mozilla.com/
35.81.125.88101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.125.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L6HsEtnnQh0e7lL+m799Dw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: axnr4ze8LQMkTjEEOx6QCArvQPQ=
eu.dspsuper.com/favicon.ico
139.45.195.207404 Not Found 19 B URL HTTP/1.1 eu.dspsuper.com/favicon.ico
IP 139.45.195.207:0
Hash 595e88012a6521aae3e12cbebe76eb9e
da3968197e7bf67aa45a77515b52ba2710c5fc34
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: eu.dspsuper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eu.dspsuper.com/api/submit_form_request?p=20ed0d18-320b-4d2a-81ef-04ad766ef95e&ts=1664257804&z=3294095
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19
Connection: keep-alive
X-Content-Type-Options: nosniff
cdntechone.com/api/rt/log/add?cid=8f84b9da-ff11-404b-8d52-84563b1aa612
104.21.29.183200 OK 12 B URL HTTP/1.1 cdntechone.com/api/rt/log/add?cid=8f84b9da-ff11-404b-8d52-84563b1aa612
IP 104.21.29.183:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /api/rt/log/add?cid=8f84b9da-ff11-404b-8d52-84563b1aa612 HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://eu.dspsuper.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://eu.dspsuper.com
Content-Length: 1582
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://eu.dspsuper.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7m75aVy70CO0vvxxP0UUSCpQjIjG%2BavcKLd7F%2F9LB0rrrb3CXCyC8rHlhTlfb%2Bxh0u0tm7gkHUqYLKp2dbVfPqOFF%2BRsAFUFZGk7t%2FsVlkptVl8NvOECr46trBXBd3trw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511f5b49ec6b50f-OSL
alt-svc: h2=":443"; ma=60
eu.dspsuper.com/api/win_request?ad_scheme=1&p=20ed0d18-320b-4d2a-81ef-04ad766ef95e&hil=1&ng=1&ix=0&pt=0&np=0&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Feu.dspsuper.com%2Fapi%2Fsubmit_form_request%3Fp%3D20ed0d18-320b-4d2a-81ef-04ad766ef95e%26ts%3D1664257804%26z%3D3294095&wy=-1&wx=-1&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&navlng=en-US&rf=&wgl=&as=2
139.45.195.207301 Moved Permanently 55 B URL HTTP/1.1 eu.dspsuper.com/api/win_request?ad_scheme=1&p=20ed0d18-320b-4d2a-81ef-04ad766ef95e&hil=1&ng=1&ix=0&pt=0&np=0&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Feu.dspsuper.com%2Fapi%2Fsubmit_form_request%3Fp%3D20ed0d18-320b-4d2a-81ef-04ad766ef95e%26ts%3D1664257804%26z%3D3294095&wy=-1&wx=-1&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&navlng=en-US&rf=&wgl=&as=2
IP 139.45.195.207:0
File type HTML document, ASCII text
Hash 63aff6a34555160972d500b2a9149f18
c14c848234f2fb4463e9d1f19662339f3e1a0c05
49f8e6157f6d69cb0d6322212451856ba1cd975d10d4dbc2dc24a2ca79282769
Analyzer Verdict Alert quad9 Sinkholed
GET /api/win_request?ad_scheme=1&p=20ed0d18-320b-4d2a-81ef-04ad766ef95e&hil=1&ng=1&ix=0&pt=0&np=0&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Feu.dspsuper.com%2Fapi%2Fsubmit_form_request%3Fp%3D20ed0d18-320b-4d2a-81ef-04ad766ef95e%26ts%3D1664257804%26z%3D3294095&wy=-1&wx=-1&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&navlng=en-US&rf=&wgl=&as=2 HTTP/1.1
Host: eu.dspsuper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eu.dspsuper.com/api/reverse?var=3294095&feedId=803
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 55
Connection: keep-alive
Location: http://garys-mod.ru/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
garys-mod.ru/wp-content/themes/34189/css/style.css?v=0.44
104.21.15.107200 OK 6.0 kB URL HTTP/1.1 garys-mod.ru/wp-content/themes/34189/css/style.css?v=0.44
IP 104.21.15.107:0
File type ASCII text, with very long lines (30577), with no line terminators
Hash 5611c2b37e44ec2a788167e30565c4db
04e39a5c77dc92b0e3c3141727ae06fdc2d90948
1150a085a26428ec741958147a730c21ac8de470c4c16c1e3f57e3e78759803e
GET /wp-content/themes/34189/css/style.css?v=0.44 HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 06:25:01 GMT
ETag: W/"632416bd-7771"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 564483
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liey5XNCHgMbuTSX5bpAnO3IwjZgizhlOS5qX7JKiBDvV6CsiaXikiz0l81xyGWZI9l%2BixDylqqchDrRQouS3mgKWqUOOxVtZB%2Fn6IdOaAuBAJXbA%2FHzchxd99MCFAo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b66a52b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
garys-mod.ru/
104.21.15.107200 OK 13 kB IP 104.21.15.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (763), with CRLF, LF line terminators
Hash 0e0a782145b4ba48372ab237549488da
328e908370eb4d4322d6ca760e832a461bc8f19c
098e7ee9d579215c51f660f29432f387ed403097c029dd6ce9f13ecd15b6d284
GET / HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://eu.dspsuper.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfVIqZC0uKKTdAjhCqeGLEfWOvMQH1ACgls0wsfHFEgTd26GCHcxMtYuEW56FeRcgQdsQwWmRDeiAudPENOxpqOv04IjOHi%2FkL25EApkWkxNqhJbrSjIwNxhX0Xp2N4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511f5b5aecf0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
garys-mod.ru/wp-content/plugins/custom-page-cache/public/css/custom-page-cache-public.css?ver=1.2.7
104.21.15.107200 OK 105 B URL HTTP/1.1 garys-mod.ru/wp-content/plugins/custom-page-cache/public/css/custom-page-cache-public.css?ver=1.2.7
IP 104.21.15.107:0
Hash db00954ab1d34aed4721e781a9363feb
2aeddaf6c7b8bae7525974e3f627c9e4aeb021a6
539d9b96870c22ccaf0465b154e95faff2da03d1437050027ccd19ca269338cc
GET /wp-content/plugins/custom-page-cache/public/css/custom-page-cache-public.css?ver=1.2.7 HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 06:24:26 GMT
ETag: W/"6324169a-62"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 329300
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMg6xjQdFwaMVpIYLhuEZBig3U5oV5zkyNQ7HjW9HgQXMIV27D4LpQy32wLNSSaswhJHEuouHpCV9xzV0%2FS7%2FaWFz9JPi%2FcI35ZlilWhNPU7rmejb9lQPwkT046m8tA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b66fddfac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
garys-mod.ru/wp-content/themes/34189/js/app.js?v=1.7
104.21.15.107200 OK 1.2 kB URL HTTP/1.1 garys-mod.ru/wp-content/themes/34189/js/app.js?v=1.7
IP 104.21.15.107:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 019ee2f035628b479147ece84e770a8a
da451db9c76b82fdd8938d4b8a6fe0b30f56a844
f9308892ec0f69e18451d9a2f15e478022a0628ec16f59fbfe90c582de5f50c1
GET /wp-content/themes/34189/js/app.js?v=1.7 HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 06:25:01 GMT
ETag: W/"632416bd-e17"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 564483
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2Bp97%2FVg8domZAUZmkDsEw0q6hlAjIEWPaIBQSeENqogtSDfxhjxy1LsyHVVZciS28XcwE5l9kPtbRaFgyzB3AAGYjY6yiic6rRwCT%2FlS3AZuGFAddJpl05WInI3OgI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b69faf0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
garys-mod.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.15.107200 OK 655 B URL HTTP/1.1 garys-mod.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.15.107:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 11:11:52 GMT
ETag: W/"633188f8-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6Hm0egRz2DlqaZ8TJVH1E6imp0Z2L5G7ysm92yrCwkgvDNW%2FKSNcgGuBbFoDL3EMzFRQQhCCoa3mXk7WAL2WizcEmNmFPiE9OwKJV%2FMh9XNr2EAq5wwsUNDkiux5to%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b69d2bb523-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Thu, 29 Sep 2022 05:50:05 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
garys-mod.ru/wp-content/plugins/ttgambling-geo-apk/admin/css/public.css?ver=1664197836
104.21.15.107200 OK 125 B URL HTTP/1.1 garys-mod.ru/wp-content/plugins/ttgambling-geo-apk/admin/css/public.css?ver=1664197836
IP 104.21.15.107:0
Hash 1809f5150a4a6a544ad46e59f69ee3a1
a84e6ba47ad10a25062a2183231cbbf54c1cde79
81cb83c71a815b5b4bcb4cd87bf4a5de7f83059ad1247711c944ee0301702ce8
GET /wp-content/plugins/ttgambling-geo-apk/admin/css/public.css?ver=1664197836 HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 06:24:26 GMT
ETag: W/"6324169a-a0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 56766
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIgyh1TAcFi%2BJRG14YyRHHFNRkJKRqS42kVKQg6x%2BRT11CTOMU1WVb2FVIGy9YBP35huxYY%2Bdy%2FXKgWHSIWir6B02rc9dQsSuS1oS4bsqoGDz4hSmMzVF8jiC5J4ycA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b69aadb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:50:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
garys-mod.ru/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js
104.21.15.107200 OK 1.6 kB URL HTTP/1.1 garys-mod.ru/wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js
IP 104.21.15.107:0
File type ASCII text, with very long lines (4058), with no line terminators
Hash 4d84a3594141973b03038bc72b0a3087
0ad648edeaf65d77ed0b2c8a6918fb2c26d58aaa
ecec02e9945c99897f4711b8f7dd1b43274070a5b39380dd1588e1fd7e5b9908
GET /wp-content/plugins/rocket-lazy-load/assets/js/lazyload-10.11.1.min.js HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 06:23:32 GMT
ETag: W/"63241664-fda"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 564483
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF2PhyQqS3e0xL2pXVlnmv2DUS6hHwNdK%2BWDfPNdofxnI2ILiNxRIbDZ%2BZlFz3ZXRXegGjUBuO7p2SynMEX%2FlYqQWqq6EjVD3kHWT%2FXlZdWTuolJlYdkDA%2Ftq3ZU%2F6M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b6cb25b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
garys-mod.ru/wp-content/uploads/sites/34189/logo-test.jpg
104.21.15.107200 OK 6.2 kB URL HTTP/1.1 garys-mod.ru/wp-content/uploads/sites/34189/logo-test.jpg
IP 104.21.15.107:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 423x143, components 3\012- data
Hash 02ee4deb0b0e63b8ff52d231010ef9c7
9582c85fdd18e8663d3ae2faa2d3fc619ba547c4
6ea32de814c8f666afb1c8d7590d2741d92a4aa4a5a4230e3d6a60b35d537b96
GET /wp-content/uploads/sites/34189/logo-test.jpg HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: image/jpeg
Content-Length: 6174
Connection: keep-alive
Last-Modified: Thu, 16 Sep 2021 14:56:21 GMT
ETag: "61435b15-181e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 329300
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTbQlunGNoOMpzVbYH4hYcZI0Wd9zoj1Ac0CzkbtamIaaU2O%2BGCDAq%2F%2Flh5ZsS4%2BLwyPEwgzDHCv2HWuQRr3qnksnPOkCTN74%2BgWXavaKCuj0F6h0%2FjcU07zHHcIPFc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b6fb4ab524-OSL
alt-svc: h2=":443"; ma=60
garys-mod.ru/wp-content/uploads/sites/34189/favicon-1.png
104.21.15.107200 OK 20 kB URL HTTP/1.1 garys-mod.ru/wp-content/uploads/sites/34189/favicon-1.png
IP 104.21.15.107:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e44298495e12c3f3af686dc6a992589
b8ad19f919d75782f6e68654d797b1d8c51f7a07
c515bbc866342b26e705e37d2013f0eebe096716c105b7b9b175ddc5329ce58e
GET /wp-content/uploads/sites/34189/favicon-1.png HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: image/png
Content-Length: 19693
Connection: keep-alive
Last-Modified: Tue, 21 Sep 2021 12:50:13 GMT
ETag: "6149d505-4ced"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 358625
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kM2WHekxCboq2pUFyctBys4c0QWeNbSFj4mmgo%2FtaKPYucURrWI3L9aE9UGf9sGuoIegtXKT%2BsD9ocyJcVhqPOukkwdq3rV3k%2FXaUybcwZEwTzyfaeBySEBABNucq4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b72b89b524-OSL
alt-svc: h2=":443"; ma=60
garys-mod.ru/wp-content/uploads/sites/34189/2015/09/Genie-Wild-100x60.png
104.21.15.107200 OK 17 kB URL HTTP/1.1 garys-mod.ru/wp-content/uploads/sites/34189/2015/09/Genie-Wild-100x60.png
IP 104.21.15.107:0
File type PNG image data, 100 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 613a9ce54b23fed59615543a6dc0c864
4685ee5f8635a4e387c882dbed3d439cbe0e00a3
edc4cf70b4931f7cd81ddb91e4045e3591684b573c9125f4e6c6df4fcc0eb0a3
GET /wp-content/uploads/sites/34189/2015/09/Genie-Wild-100x60.png HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: image/png
Content-Length: 16823
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 05:17:51 GMT
ETag: "61778f7f-41b7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 329164
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOnzXgvbfWVNL0EM0zJttVGAgi1NIF1beiGInNRF%2F7e%2BG1D4BsrG0famduc8QpP4f3mu%2Fp3vrrO7gIRiUoNKjKepVc4QdcQ8KyfW0fpY%2FRr6ymduVIQNoJVCuqB4YFI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b738460b55-OSL
alt-svc: h2=":443"; ma=60
garys-mod.ru/wp-content/uploads/sites/34189/logo-immortal-romance-microgaming-slot-100x60.jpg
104.21.15.107200 OK 2.6 kB URL HTTP/1.1 garys-mod.ru/wp-content/uploads/sites/34189/logo-immortal-romance-microgaming-slot-100x60.jpg
IP 104.21.15.107:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x60, components 3\012- data
Hash e783eb505bbd23c75aebd7b3a8dbda8d
a2c299a7425294257fd6e344336fa719f3d208d3
cfd021d5c7408d62b595ba1cfc215e41f1e09e21d01c4293a28a39f32c48affb
GET /wp-content/uploads/sites/34189/logo-immortal-romance-microgaming-slot-100x60.jpg HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: image/jpeg
Content-Length: 2565
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 05:16:50 GMT
ETag: "61778f42-a05"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 329165
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BylVuNIyI5UeILoxuTAXFXdlfJhEsqGpPqMHEgSu4GMTmiL4YObvF6%2F8NmOAjSQ8azLgDAnkw8mKEvbMBVV%2BGQnPLf52eCYEjbiVAohW%2FgfGgMeZJcgK2SZQx2ca6B8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b72824fac0-OSL
alt-svc: h2=":443"; ma=60
garys-mod.ru/wp-content/uploads/sites/34189/2015/09/Gold-Factory-100x60.png
104.21.15.107200 OK 16 kB URL HTTP/1.1 garys-mod.ru/wp-content/uploads/sites/34189/2015/09/Gold-Factory-100x60.png
IP 104.21.15.107:0
File type PNG image data, 100 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 481cc5bef76acfa74bcb159323fbcd3f
ce1329178227413e6a3574d8c8a3b3345574b48d
d49c6f927b996c10af6186169283f6e4dcc54614327eb0952181dfcbc011a0f6
GET /wp-content/uploads/sites/34189/2015/09/Gold-Factory-100x60.png HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: image/png
Content-Length: 16149
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 05:17:46 GMT
ETag: "61778f7a-3f15"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 564482
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMnIU4KCKeoxziCUxIgO%2FmlkMERQ9uzqQ%2B82zmDVlTwLZ3Zh6mUZDuHeaP7KhwwvuKoIBVK44XN367oHz7RWSv9ydiMrRzD8FAKwbA1hAJLxGWQn%2B%2BoeCaCKYkwXI5w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b72e0eb523-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:50:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
garys-mod.ru/wp-content/uploads/sites/34189/Hall-of-Gods-NetEnt-100x60.jpg
104.21.15.107200 OK 3.8 kB URL HTTP/1.1 garys-mod.ru/wp-content/uploads/sites/34189/Hall-of-Gods-NetEnt-100x60.jpg
IP 104.21.15.107:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 100x60, components 3\012- data
Hash e5cfe9605c5ca86373fb72a8cbd36f05
e84e0479f99f02f343a10635053c9e0e27ba0e0a
a96762d491add3f6132c1db29e964edd6517ecbd515b037f4880f0321d6967a1
GET /wp-content/uploads/sites/34189/Hall-of-Gods-NetEnt-100x60.jpg HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: image/jpeg
Content-Length: 3823
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 05:16:54 GMT
ETag: "61778f46-eef"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 329165
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnBELQNbI1DH2sr926rfwixSdxUPbils742DbFRWAPIyt%2FGMX9r%2FIhPHIoAy8pAcKFq1C49N4sHz6FiCXp%2FshhQgbRCHyj%2B0nDeluH1T8CQYtHkP59J1U4tGjh99YNM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b73ba2b524-OSL
alt-svc: h2=":443"; ma=60
garys-mod.ru/wp-content/uploads/sites/34189/2015/09/Dolphin-Reef-100x60.png
104.21.15.107200 OK 16 kB URL HTTP/1.1 garys-mod.ru/wp-content/uploads/sites/34189/2015/09/Dolphin-Reef-100x60.png
IP 104.21.15.107:0
File type PNG image data, 100 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ecd35231ed7a61cfc128cf3b71abc52
99163a4f706b5be19b9cdfb849076d9ca98fb92d
fa115e99557a4e9ea527aeda54699df8065f630e53fa8b879c59fb588a154740
GET /wp-content/uploads/sites/34189/2015/09/Dolphin-Reef-100x60.png HTTP/1.1
Host: garys-mod.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://garys-mod.ru/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:50:05 GMT
Content-Type: image/png
Content-Length: 15471
Connection: keep-alive
Last-Modified: Tue, 26 Oct 2021 05:18:07 GMT
ETag: "61778f8f-3c6f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 329164
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqB7ioz4c48EX05tvGnQFCP%2Bp2USgkC7JexRm38NNN4uFG105NUBi8HWTdhOUDFedY7skfEzjc2nJXQx41oxYq1%2Bp1f%2BbaRzyHekjVtWZrQHN2M35xZmDGydT3nanFU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511f5b73e4bb4f9-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://garys-mod.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 468958
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://garys-mod.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:19:49 GMT
expires: Fri, 22 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 430217
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://garys-mod.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:41 GMT
expires: Thu, 21 Sep 2023 19:34:41 GMT
cache-control: public, max-age=31536000
age: 468925
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://garys-mod.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 468958
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8558
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 05:50:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8558
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 05:50:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8558
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 05:50:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4197a8a505b360b0c43142faf8cb7f48
4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dVs6mb-XGvvd4DXu8yFwO11iheR3QU3O3jFpxjcHZnWCc6jlXpx0Rg==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:54 GMT
age: 28692
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 28686
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 28848
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 58895
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 17051
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e56f576ce4c320252cd028a38a1e4bde
8fbe2856a3e05ae7c45f4e35944d2835d47e4284
dc5783e5d50e89d2b9c72dea55751a64157dbc9ec9be85383a6df10b5ec1a602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5142
x-amzn-requestid: 5b86b092-ff60-476c-855a-d32d5f10f115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yvz1CGInoAMF0Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296686-79e9a4cb75289e1b0785d4fc;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:06:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5uKkOdNToKayXi19pWBWrEwBYSj3NzbjLeE1qjhr8qqCapb_pGRD8g==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:50:22 GMT
age: 28784
etag: "8fbe2856a3e05ae7c45f4e35944d2835d47e4284"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdntechone.com/stattaglight.js
104.21.29.183200 OK 0 B URL HTTP/2 cdntechone.com/stattaglight.js
IP 104.21.29.183:0
GET /stattaglight.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://eu.dspsuper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:50:05 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:17:49 GMT
etag: W/"62ebe31d-aeb8"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5172
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyWEuNOToI1Iu8mfLPOjUQw91Ni%2BgfORfn3VNAOhLkrXFTZ%2FHr%2F2fVG1u9TfG97eeXA7pBWoO8HLmjMi%2B3fldKaGSW1Y7Zh1cPpE25UffQ%2B8XI%2F%2FWPO1MKJQf%2BqoYesZcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7511f5b309111bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,700&display=swap
IP 142.250.74.10:0
GET /css2?family=Roboto:ital,wght@0,400;0,700;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://garys-mod.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 05:50:05 GMT
date: Tue, 27 Sep 2022 05:50:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2