firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 20:50:37 GMT
Expires: Sun, 16 Oct 2022 21:28:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BX4_sxQgZVZYfWolxvAHNjpfF2cB6km7e0k8wVZsz4dXlNhE8bwlqw==
Age: 19
staranime0.blogspot.com/2020/03/koe-no-katachi.html?m=1
142.250.74.161301 Moved Permanently 202 B URL HTTP/1.1 staranime0.blogspot.com/2020/03/koe-no-katachi.html?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f6566dfc3e23c22665d6f8d95b64c25
96bdbb0ff23da29b963ae60584676f100fad9d58
d50b631f40ade6f9ee25118c4be286ec8568513ecee1fa922dd9d1634f58b1e8
GET /2020/03/koe-no-katachi.html?m=1 HTTP/1.1
Host: staranime0.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://staranime0.blogspot.com/2020/03/koe-no-katachi.html?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 16 Oct 2022 20:50:56 GMT
Expires: Sun, 16 Oct 2022 20:50:56 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 202
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13521
Expires: Mon, 17 Oct 2022 00:36:17 GMT
Date: Sun, 16 Oct 2022 20:50:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7608
Expires: Sun, 16 Oct 2022 22:57:44 GMT
Date: Sun, 16 Oct 2022 20:50:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R7AlS1LSNAnxj6poLW5DJalRqVCSSGBTqFe/vKPBshs1NEM//lBomdZWmzOlM4teOi59PObq4m8=
x-amz-request-id: 9HFK2YTFX25R64N1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 20:35:11 GMT
age: 945
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ed90e568961ed60a49c95f5dbcc49001
6da9fa63944af0938cfa6f10559a23a180bcd477
27be253e41406aa1831f32e3ff5ef59a934b4d796147d7dae258f8b188969ea0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
staranime0.blogspot.com/2020/03/koe-no-katachi.html?m=1
142.250.74.161200 OK 8.6 kB URL HTTP/2 staranime0.blogspot.com/2020/03/koe-no-katachi.html?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6719)
Hash 01d89c576a51a75a0296a9ee6f83c590
138ab2e94495a81cfbc699c04e770ae5340e8e00
a820cc6aaef1ec7ca189460303c7e1f3ee45038d9d58d0a098c05b52b8de0d3f
GET /2020/03/koe-no-katachi.html?m=1 HTTP/1.1
Host: staranime0.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 16 Oct 2022 20:50:56 GMT
date: Sun, 16 Oct 2022 20:50:56 GMT
cache-control: private, max-age=0
last-modified: Tue, 30 Aug 2022 21:58:55 GMT
etag: W/"ef424a02a4671ab36b0722282ddc220cbda8c131ee0fa0fb67370ed1fcf7ffb3"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 8581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ed90e568961ed60a49c95f5dbcc49001
6da9fa63944af0938cfa6f10559a23a180bcd477
27be253e41406aa1831f32e3ff5ef59a934b4d796147d7dae258f8b188969ea0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staranime0.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/2 staranime0.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: staranime0.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staranime0.blogspot.com/2020/03/koe-no-katachi.html?m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 16 Oct 2022 20:50:56 GMT
expires: Sun, 23 Oct 2022 20:50:56 GMT
cache-control: public, max-age=604800
last-modified: Sun, 16 Oct 2022 18:51:33 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6d2abc1cad422cde0ca979cb4ec2a6f3
ac94a144d5e7042a63205cac83d8708a074934a4
74fc961bfa1c4f2be02481536d37167414552867779f300beedbfbf284b275fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1692583463-widget_css_mobile_2_bundle_rtl.css
216.58.207.201200 OK 4.9 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1692583463-widget_css_mobile_2_bundle_rtl.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (20454)
Hash 07c30d522b7c5b9a1892725a207d5ecd
128a822a273ae9d56120aefc8c433b60416f6219
1d0fd6d598ef09e9a928f4a674901f2d2bca0ec3dbd48d90e9580623967f3051
GET /static/v1/widgets/1692583463-widget_css_mobile_2_bundle_rtl.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staranime0.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 4934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:59:27 GMT
expires: Thu, 12 Oct 2023 19:59:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 12 Oct 2022 17:57:47 GMT
content-type: text/css
age: 348689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6d2abc1cad422cde0ca979cb4ec2a6f3
ac94a144d5e7042a63205cac83d8708a074934a4
74fc961bfa1c4f2be02481536d37167414552867779f300beedbfbf284b275fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaec157896b4103f8d4d6d7322b18b9d
45f4cc9bf0c5cc04ae4388682a8e058f58e30666
1b51a26aecfb438b88ca21570614048ec6232aafc94ee1049846dda6e868c400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 16 Oct 2022 20:07:43 GMT
Expires: Sun, 16 Oct 2022 20:43:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PsYks00nJXI3duUFnrzciUO5bUqrjgpzqaVsU8nnGSZ5wEds4WkzsQ==
Age: 2593
www.blogger.com/static/v1/widgets/1583485740-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1583485740-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 51e9765a21d04965e256c5c0391baa23
64a603f8621455aca30ce9ffbcf57ec255a1c606
d3ffeaf05e015d956c69cc71a2f40f0a2336989bf0f09df1fef010cfa75b64bd
GET /static/v1/widgets/1583485740-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staranime0.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56805
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 02:07:46 GMT
expires: Tue, 10 Oct 2023 02:07:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 10 Oct 2022 00:52:13 GMT
content-type: text/javascript
age: 585790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d5e1a7834b32574197a3a44607703295
613a288c3a6055e90a311eac80d2e5c5a7bae48c
f7c4002de77931f6f925c2c04ff7a980014179ee0178c9f797205b2e809c241a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165833
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Etag: "634c5379-117"
Expires: Tue, 18 Oct 2022 18:54:49 GMT
Last-Modified: Sun, 16 Oct 2022 18:54:49 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6d2abc1cad422cde0ca979cb4ec2a6f3
ac94a144d5e7042a63205cac83d8708a074934a4
74fc961bfa1c4f2be02481536d37167414552867779f300beedbfbf284b275fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f05f7d85c5d7c2aa09651804f80a019
cd118fbc41657bfdf0fcfb9e3a4a2813f3b08e5b
76a6c1ae0a435403ac10b6478f029bb8b871dbdcc2a2c7e3e97b56982a9767e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfc92c8f6ee7599505d969732542ac42
7f4804d49c8ccd76ccffa6b72d41b1df611eb090
406c057a8392b9fa0ab09efa8b3222a58ec5fc17fa73f55a1f093e3d1092b0e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1596
Cache-Control: max-age=128547
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:56 GMT
Etag: "634bbb97-1d7"
Expires: Tue, 18 Oct 2022 08:33:23 GMT
Last-Modified: Sun, 16 Oct 2022 08:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.130200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.130:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staranime0.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Sat, 15 Oct 2022 22:18:05 GMT
expires: Sat, 29 Oct 2022 22:18:05 GMT
cache-control: public, max-age=1209600
age: 81171
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=4831367652138594185&zx=09b79afb-ca17-472a-aefb-ac0cff955239
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=4831367652138594185&zx=09b79afb-ca17-472a-aefb-ac0cff955239
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=4831367652138594185&zx=09b79afb-ca17-472a-aefb-ac0cff955239 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staranime0.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 20:50:56 GMT
last-modified: Sun, 16 Oct 2022 20:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f05f7d85c5d7c2aa09651804f80a019
cd118fbc41657bfdf0fcfb9e3a4a2813f3b08e5b
76a6c1ae0a435403ac10b6478f029bb8b871dbdcc2a2c7e3e97b56982a9767e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a502873a43ee6a0f65432299d75a13b
318bb6f67d77e3594e7e4c03b0a195a35601b55e
5e261109b63d9e1991366d633fcc8a213c2b950dc2fc71691f791944db08870a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5E261109B63D9E1991366D633FCC8A213C2B950DC2FC71691F791944DB08870A"
Last-Modified: Sat, 15 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18476
Expires: Mon, 17 Oct 2022 01:58:53 GMT
Date: Sun, 16 Oct 2022 20:50:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a502873a43ee6a0f65432299d75a13b
318bb6f67d77e3594e7e4c03b0a195a35601b55e
5e261109b63d9e1991366d633fcc8a213c2b950dc2fc71691f791944db08870a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5E261109B63D9E1991366D633FCC8A213C2B950DC2FC71691F791944DB08870A"
Last-Modified: Sat, 15 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18476
Expires: Mon, 17 Oct 2022 01:58:53 GMT
Date: Sun, 16 Oct 2022 20:50:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d5e1a7834b32574197a3a44607703295
613a288c3a6055e90a311eac80d2e5c5a7bae48c
f7c4002de77931f6f925c2c04ff7a980014179ee0178c9f797205b2e809c241a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=165833
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:57 GMT
Etag: "634c5379-117"
Expires: Tue, 18 Oct 2022 18:54:50 GMT
Last-Modified: Sun, 16 Oct 2022 18:54:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ex6ck4r+HrdJlP97WwfO+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: v3LdoohvV3WuaofY8ZRt+TKs31w=
images.fanart.tv/fanart/a-silent-voice-57d066f80a5c3.jpg
104.26.13.126200 OK 766 kB URL HTTP/2 images.fanart.tv/fanart/a-silent-voice-57d066f80a5c3.jpg
IP 104.26.13.126:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1661, bps=0, PhotometricIntepretation=CMYK, orientation=upper-left, width=1207], baseline, precision 8, 1000x1426, components 3\012- data
Size 766 kB (766200 bytes)
Hash 6b33d068893f0d886d54dcb7e3fcda50
a6e3ace6cc1881ce21335f53c6aa251b88b461f5
e9f706c97cbbe6cc18c2edbedec9344ba1f730f19661e83b4ebd7af8c0420e8a
GET /fanart/a-silent-voice-57d066f80a5c3.jpg HTTP/1.1
Host: images.fanart.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staranime0.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:57 GMT
content-type: image/jpeg
content-length: 766200
expires: Wed, 13 Oct 2032 20:50:57 GMT
cache-control: max-age=315360000
x-cache-status: HIT
cf-cache-status: MISS
last-modified: Sun, 16 Oct 2022 20:50:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZX0oCP%2FBzZNZ8iMs2KNArein8kH1SHfSc6YEXCJfyLnPeJIcHUY2FVL9w9%2FmX29XvGRjbBo5YhZiV6VCAsGmvlJZudWgjfBcliDUbU5UK57FyQyjcNC%2FDd8p38FxQwMGJyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3ab716ac3b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEiyl6eJwEj3LHf8IQAfNehBwnjKof4rHq0e81qfK4YslFOpdNOacgs7NR-pkBOPbC527U_eRsVZewgTJjC_1F-izMpVpKtti1TCK6OWyRI1Dlc0Nqp3PVRZN-7HMbfN-WgiZ9wUlgUSau-Y5Vc2AFyc3D8UsymKEaPiPTKaTJMtNPT_fojk25lniRi4Xw=s177
142.250.74.33200 OK 14 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEiyl6eJwEj3LHf8IQAfNehBwnjKof4rHq0e81qfK4YslFOpdNOacgs7NR-pkBOPbC527U_eRsVZewgTJjC_1F-izMpVpKtti1TCK6OWyRI1Dlc0Nqp3PVRZN-7HMbfN-WgiZ9wUlgUSau-Y5Vc2AFyc3D8UsymKEaPiPTKaTJMtNPT_fojk25lniRi4Xw=s177
IP 142.250.74.33:0
File type PNG image data, 177 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 5daca8a605c3139c2ad1cf890d2947cf
90551bec3ad52702fe7896821de8baf561cf85b5
fdf9a19650e36a8d2467d2690eb007f093b754cb6b0db5827af9dd53b751e383
GET /img/a/AVvXsEiyl6eJwEj3LHf8IQAfNehBwnjKof4rHq0e81qfK4YslFOpdNOacgs7NR-pkBOPbC527U_eRsVZewgTJjC_1F-izMpVpKtti1TCK6OWyRI1Dlc0Nqp3PVRZN-7HMbfN-WgiZ9wUlgUSau-Y5Vc2AFyc3D8UsymKEaPiPTKaTJMtNPT_fojk25lniRi4Xw=s177 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staranime0.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3c"
expires: Mon, 17 Oct 2022 20:50:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 20:50:57 GMT
server: fife
content-length: 14066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vedbam.xyz/embed-gs3aotnt8wr1.html
188.114.96.1200 OK 27 kB URL HTTP/2 vedbam.xyz/embed-gs3aotnt8wr1.html
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56078), with CRLF, LF line terminators
Hash e0ea251de30e9829f417fd16a4a39c19
bd5b8a1ad2728f6d2ca5f4882a9b6b57a757860c
fc157a64681214b38fcc2be970711c276979c191518e25fcc9f0e826debcb1eb
GET /embed-gs3aotnt8wr1.html HTTP/1.1
Host: vedbam.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staranime0.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:57 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 15 Oct 2022 20:50:57 GMT
set-cookie: lang=1; domain=.vedbam.xyz; path=/; HttpOnly
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snGO0d4W7pOGs2tAWAcZwNFhQ0VHndW9cxb6pNImXGnWSIZ2Qn%2BIh0WNXYJAe7CrSislltR3pizCJSVjt9w21yLX5Sd%2BXu7jj0JajRDeAoCaKrNp81MjYglgq%2B%2F%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b3ab733bd3b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.9 kB IP 142.250.74.3:0
Hash 8b1626bb8d0f2298b9e540ff47cd40bc
35f0d7d5b8e2babd5cb853e6818e09bae90c0967
40fcaf54b206523a2876d55152307b5b91c76b1b2cbe8330fd4e8cf432fecc22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 105 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Size 105 kB (104722 bytes)
Hash 9c2c815fb923caa1ce24f45620815d1b
d7f29f94d3f3d9d0a11ddb5634a29dfcb62bd2e9
cc0ca37b66061c479c3f4f5ba107607477541a093afb373f97a34377b713f379
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F11D91BFE605D501214FF6A7C4A140A6C12591A70181B72F69E70046909ADB53"
Last-Modified: Sat, 15 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1060
Expires: Sun, 16 Oct 2022 21:08:37 GMT
Date: Sun, 16 Oct 2022 20:50:57 GMT
Connection: keep-alive
img.vadbam.com/gs3aotnt8wr1_xt.jpg
104.21.9.14200 OK 43 kB URL HTTP/2 img.vadbam.com/gs3aotnt8wr1_xt.jpg
IP 104.21.9.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x324, components 3\012- data
Hash 0c9ec59b3d8c59b7fcf16f94f82b338a
5a69e8c0a4d538fed5af8b5ca5843b891349a6eb
c2565507ca6851b3f34d9cda6b51a14404398b30425197806ce6e6272c518f8c
GET /gs3aotnt8wr1_xt.jpg HTTP/1.1
Host: img.vadbam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:57 GMT
content-type: image/jpeg
content-length: 42881
last-modified: Wed, 15 Jun 2022 17:00:07 GMT
etag: "62aa1017-a781"
expires: Sun, 30 Oct 2022 14:30:54 GMT
cache-control: max-age=1209600
strict-transport-security: max-age=60
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftm5FhnIBaOKkMR0QEo%2B8NR7K8GmfQcKgWix%2B3b%2Bba0kmJLMzGzHX8wpTacByF%2BRCODoYrZ7%2FnTppNvUhwbYchNk1x9jZuH9d2KfmcKnXehzpu%2FcHuKoMkZbgayWIRH6hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3ab752964b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oy.taluktotally.com/r6344086d2d2c76344086d2d2c8/40334
172.255.6.56200 OK 25 B URL HTTP/1.1 oy.taluktotally.com/r6344086d2d2c76344086d2d2c8/40334
IP 172.255.6.56:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /r6344086d2d2c76344086d2d2c8/40334 HTTP/1.1
Host: oy.taluktotally.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Oct 2022 20:50:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://vedbam.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 17-Oct-2022 20:50:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 17-Oct-2022 20:50:57 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ece3232ddf17e3ee78a26b7429fcaf6c
cd69d122468f106a9be678c6ff97cf21662851bb
e65eca3fd60cbd12db0e3a3d0bab93e9109e977eb34d0de491fe0aaac3f7a764
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E65ECA3FD60CBD12DB0E3A3D0BAB93E9109E977EB34D0DE491FE0AAAC3F7A764"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5089
Expires: Sun, 16 Oct 2022 22:15:46 GMT
Date: Sun, 16 Oct 2022 20:50:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b0c3b35f76840c4c94d30da745be364
47ca214a8a79141ca027dd6992d25fcc37a520ec
eb041d4757b32e52479ca619001f060a1e27296eaf28b9d1afcbb213e34ef2c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB041D4757B32E52479CA619001F060A1E27296EAF28B9D1AFCBB213E34EF2C2"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1154
Expires: Sun, 16 Oct 2022 21:10:11 GMT
Date: Sun, 16 Oct 2022 20:50:57 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 43b0f5df2159c5dbc19acdf17ed1af56
6a46d4ebd02b6a34288612207370abdca1b8000f
54cf2477d15ab551fe8461a20f1ca702d049fecf40245aa0df081ba102d94b2e
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:50:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 20 Oct 2022 20:00:51 GMT
ETag: "6a46d4ebd02b6a34288612207370abdca1b8000f"
Last-Modified: Sun, 16 Oct 2022 20:00:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b3ab77596f0b06-OSL
cataractencroach.com/06/8d/e0/068de0f61fc75f93b5ec620b96ffc803.js
192.243.61.225200 OK 20 kB URL HTTP/1.1 cataractencroach.com/06/8d/e0/068de0f61fc75f93b5ec620b96ffc803.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59438), with no line terminators
Hash cfe5594b5ba3caafdc550cd2da6067f5
aad16bfd65e84037ce4d14673c25fcdd79071806
2e8f96259e5893e18751c773549621994287bd9152d203e0b706709194cf5e8b
Analyzer Verdict Alert quad9 Sinkholed
GET /06/8d/e0/068de0f61fc75f93b5ec620b96ffc803.js HTTP/1.1
Host: cataractencroach.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 20:50:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8dbf92e17e7f7d2321d164246a8f4ed
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f33627c584f67cfba7ec975c0d7f1c41
f894f4628d186a87de5ceecee9ce6dbe76b6b978
1b94edfbc4089e3ae0c8291815277956ec90e9f1a49e452ce037e57e951f694b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B94EDFBC4089E3AE0C8291815277956EC90E9F1A49E452CE037E57E951F694B"
Last-Modified: Sat, 15 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7527
Expires: Sun, 16 Oct 2022 22:56:25 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5b04d6d3c126a01d5aa922574230332
fd3383c24dac377a75ca3160503bb31b8019df4a
621df3b5055828325b8cc517cf359ea5ca002fd5fad771cca767e15bde7fa330
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "621DF3B5055828325B8CC517CF359EA5CA002FD5FAD771CCA767E15BDE7FA330"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16617
Expires: Mon, 17 Oct 2022 01:27:55 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146649
Date: Sun, 16 Oct 2022 20:50:58 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 13:35:07 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gdSA29JaTRyGZFgObJ8B9Zqt0T0RzSAqMa7nWlASERZhMXt7JmT8Hg==
Age: 3850
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash b2a6bae9affb75f40a24151670012ecb
d37ee14efbe9b8fb3afe97aa0d8e7667dfbc06ed
468261e2160ea2f45e31ba9527989820dda6c0b6ce8723213a131b6a550c2659
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vedbam.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=27820538-2773-4ccd-841f-d0781c55ac4e:2:1; expires=Wed, 13 Oct 2032 20:50:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
thaudray.com/tag.min.js
139.45.197.237200 OK 23 kB IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2ecc279974355238c6b14d2d685dcd21
b85c288352ac6b1a6c8a1a2eaccc76cf0742aa77
955526ffe068eb4794da9302cbbe2dbb5508f380074a478b35239f48119f97e7
GET /tag.min.js HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: text/javascript; charset=utf-8
content-length: 22986
content-encoding: br
x-trace-id: 9fdde22ebcbb2ec20663c77f87b566c4
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 10 Oct 2022 14:13:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
s205.vidboo.org/6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4
51.159.105.142206 Partial Content 33 kB URL HTTP/1.1 s205.vidboo.org/6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4
IP 51.159.105.142:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 9d75b9bbe32ed32e2b960e56b7ed16a8
49ec4d921015db79423e420d2563d8f152b29b1d
0482c52460309cb5ff76c624c46f28e3a3722011fb93b1081d8ac5be2888310b
GET /6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4 HTTP/1.1
Host: s205.vidboo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx/1.21.3
Date: Sun, 16 Oct 2022 20:50:58 GMT
Content-Type: application/octet-stream
Content-Length: 859923742
Last-Modified: Wed, 15 Jun 2022 17:00:01 GMT
Connection: keep-alive
ETag: "62aa1011-3341651e"
Content-Range: bytes 0-859923741/859923742
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6556
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6556
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6556
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6556
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0cabcd5467191890163abd8c081c0cb
37c76a9fe6833ee0fc50d92b2f8e32fc44d43e54
b3b17175a7899e8876d93a83271f9319b0cd76af7e091837b87aaba2ac2d3920
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8757
x-amzn-requestid: c384db56-c2e0-4a61-ab03-0688422929c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL3_ESBIAMFUIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2699-1a0f51aa005d4a5e4f4ec4df;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:05 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Kv-E67FiKXWHds-RntkYWG7Y0jduRHHWP_9H-8PMvDtJuF8n2jVfng==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:02:04 GMT
age: 82134
etag: "37c76a9fe6833ee0fc50d92b2f8e32fc44d43e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd94762992136ed2f4d24dd34a745154
2050cee63f8005c5d9ac1a817730ada51b323f34
4548836d8846da958f477e1df952f6da9b9640e204804a7c76194d3e061b90a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7082
x-amzn-requestid: 5e98988f-faad-4e52-a49f-28d5a77b15d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL46HFloAMFSag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b269f-6759e36c79241479181c1d05;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u2l4A1Vt7WLHe9NdaSFyBhwnBo9XfI3n5bXqpv8MGUXl7YaywUknJQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 83629
etag: "2050cee63f8005c5d9ac1a817730ada51b323f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FDpKbEtkkBwyl0pq3hI50XU9_5Qk43D5_CCq2mdq6phymrT0Op_wzg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:00:32 GMT
age: 82226
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6432c2bf0bab32f918d931dd98a6e1e4
bba4f37b146e5aea2b6490f8f7da63fa61ffc849
bde0d98cb1dcd70f22cd2aee5860eb0cd824d1bb12ab18245ab8eed06a79cf1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7337
x-amzn-requestid: 43a16c4d-c5b9-4d01-8ba4-e811b09e96b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqEwVoAMFe5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-121eda8b7a73518849342e7a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z8x5zYoU_lGHWGt8ZhQFB6G9gS1Q4YhG_AxOdLCqIpZkXp_-f45ExA==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 05:16:13 GMT
age: 56085
etag: "bba4f37b146e5aea2b6490f8f7da63fa61ffc849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3932cc8a5ab42618f827d15415e0808b
8a06fadc253b2834a3a61e64fb30229cc82b5a1c
a98085763566fe00ba899d3cfbb1cba3f3a02f16db770d0c03bf73b33e9efb17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A98085763566FE00BA899D3CFBB1CBA3F3A02F16DB770D0C03BF73B33E9EFB17"
Last-Modified: Sun, 16 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3882
Expires: Sun, 16 Oct 2022 21:55:40 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 440811a19987ddee099df289d9b61e79
ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1
1309e9dcb36858de70ef82900ec1ad429fbb795ddb9823fd1c290b18f4e2c1a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:22 GMT
age: 83616
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e86d948bf8ed2f5918f8323b043ad5f
41548e231e2358d3453e7630f0d07a645cc25ddc
6602f2a020618234d34a9b6cd107398f0405de6dd14227e265aca84b38eaa5cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7075
x-amzn-requestid: 254a8860-b3bf-4e8d-a08d-31effa209a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5iGQqIAMFmkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a3-1a2820f550f35bf830444c22;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: noeZThjNw_knj4oZ39f_xFQl_eFhT_iJ5ki1eaCv873z5WThwd7gXA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:39:58 GMT
age: 83460
etag: "41548e231e2358d3453e7630f0d07a645cc25ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5b04d6d3c126a01d5aa922574230332
fd3383c24dac377a75ca3160503bb31b8019df4a
621df3b5055828325b8cc517cf359ea5ca002fd5fad771cca767e15bde7fa330
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "621DF3B5055828325B8CC517CF359EA5CA002FD5FAD771CCA767E15BDE7FA330"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16617
Expires: Mon, 17 Oct 2022 01:27:55 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 114a7a89293306ae9ec6a9f665278dd8
42e3d670145f21725811948a52738ea2463ca567
4c74214df68c139ca3912171ff3cee131ddf0d8dd683a5e25a2ae9c88cf9d577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C74214DF68C139CA3912171FF3CEE131DDF0D8DD683A5E25A2AE9C88CF9D577"
Last-Modified: Sun, 16 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20467
Expires: Mon, 17 Oct 2022 02:32:05 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecaa70e14b6e5f83e31bb933a147df70
ee8f20560a8280905122bfbbde650ca32d35e10c
c5b18399f50c70931b82a71a3614079028b916ccc67e9d258934bd44873b0497
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5B18399F50C70931B82A71A3614079028B916CCC67E9D258934BD44873B0497"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8294
Expires: Sun, 16 Oct 2022 23:09:12 GMT
Date: Sun, 16 Oct 2022 20:50:58 GMT
Connection: keep-alive
nanouwho.com/42/38?z=4861570
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/42/38?z=4861570
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /42/38?z=4861570 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: scm=1; OAID=83bed50072c34d0cbad8fb2ae4248b2f; oaidts=1665953458
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: bad7dbf88e31b82dcb6807378d779b5f
access-control-expose-headers: X-Sc
set-cookie: OAID=83bed50072c34d0cbad8fb2ae4248b2f; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
oaidts=1665953458; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8ceb6907e82e85fb8def6059388c6a5b
35baf6e386c6760b175fe9e2f1ccf94aa23252b7
29409c4b3a8e023a8c96dd6b87348a1523b2bcee1cd01db6cfd11fd9050d5af5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:50:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 13 Oct 2022 18:25:21 GMT
Expires: Thu, 20 Oct 2022 18:25:20 GMT
Etag: "35baf6e386c6760b175fe9e2f1ccf94aa23252b7"
Cache-Control: max-age=336261,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b3ab7d2964b523-OSL
my.rtmark.net/gid.js?userId=f4d8fe4ddd854e60b7b986a62e74920a
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=f4d8fe4ddd854e60b7b986a62e74920a
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7409b4f0b36056a9d5ad4490b3c8ebc5
674d014880e7e5b62a3e328304f60921eed7ea91
191920c50c284da3b4d6eed4b5413b9c3190f7288e294490a73cf5a7e06e781c
GET /gid.js?userId=f4d8fe4ddd854e60b7b986a62e74920a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://vedbam.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f4d8fe4ddd854e60b7b986a62e74920a; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
upgulpinon.com/42/38?z=5030637
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/42/38?z=5030637
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /42/38?z=5030637 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: scm=1; OAID=c3003650674249e29b2f81a66130189e; oaidts=1665953458
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 1de1c7a194c47ee8f762171d5af0dbfb
access-control-expose-headers: X-Sc
set-cookie: OAID=c3003650674249e29b2f81a66130189e; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
oaidts=1665953458; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
hermichermicfurnished.com/pixel/purst?dl=0&th=0&sc=0&rs=1557&rd=1557&fd=883&bv=22.8.v.1&tmpl=70
192.243.61.225200 OK 0 B URL HTTP/1.1 hermichermicfurnished.com/pixel/purst?dl=0&th=0&sc=0&rs=1557&rd=1557&fd=883&bv=22.8.v.1&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1557&rd=1557&fd=883&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: hermichermicfurnished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 20:50:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
hermichermicfurnished.com/88/eb/09/88eb0903395b835e80c1dbf7a07299e3.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 hermichermicfurnished.com/88/eb/09/88eb0903395b835e80c1dbf7a07299e3.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37126), with no line terminators
Hash 14bfa53a9c637be9156c2244f83ea6bb
cba41b5d345fc33ee41daa566d426dbe299bb7e7
55b465bcf05f87124a89be6dfd2f0a68714f50f03688d0168f99639dedd34043
Analyzer Verdict Alert quad9 Sinkholed
GET /88/eb/09/88eb0903395b835e80c1dbf7a07299e3.js HTTP/1.1
Host: hermichermicfurnished.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 20:50:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f9e1c5e8048697a992a30ac537e55f2b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
nanouwho.com/9?z=4861570&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=4861570&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=4861570&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vedbam.xyz/
Origin: https://vedbam.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 16 Oct 2022 20:50:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://vedbam.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
upgulpinon.com/27/3a63a2a43bbf0a0bb029696534151382
139.45.197.242200 OK 125 kB URL HTTP/2 upgulpinon.com/27/3a63a2a43bbf0a0bb029696534151382
IP 139.45.197.242:0
Size 125 kB (124584 bytes)
Hash a111ae0985b8d40ba63b1755beb09a7e
6a927812737f6f02888f96dc9c60093bb373f28e
9c855d09436308cd1cd8852cec173564f725bffec98a96d00987b0a8735a61ca
GET /27/3a63a2a43bbf0a0bb029696534151382 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: scm=1; OAID=c3003650674249e29b2f81a66130189e; oaidts=1665953458
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 13 Oct 2022 05:14:04 GMT
expires: Thu, 12 Nov 2082 05:14:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash b2a6bae9affb75f40a24151670012ecb
d37ee14efbe9b8fb3afe97aa0d8e7667dfbc06ed
468261e2160ea2f45e31ba9527989820dda6c0b6ce8723213a131b6a550c2659
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: uid_id2=27820538-2773-4ccd-841f-d0781c55ac4e:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vedbam.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5030637&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5030637&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5030637&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vedbam.xyz/
Origin: https://vedbam.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 16 Oct 2022 20:50:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://vedbam.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5030637&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a
139.45.197.242200 OK 7 B URL HTTP/2 upgulpinon.com/9?z=5030637&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
POST /9?z=5030637&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fvedbam.xyz%2Fembed-gs3aotnt8wr1.html&wy=0&wx=0&ww=1280&wh=1024&cw=1170&wiw=1170&wih=700&wfc=1&sah=1002&drf=https%3A%2F%2Fstaranime0.blogspot.com%2F&hil=1&ist=0&oaid=f4d8fe4ddd854e60b7b986a62e74920a HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 43
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: scm=1; OAID=c3003650674249e29b2f81a66130189e; oaidts=1665953458
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:59 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://vedbam.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a8d2dd12b39758f9aaf6d3279e5802d9
access-control-expose-headers: X-Sc
set-cookie: OAID=f4d8fe4ddd854e60b7b986a62e74920a; expires=Mon, 16 Oct 2023 20:50:59 GMT; secure; SameSite=None
oaidts=1665953458; expires=Mon, 16 Oct 2023 20:50:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4315c641ce7703e0fbe0b067fd8073bc
0975528468dcf0f1919d63140e0c1369ba834abc
4cf6d790c0f08adb4f036c3cd243c596c555ac4426304d9d6605c695d69b4188
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3079
Cache-Control: max-age=169259
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:59 GMT
Etag: "634c54d7-116"
Expires: Tue, 18 Oct 2022 19:51:58 GMT
Last-Modified: Sun, 16 Oct 2022 19:00:39 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4315c641ce7703e0fbe0b067fd8073bc
0975528468dcf0f1919d63140e0c1369ba834abc
4cf6d790c0f08adb4f036c3cd243c596c555ac4426304d9d6605c695d69b4188
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3079
Cache-Control: max-age=169259
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:50:59 GMT
Etag: "634c54d7-116"
Expires: Tue, 18 Oct 2022 19:51:58 GMT
Last-Modified: Sun, 16 Oct 2022 19:00:39 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash b2a6bae9affb75f40a24151670012ecb
d37ee14efbe9b8fb3afe97aa0d8e7667dfbc06ed
468261e2160ea2f45e31ba9527989820dda6c0b6ce8723213a131b6a550c2659
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: uid_id2=27820538-2773-4ccd-841f-d0781c55ac4e:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vedbam.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash b2a6bae9affb75f40a24151670012ecb
d37ee14efbe9b8fb3afe97aa0d8e7667dfbc06ed
468261e2160ea2f45e31ba9527989820dda6c0b6ce8723213a131b6a550c2659
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: uid_id2=27820538-2773-4ccd-841f-d0781c55ac4e:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://vedbam.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2cc4a259f7870a8b43febafbbef2de19
77d835fb0cda69a5e9b17b64bcf32a18020faee3
e164f533b63c630bbd64da384d46d29f8cb64ea122e70cc86246efa67e88229e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E164F533B63C630BBD64DA384D46D29F8CB64EA122E70CC86246EFA67E88229E"
Last-Modified: Sun, 16 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12771
Expires: Mon, 17 Oct 2022 00:23:51 GMT
Date: Sun, 16 Oct 2022 20:51:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3c1b705b929543711cc96507a60952b
b20afa731c5a5925bcf23b2a5e673c1ff0d7ec77
4eaaa1fa789a46a4a1ee02c23c7188bc7609383fc66dd259093de5911935e2b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EAAA1FA789A46A4A1EE02C23C7188BC7609383FC66DD259093DE5911935E2B6"
Last-Modified: Sat, 15 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8182
Expires: Sun, 16 Oct 2022 23:07:22 GMT
Date: Sun, 16 Oct 2022 20:51:00 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=27820538-2773-4ccd-841f-d0781c55ac4e&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=88eb0903395b835e80c1dbf7a07299e3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=27820538-2773-4ccd-841f-d0781c55ac4e&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=88eb0903395b835e80c1dbf7a07299e3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=27820538-2773-4ccd-841f-d0781c55ac4e&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=88eb0903395b835e80c1dbf7a07299e3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 20:51:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc38bc2d4b773922db13888b09000e5c
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=27820538-2773-4ccd-841f-d0781c55ac4e&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=068de0f61fc75f93b5ec620b96ffc803&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=27820538-2773-4ccd-841f-d0781c55ac4e&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=068de0f61fc75f93b5ec620b96ffc803&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=27820538-2773-4ccd-841f-d0781c55ac4e&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.287&b_frame=1&pk=068de0f61fc75f93b5ec620b96ffc803&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 20:51:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 395a8c676b8c3862bfb792a97afc3ef8
Strict-Transport-Security: max-age=0; includeSubdomains
ripevibratevilla.com/sbar.json?key=88eb0903395b835e80c1dbf7a07299e3&uuid=27820538-2773-4ccd-841f-d0781c55ac4e%3A2%3A1
173.233.137.60200 OK 5.0 kB URL HTTP/1.1 ripevibratevilla.com/sbar.json?key=88eb0903395b835e80c1dbf7a07299e3&uuid=27820538-2773-4ccd-841f-d0781c55ac4e%3A2%3A1
IP 173.233.137.60:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6935), with no line terminators
Hash ecbfe1c0d27f0d0101638da63e47f785
0d1631ef1ad8900bd8992512a43c683475932ed4
38824a970257ffe5211f7bbc1763345c181c9cfadcf3191225fabe21fc667b12
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=88eb0903395b835e80c1dbf7a07299e3&uuid=27820538-2773-4ccd-841f-d0781c55ac4e%3A2%3A1 HTTP/1.1
Host: ripevibratevilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:51:00 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://vedbam.xyz
Access-Control-Allow-Origin: https://vedbam.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17572910; expires=Mon, 17 Oct 2022 20:51:00 GMT; secure; SameSite=None
uid_id2=27820538-2773-4ccd-841f-d0781c55ac4e:2:1; expires=Sun, 23 Oct 2022 20:51:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 17 Oct 2022 20:51:00 GMT; secure; SameSite=None
uncs=1; expires=Mon, 17 Oct 2022 20:51:00 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 17 Oct 2022 20:51:00 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 17 Oct 2022 20:51:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fe36f1dfb97876e9e84901bc23044f8b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ripevibratevilla.com/ren.gif?sid=H4sIAAAAAAAC%2F5yTy4sc1RfHb%2BU3ix%2F8fgoJ2ShESipoApmeenR3VSeEcTKPpHVezIwY3MRb997uuelbD%2B6t6uoZXAQjkoWLURCim9ScniRmDMaAqAsTpCcg2Ku0q144%2F0EkEnDlQrozGB%2Bg4Nmcc%2Fge7vlwzrnvbKa7yIQU96fmonUuBB4rFUz9yFnLOqHP8jBt6S2vfK5cPKHL5vFKuWAe1U8z0ojGbNMyTcu09BkuWS1qjQ1E4PHNilWomIWiXbBKRWjJP%2BYq1UBhDWhzFx0ATnsj97SDwEkHwuCzKaYaSRQfmw5SgZNIQpNefzVshFEWQvAkrEkNauH1vWqI1P2ZuxCFV4e4EDV%2FK%2FR5D2nf3gU%2FvL4HCX5za8jpC2Ah%2BPR%2FkDU7wEQHOO4AiS4Cp%2FcRAKEwvwBhcG0%2Bkhlee6zigdpDIz8%2FAp710MgPByEMPj0leEtfjkSa8ChU0KrlwFsd4PUOxOkOJOv7gGc7QJK3gFMEYZADp%2F3DtuvZZsnxRm3XdUaLhNBRr2jVRqnpehYplTApsuFgOO8Ar3VAsA3Aah%2BkSoOUa5DWNEhjDQLa14llWa5JCTa9CiEOdZlfpqaF3ZqFLbPsQUoG7BuQxBtAxAYQeQFieQEafANk%2Bg2o1RwU1UAlCJo0h4whyBSCDCPIOIIsQZA186tUKFvl16hQqW%2FteXvPO3k7Suqb%2BGqU1FmINuNdtH8wMO3%2FhwvQYH3d85hvVkzHqZR8zykxzyQW9WsuNl27UmEOKJ4DV%2FsAKw3WeQ8d%2Bs6DmPcQuvwU%2BHgHlNgBwvcDTg8BztqubQJebRc9E9bD7SanPg4KkawDjXKIkxFI1rRNsYueGa7NfrQMjHTHt74%2B8MHZB8eAyBximcN5fg9BXVxqL0UZ2lqKMoVuL8QJD%2Fg6Hqx0OcEJQ9uvsLUskrQ6pTZuTJCBMAhvrjCVzOKQ8rCu0CenOKVMzkSSMHSnql5j%2FmKqVk%2BlMkzj2cXJmWoQS6YUj8IOYH7%2F9aeB8B767xfbw1t9dvIr4HIHZNq3V5MkVsfHxlqBKEiGRcIDNupzWiBRMEYEJ41xfnKNRAuLUrw8PW%2BeMyFIu%2BPbDz7s%2FnjhTeBRB0j89i3DmJpenlyqLq5UF%2BYN484Zxp%2FXzzSxrhpY6DTVud5oMkHHH165fPmWYcxOLJ2ePledmzg9bRj98t9SJKtp4IeYiz%2BTfGwY1clBu%2F5L%2F%2B6BF3hQT05yEoU3DGOlujI7bRhfPrzy%2FrtHrKNz%2BDw%2Bptsl%2FYhZcBrBUVBxF%2B0ZqAiBFE9yP9Yg%2B6dpxrzF%2FoLQlrbfHa%2BeOL56%2B6MJELyHnLMvgmDd8Tf8ud5PN34B7Oeg2O96PYk31SWoy%2BcAJxeH%2F70pc2iKHLDYAJX%2Bp53Esjv%2BvTM08IXW9oXUtnwhxXuP71Txvu46jonLlZLlupi5ftH2amWLYmwXy3a5jB1IVI%2FMhp%2F%2FCgAA%2F%2F8BAAD%2F%2FxLV3d7DBQAA
173.233.137.60200 OK 7 B URL HTTP/1.1 ripevibratevilla.com/ren.gif?sid=H4sIAAAAAAAC%2F5yTy4sc1RfHb%2BU3ix%2F8fgoJ2ShESipoApmeenR3VSeEcTKPpHVezIwY3MRb997uuelbD%2B6t6uoZXAQjkoWLURCim9ScniRmDMaAqAsTpCcg2Ku0q144%2F0EkEnDlQrozGB%2Bg4Nmcc%2Fge7vlwzrnvbKa7yIQU96fmonUuBB4rFUz9yFnLOqHP8jBt6S2vfK5cPKHL5vFKuWAe1U8z0ojGbNMyTcu09BkuWS1qjQ1E4PHNilWomIWiXbBKRWjJP%2BYq1UBhDWhzFx0ATnsj97SDwEkHwuCzKaYaSRQfmw5SgZNIQpNefzVshFEWQvAkrEkNauH1vWqI1P2ZuxCFV4e4EDV%2FK%2FR5D2nf3gU%2FvL4HCX5za8jpC2Ah%2BPR%2FkDU7wEQHOO4AiS4Cp%2FcRAKEwvwBhcG0%2Bkhlee6zigdpDIz8%2FAp710MgPByEMPj0leEtfjkSa8ChU0KrlwFsd4PUOxOkOJOv7gGc7QJK3gFMEYZADp%2F3DtuvZZsnxRm3XdUaLhNBRr2jVRqnpehYplTApsuFgOO8Ar3VAsA3Aah%2BkSoOUa5DWNEhjDQLa14llWa5JCTa9CiEOdZlfpqaF3ZqFLbPsQUoG7BuQxBtAxAYQeQFieQEafANk%2Bg2o1RwU1UAlCJo0h4whyBSCDCPIOIIsQZA186tUKFvl16hQqW%2FteXvPO3k7Suqb%2BGqU1FmINuNdtH8wMO3%2FhwvQYH3d85hvVkzHqZR8zykxzyQW9WsuNl27UmEOKJ4DV%2FsAKw3WeQ8d%2Bs6DmPcQuvwU%2BHgHlNgBwvcDTg8BztqubQJebRc9E9bD7SanPg4KkawDjXKIkxFI1rRNsYueGa7NfrQMjHTHt74%2B8MHZB8eAyBximcN5fg9BXVxqL0UZ2lqKMoVuL8QJD%2Fg6Hqx0OcEJQ9uvsLUskrQ6pTZuTJCBMAhvrjCVzOKQ8rCu0CenOKVMzkSSMHSnql5j%2FmKqVk%2BlMkzj2cXJmWoQS6YUj8IOYH7%2F9aeB8B767xfbw1t9dvIr4HIHZNq3V5MkVsfHxlqBKEiGRcIDNupzWiBRMEYEJ41xfnKNRAuLUrw8PW%2BeMyFIu%2BPbDz7s%2FnjhTeBRB0j89i3DmJpenlyqLq5UF%2BYN484Zxp%2FXzzSxrhpY6DTVud5oMkHHH165fPmWYcxOLJ2ePledmzg9bRj98t9SJKtp4IeYiz%2BTfGwY1clBu%2F5L%2F%2B6BF3hQT05yEoU3DGOlujI7bRhfPrzy%2FrtHrKNz%2BDw%2Bptsl%2FYhZcBrBUVBxF%2B0ZqAiBFE9yP9Yg%2B6dpxrzF%2FoLQlrbfHa%2BeOL56%2B6MJELyHnLMvgmDd8Tf8ud5PN34B7Oeg2O96PYk31SWoy%2BcAJxeH%2F70pc2iKHLDYAJX%2Bp53Esjv%2BvTM08IXW9oXUtnwhxXuP71Txvu46jonLlZLlupi5ftH2amWLYmwXy3a5jB1IVI%2FMhp%2F%2FCgAA%2F%2F8BAAD%2F%2FxLV3d7DBQAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F5yTy4sc1RfHb%2BU3ix%2F8fgoJ2ShESipoApmeenR3VSeEcTKPpHVezIwY3MRb997uuelbD%2B6t6uoZXAQjkoWLURCim9ScniRmDMaAqAsTpCcg2Ku0q144%2F0EkEnDlQrozGB%2Bg4Nmcc%2Fge7vlwzrnvbKa7yIQU96fmonUuBB4rFUz9yFnLOqHP8jBt6S2vfK5cPKHL5vFKuWAe1U8z0ojGbNMyTcu09BkuWS1qjQ1E4PHNilWomIWiXbBKRWjJP%2BYq1UBhDWhzFx0ATnsj97SDwEkHwuCzKaYaSRQfmw5SgZNIQpNefzVshFEWQvAkrEkNauH1vWqI1P2ZuxCFV4e4EDV%2FK%2FR5D2nf3gU%2FvL4HCX5za8jpC2Ah%2BPR%2FkDU7wEQHOO4AiS4Cp%2FcRAKEwvwBhcG0%2Bkhlee6zigdpDIz8%2FAp710MgPByEMPj0leEtfjkSa8ChU0KrlwFsd4PUOxOkOJOv7gGc7QJK3gFMEYZADp%2F3DtuvZZsnxRm3XdUaLhNBRr2jVRqnpehYplTApsuFgOO8Ar3VAsA3Aah%2BkSoOUa5DWNEhjDQLa14llWa5JCTa9CiEOdZlfpqaF3ZqFLbPsQUoG7BuQxBtAxAYQeQFieQEafANk%2Bg2o1RwU1UAlCJo0h4whyBSCDCPIOIIsQZA186tUKFvl16hQqW%2FteXvPO3k7Suqb%2BGqU1FmINuNdtH8wMO3%2FhwvQYH3d85hvVkzHqZR8zykxzyQW9WsuNl27UmEOKJ4DV%2FsAKw3WeQ8d%2Bs6DmPcQuvwU%2BHgHlNgBwvcDTg8BztqubQJebRc9E9bD7SanPg4KkawDjXKIkxFI1rRNsYueGa7NfrQMjHTHt74%2B8MHZB8eAyBximcN5fg9BXVxqL0UZ2lqKMoVuL8QJD%2Fg6Hqx0OcEJQ9uvsLUskrQ6pTZuTJCBMAhvrjCVzOKQ8rCu0CenOKVMzkSSMHSnql5j%2FmKqVk%2BlMkzj2cXJmWoQS6YUj8IOYH7%2F9aeB8B767xfbw1t9dvIr4HIHZNq3V5MkVsfHxlqBKEiGRcIDNupzWiBRMEYEJ41xfnKNRAuLUrw8PW%2BeMyFIu%2BPbDz7s%2FnjhTeBRB0j89i3DmJpenlyqLq5UF%2BYN484Zxp%2FXzzSxrhpY6DTVud5oMkHHH165fPmWYcxOLJ2ePledmzg9bRj98t9SJKtp4IeYiz%2BTfGwY1clBu%2F5L%2F%2B6BF3hQT05yEoU3DGOlujI7bRhfPrzy%2FrtHrKNz%2BDw%2Bptsl%2FYhZcBrBUVBxF%2B0ZqAiBFE9yP9Yg%2B6dpxrzF%2FoLQlrbfHa%2BeOL56%2B6MJELyHnLMvgmDd8Tf8ud5PN34B7Oeg2O96PYk31SWoy%2BcAJxeH%2F70pc2iKHLDYAJX%2Bp53Esjv%2BvTM08IXW9oXUtnwhxXuP71Txvu46jonLlZLlupi5ftH2amWLYmwXy3a5jB1IVI%2FMhp%2F%2FCgAA%2F%2F8BAAD%2F%2FxLV3d7DBQAA HTTP/1.1
Host: ripevibratevilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: u_pl=17572910; uid_id2=27820538-2773-4ccd-841f-d0781c55ac4e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:51:00 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f2a34a34b6a7f60e756e331e319af48
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 618c6998deadeff1c1bd3c5c2a7380ee
b18462fd7d0df781bdbde02201d8d58231bf1a3d
237bb0fe3e531cafa69c5f0a921099190c1955a2f54ad1e8b95d4746c793a5d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "237BB0FE3E531CAFA69C5F0A921099190C1955A2F54AD1E8B95D4746C793A5D6"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17694
Expires: Mon, 17 Oct 2022 01:45:55 GMT
Date: Sun, 16 Oct 2022 20:51:01 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9417
Expires: Sun, 16 Oct 2022 23:27:58 GMT
Date: Sun, 16 Oct 2022 20:51:01 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/notifications/rtb/mac/2/index.html
45.133.44.3200 OK 791 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/rtb/mac/2/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash bf1eff8e9cbf74f3357052e6c991d0cb
3e85209904187f1c554f6ee8a494e35c522983c0
11a85b0746c6490e7502d75588c117de92b16ac681e02ca394ff38b160bd2544
GET /sb/notifications/rtb/mac/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:51:01 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-4e7"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 16 Oct 2022 21:51:01 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/rtb/mac/2/img/close.png
172.64.111.27200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/rtb/mac/2/img/close.png
IP 172.64.111.27:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/rtb/mac/2/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:51:01 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 17 May 2021 12:14:41 GMT
etag: "60a25e31-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6432407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfnyAZlbahByI5uy6kPw4xtT%2FdjdgS3%2By%2FriY15s8kbxk37rG9E4t2G4gBw3TeKA7exs55hrma6FLep%2B7Dg%2BoexBO5G64D%2FuZnrjXD8Cque7IOyYH9y9FXVAnhOfvpHo%2B0Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3ab8c881076a1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/rtb/mac/2/js/script.js
172.64.111.27200 OK 522 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/rtb/mac/2/js/script.js
IP 172.64.111.27:0
Hash e49d81cb247100a4c5185930a6be3704
3c2b913ab02a552668a9405a89bc3880f8f8c841
58a31e3406f8e6805f06aa9ea7796de580ee10816c13a4d47711fe2a678d9966
GET /sb/notifications/rtb/mac/2/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:51:01 GMT
content-type: application/javascript
last-modified: Mon, 17 May 2021 12:14:43 GMT
etag: W/"60a25e33-175"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2555050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCM9pExw%2BBDXy5wGXMfaTMHPOG82hvN2TDflV4JvDxtpJPxsfSBDiMyN7BdFQuxKYMnkmj0pQwZ%2BcZOMCJS25RTXLSrPiJ65eYgKGoR92sYjLs8hiSej0N80vciKNYBL7x8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3ab8c6fac76a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/rtb/mac/2/css/style.css
172.64.111.27200 OK 1.6 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/rtb/mac/2/css/style.css
IP 172.64.111.27:0
Hash 60890a8fb411a12694814f24c72ab738
04e08f5d9d203244bc50f92492b350f1fac82b8f
b39d00ef7e89e5104a16510f76da4d4543eba6c6416d4bdf7f1902c392f14d46
GET /sb/notifications/rtb/mac/2/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:51:01 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:30:23 GMT
etag: W/"60a261df-10d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2555050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhaGv55S9J%2BagPpWPQgU1F1oF448C4k%2FCjXtw0BdPM%2FBL9YqMY%2Bsg%2FXS84lVSf0hZedOjqcmXT4ZVEzP9VcIt%2B81LZBnBathXoBn6L7q8oAI3f84SwesLQgJ%2FMdtW%2ByVoOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3ab8c5f9176a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/rtb/mac/2/css/magic.css
172.64.111.27200 OK 3.4 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/rtb/mac/2/css/magic.css
IP 172.64.111.27:0
Hash 37e75547f2e6cc68829fc7784d4d6421
0dc0a26e1f9e79bcd3bb06da1a279be407581b34
efed222665f99b75e35a6acf500223292be61946d5eb74381278d912b6d0c67e
GET /sb/notifications/rtb/mac/2/css/magic.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:51:01 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:30:23 GMT
etag: W/"60a261df-b0c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2044574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIOZFywvZNw35H3SraG%2FwrmEwJzlPPalRareovvRnbWEVg%2BlbqIQeaqqC5ROdLmg%2BU0IMsCdCsv8ouoI1B6Fyj9kvn4PTTxjS%2FOXbNYYVTPyoJA15btblQaHL0MuP7iZsz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3ab8c5f8476a1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 6b0e729d053dbbc0f61b9caf771f5f3d
452a61f156a9f8379910785ac851fca90d307549
147aedc1438bd5328a194d77aea6935430c13a3f80e389b386636991ac6c06c4
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:51:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 20 Oct 2022 17:26:32 GMT
ETag: "452a61f156a9f8379910785ac851fca90d307549"
Last-Modified: Sun, 16 Oct 2022 17:26:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1481
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b3ab8defe40b06-OSL
xml.realtime-bid.com/thumbnail?i=ycoOPrlJEN0_0&imgt=icon
198.134.116.29302 Found 0 B URL HTTP/1.1 xml.realtime-bid.com/thumbnail?i=ycoOPrlJEN0_0&imgt=icon
IP 198.134.116.29:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=ycoOPrlJEN0_0&imgt=icon HTTP/1.1
Host: xml.realtime-bid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 16 Oct 2022 20:51:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://static.realtime-bid.com/n337/ad/300x300_58WI16nCDUlFaScngmKD.jpeg
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash abe4dda79e3b9d8b52091c442a8d6995
87e17e79a2caf070cfb381ad5d3ab86c05f23636
43f47742cb6f78f85ff5ff345ec954d0e36e8f3196bffe63219c12bba58c794c
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Oct 2022 20:51:01 GMT
date: Sun, 16 Oct 2022 20:51:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 350213
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ripevibratevilla.com/impr.gif?sid=H4sIAAAAAAAC%2F5yTz4scRRTHq%2BMeBH9AQi4KkZYOmkB2tnt%2B7PQkhHGzP5LR%2FcXuisFLrK6qma1MdVdT1T09u3gIRiQHD6MgRC%2FpfbNJzBqMAVEPJshsQHBOGU9zcP%2BDSCTgyYPMZHH9AQq%2By3uP76Peh%2FdevbcR7yAbYtyfmpPrXAg8VsjY5pGzjnPCnOVB3DSb7vi58fwJUzWOl8Yz9lHzNCN1OZa1Hdt2bMec4YpVZXNsIAIPb5acTMnO5LMZp5CHpvprrmMDNDaANnbQAeC0N3LPOAicdCDwv5hiuh7J8Ni0HwscSQUNev31oB7IJAB%2FL6wqA6rB9d1qkPr%2BzF2QwdUhLsjGH4Ue7yHj%2B7vgBdd3IcFrbA45PQEsAI8%2BBUmjA0x0gOMOEHkROL2PAAiF%2BQUI%2FGvzUiV47bGKB2oPjfz6CHjSQyM%2FHYTA%2F%2FyU4E1zWYo44jLQ0KymwJsd4LUOhPE2ROv7gCfbQKJ3gFMEgZ8Cp%2F3D2aKbtQs5dzRbLOZG84TQUTfvVEepXXQdUihgkmfDwXDeAV7tgGAtwHofxNqAmBsQVw2IQwN82jeJ4zhFmxJsuyVCcrTIvHFqO7hYdbBjj7sQkwF7C6KwBUS0gKgLEKoLUOctUPF3oFdT0NQAHSFo0BQShiDRCBKMIOEIkghB0kivUqGzOr1GhY49Z9dnd30ubcuotoGvyqjGArQR7qD9g4EZTx%2FOQJ31Tddlnl2yc7lSwXNzBebaxKFetYjtYrZUYjnQPAWu9wHWBqzzHjr0gwsh7yF0%2BRnw8DZosQ2E7wccHwKctItZG%2FBqO%2B%2FasB5sNTj1sJ%2BRqgZUphBGIxCtGRtiBz03XFv20TIw0i1vfnvgo7MPjgFRKYQqhfP8HoKauNRekgnaXJKJRrcXwoj7fB0PVroc4YihrdfYWiIVrUzp1o0JMhAG4c0VpqNZHFAe1DT67BSnlKkZqQhDdyr6DeYtxnr1VKyCOJxdnJyp%2BKFiWnMZdADz%2B28%2BC4T30JNfbQ1v9fnJb4CrbVBxP7saRaE%2BPjbW9EVGMSwi7rNRj9MMkf4YEZzUy%2FzkGpELi0q8Oj1vn7PBj7vlrQcfd3%2B%2B8DZw2QESvnvDslYqK7PTlvX1wysfvn%2FEOTqHz%2BNjZrZgHrEzubp%2F9JZlTU0vTy5VFlcqC%2FOWdecM4y%2BaZxrY1HUsTBqb3Kw3mKDlh1cuX75lWbMTS6enz1XmJk5PW1Z%2F%2FF85o9XY9wLMxd9ZP7WsyuSgXf%2BV%2F%2FfAS9yvRSc5kQHosIt2DbREoMRe7oUGJP81zZA32T8atFXW65YrJ46v3v5kAgTvodzZl0Gwbvktb673y43fAHspaPanXnvxhr4ENfUC4Oji8L83VAoNkQIWLdDxE%2B0oVN3yj7mhgSeMtieUsekJJT54fKea982cTYseq7Kix%2FKFfJUR6hUKnk2qxMtR1yUQ6R6ZDb78HQAA%2F%2F8BAAD%2F%2F9%2ByNh%2FDBQAA
173.233.137.60200 OK 7 B URL HTTP/1.1 ripevibratevilla.com/impr.gif?sid=H4sIAAAAAAAC%2F5yTz4scRRTHq%2BMeBH9AQi4KkZYOmkB2tnt%2B7PQkhHGzP5LR%2FcXuisFLrK6qma1MdVdT1T09u3gIRiQHD6MgRC%2FpfbNJzBqMAVEPJshsQHBOGU9zcP%2BDSCTgyYPMZHH9AQq%2By3uP76Peh%2FdevbcR7yAbYtyfmpPrXAg8VsjY5pGzjnPCnOVB3DSb7vi58fwJUzWOl8Yz9lHzNCN1OZa1Hdt2bMec4YpVZXNsIAIPb5acTMnO5LMZp5CHpvprrmMDNDaANnbQAeC0N3LPOAicdCDwv5hiuh7J8Ni0HwscSQUNev31oB7IJAB%2FL6wqA6rB9d1qkPr%2BzF2QwdUhLsjGH4Ue7yHj%2B7vgBdd3IcFrbA45PQEsAI8%2BBUmjA0x0gOMOEHkROL2PAAiF%2BQUI%2FGvzUiV47bGKB2oPjfz6CHjSQyM%2FHYTA%2F%2FyU4E1zWYo44jLQ0KymwJsd4LUOhPE2ROv7gCfbQKJ3gFMEgZ8Cp%2F3D2aKbtQs5dzRbLOZG84TQUTfvVEepXXQdUihgkmfDwXDeAV7tgGAtwHofxNqAmBsQVw2IQwN82jeJ4zhFmxJsuyVCcrTIvHFqO7hYdbBjj7sQkwF7C6KwBUS0gKgLEKoLUOctUPF3oFdT0NQAHSFo0BQShiDRCBKMIOEIkghB0kivUqGzOr1GhY49Z9dnd30ubcuotoGvyqjGArQR7qD9g4EZTx%2FOQJ31Tddlnl2yc7lSwXNzBebaxKFetYjtYrZUYjnQPAWu9wHWBqzzHjr0gwsh7yF0%2BRnw8DZosQ2E7wccHwKctItZG%2FBqO%2B%2FasB5sNTj1sJ%2BRqgZUphBGIxCtGRtiBz03XFv20TIw0i1vfnvgo7MPjgFRKYQqhfP8HoKauNRekgnaXJKJRrcXwoj7fB0PVroc4YihrdfYWiIVrUzp1o0JMhAG4c0VpqNZHFAe1DT67BSnlKkZqQhDdyr6DeYtxnr1VKyCOJxdnJyp%2BKFiWnMZdADz%2B28%2BC4T30JNfbQ1v9fnJb4CrbVBxP7saRaE%2BPjbW9EVGMSwi7rNRj9MMkf4YEZzUy%2FzkGpELi0q8Oj1vn7PBj7vlrQcfd3%2B%2B8DZw2QESvnvDslYqK7PTlvX1wysfvn%2FEOTqHz%2BNjZrZgHrEzubp%2F9JZlTU0vTy5VFlcqC%2FOWdecM4y%2BaZxrY1HUsTBqb3Kw3mKDlh1cuX75lWbMTS6enz1XmJk5PW1Z%2F%2FF85o9XY9wLMxd9ZP7WsyuSgXf%2BV%2F%2FfAS9yvRSc5kQHosIt2DbREoMRe7oUGJP81zZA32T8atFXW65YrJ46v3v5kAgTvodzZl0Gwbvktb673y43fAHspaPanXnvxhr4ENfUC4Oji8L83VAoNkQIWLdDxE%2B0oVN3yj7mhgSeMtieUsekJJT54fKea982cTYseq7Kix%2FKFfJUR6hUKnk2qxMtR1yUQ6R6ZDb78HQAA%2F%2F8BAAD%2F%2F9%2ByNh%2FDBQAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F5yTz4scRRTHq%2BMeBH9AQi4KkZYOmkB2tnt%2B7PQkhHGzP5LR%2FcXuisFLrK6qma1MdVdT1T09u3gIRiQHD6MgRC%2FpfbNJzBqMAVEPJshsQHBOGU9zcP%2BDSCTgyYPMZHH9AQq%2By3uP76Peh%2FdevbcR7yAbYtyfmpPrXAg8VsjY5pGzjnPCnOVB3DSb7vi58fwJUzWOl8Yz9lHzNCN1OZa1Hdt2bMec4YpVZXNsIAIPb5acTMnO5LMZp5CHpvprrmMDNDaANnbQAeC0N3LPOAicdCDwv5hiuh7J8Ni0HwscSQUNev31oB7IJAB%2FL6wqA6rB9d1qkPr%2BzF2QwdUhLsjGH4Ue7yHj%2B7vgBdd3IcFrbA45PQEsAI8%2BBUmjA0x0gOMOEHkROL2PAAiF%2BQUI%2FGvzUiV47bGKB2oPjfz6CHjSQyM%2FHYTA%2F%2FyU4E1zWYo44jLQ0KymwJsd4LUOhPE2ROv7gCfbQKJ3gFMEgZ8Cp%2F3D2aKbtQs5dzRbLOZG84TQUTfvVEepXXQdUihgkmfDwXDeAV7tgGAtwHofxNqAmBsQVw2IQwN82jeJ4zhFmxJsuyVCcrTIvHFqO7hYdbBjj7sQkwF7C6KwBUS0gKgLEKoLUOctUPF3oFdT0NQAHSFo0BQShiDRCBKMIOEIkghB0kivUqGzOr1GhY49Z9dnd30ubcuotoGvyqjGArQR7qD9g4EZTx%2FOQJ31Tddlnl2yc7lSwXNzBebaxKFetYjtYrZUYjnQPAWu9wHWBqzzHjr0gwsh7yF0%2BRnw8DZosQ2E7wccHwKctItZG%2FBqO%2B%2FasB5sNTj1sJ%2BRqgZUphBGIxCtGRtiBz03XFv20TIw0i1vfnvgo7MPjgFRKYQqhfP8HoKauNRekgnaXJKJRrcXwoj7fB0PVroc4YihrdfYWiIVrUzp1o0JMhAG4c0VpqNZHFAe1DT67BSnlKkZqQhDdyr6DeYtxnr1VKyCOJxdnJyp%2BKFiWnMZdADz%2B28%2BC4T30JNfbQ1v9fnJb4CrbVBxP7saRaE%2BPjbW9EVGMSwi7rNRj9MMkf4YEZzUy%2FzkGpELi0q8Oj1vn7PBj7vlrQcfd3%2B%2B8DZw2QESvnvDslYqK7PTlvX1wysfvn%2FEOTqHz%2BNjZrZgHrEzubp%2F9JZlTU0vTy5VFlcqC%2FOWdecM4y%2BaZxrY1HUsTBqb3Kw3mKDlh1cuX75lWbMTS6enz1XmJk5PW1Z%2F%2FF85o9XY9wLMxd9ZP7WsyuSgXf%2BV%2F%2FfAS9yvRSc5kQHosIt2DbREoMRe7oUGJP81zZA32T8atFXW65YrJ46v3v5kAgTvodzZl0Gwbvktb673y43fAHspaPanXnvxhr4ENfUC4Oji8L83VAoNkQIWLdDxE%2B0oVN3yj7mhgSeMtieUsekJJT54fKea982cTYseq7Kix%2FKFfJUR6hUKnk2qxMtR1yUQ6R6ZDb78HQAA%2F%2F8BAAD%2F%2F9%2ByNh%2FDBQAA HTTP/1.1
Host: ripevibratevilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: u_pl=17572910; uid_id2=27820538-2773-4ccd-841f-d0781c55ac4e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:51:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8a216b49b95bdd08e9fb6b2fc108aa5
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.realtime-bid.com/n337/ad/300x300_58WI16nCDUlFaScngmKD.jpeg
151.139.128.11200 OK 13 kB URL HTTP/2 static.realtime-bid.com/n337/ad/300x300_58WI16nCDUlFaScngmKD.jpeg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash ce7107887a495633169f47911e8135d1
bd2f9ad4be27c4c2b6a27eb5a3cb55a31ec658fe
1f70ce7c83b2f51beb76b113e2874821bf59ea47f4f64d1bfcbd1be6d7b58fae
GET /n337/ad/300x300_58WI16nCDUlFaScngmKD.jpeg HTTP/1.1
Host: static.realtime-bid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:51:01 GMT
content-length: 13439
content-type: image/jpeg
last-modified: Fri, 07 Oct 2022 07:58:52 GMT
accept-ranges: bytes
server: nginx
etag: "633fdc3c-347f"
cache-control: max-age=86400
x-hw: 1665953461.cds221.sk1.hn,1665953461.cds225.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ripevibratevilla.com/pixel/sbs?c=1
173.233.137.60200 OK 0 B URL HTTP/1.1 ripevibratevilla.com/pixel/sbs?c=1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: ripevibratevilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: u_pl=17572910; uid_id2=27820538-2773-4ccd-841f-d0781c55ac4e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:51:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
s205.vidboo.org/6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4
51.159.105.142206 Partial Content 0 B URL HTTP/1.1 s205.vidboo.org/6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4
IP 51.159.105.142:0
GET /6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4 HTTP/1.1
Host: s205.vidboo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx/1.21.3
Date: Sun, 16 Oct 2022 20:50:58 GMT
Content-Type: application/octet-stream
Content-Length: 859923742
Last-Modified: Wed, 15 Jun 2022 17:00:01 GMT
Connection: keep-alive
ETag: "62aa1011-3341651e"
Content-Range: bytes 0-859923741/859923742
nanouwho.com/1?z=4861570
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=4861570 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e3ba750cc962c76b88683fd17f0d9e17
access-control-expose-headers: X-Sc
x-sc: qDBnYKzyCaqXZWGUUMWy_3dRN4hkDM32gD2BWuAdGi4GOFTBuml7Hkbqo1g9RjseuSl15uElsEDvmGhIwDGYQnPStls=
set-cookie: scm=1; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
OAID=83bed50072c34d0cbad8fb2ae4248b2f; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
oaidts=1665953458; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
s205.vidboo.org/6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4
51.159.105.142206 Partial Content 0 B URL HTTP/1.1 s205.vidboo.org/6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4
IP 51.159.105.142:0
GET /6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4 HTTP/1.1
Host: s205.vidboo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx/1.21.3
Date: Sun, 16 Oct 2022 20:50:58 GMT
Content-Type: application/octet-stream
Content-Length: 859923742
Last-Modified: Wed, 15 Jun 2022 17:00:01 GMT
Connection: keep-alive
ETag: "62aa1011-3341651e"
Content-Range: bytes 0-859923741/859923742
vedbom.org/embed-gs3aotnt8wr1.html
172.67.216.135301 Moved Permanently 0 B URL HTTP/2 vedbom.org/embed-gs3aotnt8wr1.html
IP 172.67.216.135:0
GET /embed-gs3aotnt8wr1.html HTTP/1.1
Host: vedbom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://staranime0.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 16 Oct 2022 20:50:57 GMT
content-type: text/html
location: https://vedbam.xyz/embed-gs3aotnt8wr1.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afAe1mO0SiZoyUdxXxUyFtr%2F4%2BHknvQZYiMZ8x%2FDfggvXVb5rBBPvx3bzu6lz75BSmgD2E1%2B04alrctH1G71n3C6GqIWgxzzvo976H8AtlUiMaBTu%2B1uD%2FMP6fEq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b3ab72adeab509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s205.vidboo.org/6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4
51.159.105.142206 Partial Content 0 B URL HTTP/1.1 s205.vidboo.org/6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4
IP 51.159.105.142:0
GET /6jmnrphkwmazsalrixzah5ptafjwvuf2teuuvwzug4lslq5dpt74bkuski3q/v.mp4 HTTP/1.1
Host: s205.vidboo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx/1.21.3
Date: Sun, 16 Oct 2022 20:50:58 GMT
Content-Type: application/octet-stream
Content-Length: 859923742
Last-Modified: Wed, 15 Jun 2022 17:00:01 GMT
Connection: keep-alive
ETag: "62aa1011-3341651e"
Content-Range: bytes 0-859923741/859923742
thaudray.com/5/4857820/?oo=1&aab=1
139.45.197.237200 OK 0 B URL HTTP/2 thaudray.com/5/4857820/?oo=1&aab=1
IP 139.45.197.237:0
GET /5/4857820/?oo=1&aab=1 HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vedbam.xyz
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: application/json
x-trace-id: 473948b9c7a790f428011be2ed6c9bd9
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://vedbam.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=f4d8fe4ddd854e60b7b986a62e74920a; expires=Mon, 16 Oct 2023 20:50:58 GMT; path=/; secure; SameSite=None
oaidts=1665953458; expires=Mon, 16 Oct 2023 20:50:58 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.235.2200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e804231c84abba3e03190956bcfc53dc
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 16 Oct 2022 20:50:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpDjtIJj3GbiZyy11rtoVjPvZhndarF0sYNKu8rFZo9nzMxkFKzbGPm7WeoXswDQ59WEdSUoqp12Y0DAfZBLrZBXo8au022i9zSuj2Uybq00a%2F2eVbzjvuSW2AaaJvveJQNKilo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3ab7b7a09776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upgulpinon.com/1?z=5030637
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/1?z=5030637
IP 139.45.197.242:0
GET /1?z=5030637 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d98016ce8ff1ee1dcb613f609c9bd587
access-control-expose-headers: X-Sc
x-sc: IbFv4y305nI5YZeIOJCxYMggpMRPexcydNf6jgsa3t1UUa0aJzEoQT4GW3YqtZmR6YlaZtjERT6JlfrYAxPeV8AnZlA=
set-cookie: scm=1; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
OAID=c3003650674249e29b2f81a66130189e; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
oaidts=1665953458; expires=Mon, 16 Oct 2023 20:50:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/27/3a63a2a43bbf0a0bb029696534151382
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/27/3a63a2a43bbf0a0bb029696534151382
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/3a63a2a43bbf0a0bb029696534151382 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Cookie: scm=1; OAID=83bed50072c34d0cbad8fb2ae4248b2f; oaidts=1665953458
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:50:58 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 13 Oct 2022 05:14:04 GMT
expires: Thu, 12 Nov 2082 05:14:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.233200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vedbam.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:50:59 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 40cf469f24b5ba7a13e56f1e15f7b9bf
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 16 Oct 2022 20:50:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmUQgfHcHe5XjO5ASgfubw0igx8oK8UAyfWTPGkj0NGEc8jozZGtyu%2F3O95WaYgR0RGz6dJ3b9PKzxSnnXeNllTD9HPdSorIT84LKSGgT0nP%2Bog9dqojvsEJBcCwObLoXqc9icI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b3ab810f6f8889-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2