r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10798
Expires: Mon, 21 Nov 2022 07:28:59 GMT
Date: Mon, 21 Nov 2022 04:29:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2061bb5a62c7dbe5a39e49a98bf7d214
812ff4923fc0fa69fa7db7c362d5af728e297099
6f0c1ecd37ba47802a386c487e3c2eb1794a06e8b9f56e016326686e3d80ef92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6405
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:01 GMT
Last-Modified: Mon, 21 Nov 2022 02:42:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11286
Expires: Mon, 21 Nov 2022 07:37:07 GMT
Date: Mon, 21 Nov 2022 04:29:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 03:45:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2619
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /PARQdXH2QIf6SaznU00qNd653Uh+rP3OtgpxJ7f6Sam2iBDMMOUdKY6RRzT/va8D9bkiY9uQL4=
x-amz-request-id: MVR0QSK54FVCCZ1Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 03:38:59 GMT
age: 3002
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
hgamegallery.com/PID/V-1741/
162.144.3.79200 OK 19 kB URL HTTP/1.1 hgamegallery.com/PID/V-1741/
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 784a154212b03e758852184201aaad35
509c1b7e63f5f690da07fc0825137217bfba8d03
e204efb0eb3d0d660e7c1ee897e4bc486ecad900ca68ec80d7f416fff7bf1853
GET /PID/V-1741/ HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:28:59 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Link: <https://hgamegallery.com/wp-json/>; rel="https://api.w.org/", <https://hgamegallery.com/wp-json/wp/v2/posts/1741>; rel="alternate"; type="application/json", <https://hgamegallery.com/?p=1741>; rel=shortlink
Cache-Control: max-age=28800
Expires: Mon, 21 Nov 2022 12:29:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: MISS
Transfer-Encoding: chunked
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
vjs.zencdn.net/7.8.4/video-js.css?ver=7.8.4
151.101.86.217200 OK 11 kB URL HTTP/1.1 vjs.zencdn.net/7.8.4/video-js.css?ver=7.8.4
IP 151.101.86.217:0
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash 9f703c1d1b064f5e72d8dba3484e868f
008cc8c438c57c51cc20bb4cb3e6452a287aaa8f
a1a9f6ebf0e40976737eeb1b6c544d462e5e444fcc8f59ab044833e2737c05e0
GET /7.8.4/video-js.css?ver=7.8.4 HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 10738
Last-Modified: Wed, 08 Jul 2020 20:29:36 GMT
ETag: "397a94bb87dfd0a64ba4d3d502912e4a"
Cache-Control: public, max-age=31536000
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Date: Mon, 21 Nov 2022 04:29:01 GMT
X-Served-By: cache-bma1652-BMA
X-Cache: HIT
X-Cache-Hits: 20962
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
hgamegallery.com/wp-content/plugins/age-gate/dist/main.css?ver=3.0.9
162.144.3.79200 OK 3.6 kB URL HTTP/1.1 hgamegallery.com/wp-content/plugins/age-gate/dist/main.css?ver=3.0.9
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9988)
Hash 5ce4793c0da0a96e568e207632033ec3
735fd494a63284a5f2c273cd642f73ca8ada572f
824bed53272e6cf4e1f4fcb779d551f18db6711585c221e0679da61debb57805
GET /wp-content/plugins/age-gate/dist/main.css?ver=3.0.9 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:01 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 30 Sep 2022 08:08:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 3599
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 01be7790e5e647835cc2209d4eba5641
04555b27c98a8ad47adc9de1f09986def3636e29
bdd8ec99c27ea683eebf31877e35773a3f625aa1e4e38a3e758985c3f9a20346
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4960
Cache-Control: max-age=128919
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637a3fc5-117"
Expires: Tue, 22 Nov 2022 16:17:41 GMT
Last-Modified: Sun, 20 Nov 2022 14:55:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 147d4ad2dfe6cf5444f7f465be42a5ea
9944e92a12b337e6c15895a6267351f74914ff35
b7d5df956e60318e5d47da6b30dbd0c71058c4306368ccaeda99630c59d23459
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 25 Nov 2022 00:26:16 GMT
ETag: "9944e92a12b337e6c15895a6267351f74914ff35"
Last-Modified: Mon, 21 Nov 2022 00:26:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3151
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d6ae981deeb509-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vk.com/js/api/share.js?95
93.186.225.194200 OK 3.0 kB URL HTTP/2 vk.com/js/api/share.js?95
IP 93.186.225.194:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1077)
Hash 5152f3cb6fe0b11496ea2a8de5bcb963
71572fb3ea4b65b6d9a4d0989b62133b1b39133d
01e8e588dda5b6bfb716d56b7f051f325382b3e0998853757c8e41f66ec30f25
GET /js/api/share.js?95 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/x-javascript
content-length: 2974
last-modified: Thu, 07 Apr 2022 12:12:57 GMT
etag: "624ed549-b9e"
content-encoding: br
expires: Fri, 25 Nov 2022 04:29:02 GMT
cache-control: max-age=345600
x-frontend: front605110
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js
104.16.126.175200 OK 8.8 kB URL HTTP/2 unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js
IP 104.16.126.175:0
File type ASCII text, with very long lines (23113)
Hash bd13c4ab53ac93422b063ee936d6cc99
c444df8e2af0bcd4eaa546749eb2dfaa29990461
33a64c015c5c04d2dac8235144bf0712d3e5d473cad291ade3f546a721aaf96e
GET /@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://hgamegallery.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"5acc-q2POJTFsNAdkUTsA1IhV3IUmXP0"
via: 1.1 fly.io
fly-request-id: 01F3YGTF8JRQD6FT3WSZ9G9XWN
cf-cache-status: HIT
age: 18315710
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76d6ae983a75b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
hgamegallery.com/wp-content/plugins/buymeacoffee/public/css/buy-me-a-coffee-public.css?ver=3.1
162.144.3.79200 OK 107 B URL HTTP/1.1 hgamegallery.com/wp-content/plugins/buymeacoffee/public/css/buy-me-a-coffee-public.css?ver=3.1
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 11471a68e5c2509bd296d4b5eed57e5d
62179d32ba188385ba899e671ec386d4c44bc43c
770930873c62aece3cd46a3f1f1886a597951a50c2b586c4ef112f8ea01d7abe
GET /wp-content/plugins/buymeacoffee/public/css/buy-me-a-coffee-public.css?ver=3.1 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 11 Nov 2022 20:08:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 107
Content-Type: text/css
hgamegallery.com/wp-content/themes/ultimatube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
162.144.3.79200 OK 7.1 kB URL HTTP/1.1 hgamegallery.com/wp-content/themes/ultimatube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
GET /wp-content/themes/ultimatube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 01 Jul 2022 14:10:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 7114
Content-Type: text/css
hgamegallery.com/wp-content/plugins/buymeacoffee/public/js/buy-me-a-coffee-public.js?ver=3.1
162.144.3.79200 OK 481 B URL HTTP/1.1 hgamegallery.com/wp-content/plugins/buymeacoffee/public/js/buy-me-a-coffee-public.js?ver=3.1
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 57a0823c80afd7828ab66c6aa9b8e205
4e8135a544f65f19e5fedcd8a907e7951c1e450d
082381398fb54d430ed2b0ed980c0c665d280936c3a4b206fbeb9062b8c86b99
GET /wp-content/plugins/buymeacoffee/public/js/buy-me-a-coffee-public.js?ver=3.1 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 20:08:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 481
Content-Type: application/javascript
pl17445481.profitablecpmgate.com/bace4014c7f34a29f5bb45d0c209255e/invoke.js
173.233.137.36200 OK 9.3 kB URL HTTP/1.1 pl17445481.profitablecpmgate.com/bace4014c7f34a29f5bb45d0c209255e/invoke.js
IP 173.233.137.36:0
File type Unicode text, UTF-8 text, with very long lines (25072), with no line terminators
Hash 04b13b790f449819f1dd30d8f982ea68
70c20ad3d663bdc33da66d7e7cf27bdf7246047f
1fd2e332170419624684323bcf925c5daa0834e2d69c2d3c56b0b06c7cb15fc3
Analyzer Verdict Alert quad9 Sinkholed
GET /bace4014c7f34a29f5bb45d0c209255e/invoke.js HTTP/1.1
Host: pl17445481.profitablecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7c07499409978afd3146d2965d195a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl17445483.profitablecpmgate.com/bd38453025de0eb11821070501c78831/invoke.js
173.233.137.44200 OK 9.3 kB URL HTTP/1.1 pl17445483.profitablecpmgate.com/bd38453025de0eb11821070501c78831/invoke.js
IP 173.233.137.44:0
File type Unicode text, UTF-8 text, with very long lines (25076), with no line terminators
Hash cc4ea8873dc5441404c81aaa430b907e
6cb9f71264092ffe51fd0506947746d22fdaf889
4b013fa761499a281af11d10d9283e7875bcc1ff8c818f7cc116b3134741384a
Analyzer Verdict Alert quad9 Sinkholed
GET /bd38453025de0eb11821070501c78831/invoke.js HTTP/1.1
Host: pl17445483.profitablecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1aea4732eb23f6aa01cf1c92453d612
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hgamegallery.com/wp-content/plugins/age-gate/dist/autotab.js?ver=3.0.9
162.144.3.79200 OK 250 B URL HTTP/1.1 hgamegallery.com/wp-content/plugins/age-gate/dist/autotab.js?ver=3.0.9
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (399), with no line terminators
Hash 5c58f99e87b926331b7c51f6bfd1b405
69e199de18aabe5b75b1cf0f77ca6cb38dd85805
89b4f5053a201609ee06ebce7a85de2e7b0e5283cbd450a83e5e6927cbdd028f
GET /wp-content/plugins/age-gate/dist/autotab.js?ver=3.0.9 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 08:08:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 250
Content-Type: application/javascript
hgamegallery.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282
162.144.3.79409 Conflict 83 B URL HTTP/1.1 hgamegallery.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 409 Conflict
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
hgamegallery.com/wp-content/themes/ultimatube/assets/js/main.js?ver=1.2.3
162.144.3.79200 OK 13 kB URL HTTP/1.1 hgamegallery.com/wp-content/themes/ultimatube/assets/js/main.js?ver=1.2.3
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash da357b3b2734fad083c705b7f3097994
b8076d9110726bcc6053eb080bd811d34f0f50a2
9c26c1c6626f43f683f9c591b6f498d2ab0a5b16b26c8e928f2c17a3864e2a3e
GET /wp-content/themes/ultimatube/assets/js/main.js?ver=1.2.3 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 01 Jul 2022 14:10:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 13441
Content-Type: application/javascript
www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26955), with no line terminators
Hash 9a88271f94449f2c7ca3fce86de2c4b5
4418e30de95c1324757a2166db9d4ba11ab1b5bd
20461f734514780a182b7b19ceced9efc95d84ddf853e39e19a89391703d2b0e
Analyzer Verdict Alert quad9 Sinkholed
GET /46de34ba3992a32486c1b089a1e267de/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d63bdc8dec95ddc6ecb8707f4124d18
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hgamegallery.com/wp-content/themes/ultimatube/style.css?ver=1.2.3.1658762436
162.144.3.79200 OK 25 kB URL HTTP/1.1 hgamegallery.com/wp-content/themes/ultimatube/style.css?ver=1.2.3.1658762436
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text
Hash 7901c814fef27f6d334f1dfc34e7be0d
f60c65e6f342d1453e7df1eeb130952fdbc3eaf7
daa396c102a20ab52e2e742b5084a6088d831e4d29095a09fa7f35d36d61f02e
GET /wp-content/themes/ultimatube/style.css?ver=1.2.3.1658762436 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 01 Jul 2022 14:10:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
pl17445325.profitablecpmgate.com/a4053ddd11c2864345cfbcfc68e33003/invoke.js
192.243.59.12200 OK 9.3 kB URL HTTP/1.1 pl17445325.profitablecpmgate.com/a4053ddd11c2864345cfbcfc68e33003/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25076), with no line terminators
Hash 6aa9177608fc7d2855e6053368894be6
937f42baa4e53f7b7243c5cc8de2e96f18501499
cd879673bb8720caf0584ae8476f0f1f6e8294d2fe168e07b87363fba0ab16f4
Analyzer Verdict Alert quad9 Sinkholed
GET /a4053ddd11c2864345cfbcfc68e33003/invoke.js HTTP/1.1
Host: pl17445325.profitablecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f7b43a9ddb59736f8a88407f135ebe31
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hgamegallery.com/wp-content/themes/ultimatube/assets/js/skip-link-focus-fix.js?ver=1.0.0
162.144.3.79200 OK 416 B URL HTTP/1.1 hgamegallery.com/wp-content/themes/ultimatube/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e6f53264ebf762f651ef3c426aba7d7a
c94c31f4cdc7976febd8b722771d433fcd460d87
e5dab0bbdb24e72cded213dba7acb5e41a11e2a317279a046e402d1146512404
GET /wp-content/themes/ultimatube/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 01 Jul 2022 14:10:01 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 416
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 04:25:04 GMT
cache-control: public,max-age=3600
age: 238
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
hgamegallery.com/wp-content/plugins/age-gate/dist/all.js?ver=3.0.9
162.144.3.79200 OK 30 kB URL HTTP/1.1 hgamegallery.com/wp-content/plugins/age-gate/dist/all.js?ver=3.0.9
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65443)
Hash 6cb68cf2c39b371a247e257db394f032
54543ade09fc45bd97ba2db0adfc09d811d81b41
1c254ae3164e57727b40e3ebf6df54053185e6efc81101dddd6fcd52face24c9
GET /wp-content/plugins/age-gate/dist/all.js?ver=3.0.9 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 30 Sep 2022 08:08:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
pl17445379.profitablecpmgate.com/85/dd/e4/85dde4232c6b160541619f82fd5c2b8a.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 pl17445379.profitablecpmgate.com/85/dd/e4/85dde4232c6b160541619f82fd5c2b8a.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37116), with no line terminators
Hash cf7519ebb9cf2693992c971bc7f07d7d
b1b445730012bdd552f84af78034eb23b29a4b49
d515024d3969e55b6bbc81315dea62e9fa2f8e39e992c1e33bc92a5b7b6d4cdd
Analyzer Verdict Alert quad9 Sinkholed
GET /85/dd/e4/85dde4232c6b160541619f82fd5c2b8a.js HTTP/1.1
Host: pl17445379.profitablecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e165d0c05456c93dde07d88e4d55f7b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.imglnkd.com/3788/001313A_GHRD_18_ALL_EN_125_L.jpg
205.185.216.10200 OK 65 kB URL HTTP/1.1 www.imglnkd.com/3788/001313A_GHRD_18_ALL_EN_125_L.jpg
IP 205.185.216.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:09:06 15:58:31], baseline, precision 8, 728x90, components 3\012- data
Hash ad7263be6c414fa19d8126a810358776
c74952ba1c6112f363cd7bf2c0065e2cf8b09f9d
21c4abd3fb31f343b7ecca4ad2fd6334dadb985b0225a15165b22026d43fbf6b
GET /3788/001313A_GHRD_18_ALL_EN_125_L.jpg HTTP/1.1
Host: www.imglnkd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Connection: Keep-Alive
ETag: "1490629420"
Cache-Control: max-age=62758
Content-Length: 64740
Content-Type: image/jpeg
Last-Modified: Mon, 27 Mar 2017 15:43:40 GMT
Accept-Ranges: bytes
X-HW: 1669004942.dop066.sk1.t,1669004942.cds016.sk1.shn,1669004942.dop066.sk1.t,1669004942.cds208.sk1.c
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 1.5 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash eff37d787f1276786cb7e82a47098844
5b3a4e3a32d748c3e000014d022e3249660882a5
d71c5862df4a90b92bbd88f1870ca49b5e0c0161d605fe6f71f26c55583564ea
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 913a828f0f87e891c1e29334eddee0a7
eeb36887905d7e031b5b8a5f9bca30f25d61eddf
c033a53f811feb2884ea72d7d0a4ebfedd8530dbfd3fe71e1f86439d3f17a65f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124343
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637a2c18-1d7"
Expires: Tue, 22 Nov 2022 15:01:25 GMT
Last-Modified: Sun, 20 Nov 2022 13:31:04 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oyE6I5kNpEUgmZHtO4Mf6AjDwjrZcFz8m0FI7JYXlgcCH7gKrrxfzg==
Age: 5421
c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
192.0.77.37200 OK 356 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (685), with no line terminators
Hash 6c3ea4072da72cca4ac3039ef074fac9
04bf4a2e38c347253a10360aa5bcf566a8780a2f
ae438d85dd7b20820031ebaef13120843fcb0bd0287748426b205372b9c0390a
GET /p/jetpack/11.5.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 141d260d82f4c27c28bde3b30e110d7e
0f7fa7dc973b09bee1a639e26c79717a0d460e07
55027d3f09117176c72eeeda757bc7e0267076931ecfadbb591d3c2acd7ef440
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
set-cookie: uid_id2=1eb55ff4-f0d0-48b0-accc-9779f8d2636c:1:1; expires=Thu, 18 Nov 2032 04:29:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27138f8625c320bd1434ccd92263b641
6a8f18728c9f324c1c631ffc85901d84ec4d0e0c
02338368cfa2325e8463bd169cb0ad4df2967ca4260b75bc665cd0836e90e9f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4476
Cache-Control: max-age=107547
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "6379ee2d-1d7"
Expires: Tue, 22 Nov 2022 10:21:29 GMT
Last-Modified: Sun, 20 Nov 2022 09:06:53 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 9c07070fccb89a24618057f9d0431bf8
38e4fd4dd6b5434c3f3cf5385a15e33a7c1cc190
e154598f42a00274485176189725b7ffbd71ab6f8312582cd6e5cbb9274c455e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
set-cookie: uid_id2=f1f40382-2bad-4405-a6ce-7b5b8892ff62:2:1; expires=Thu, 18 Nov 2032 04:29:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.162.31200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.162.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: c8cd0cc0e9f9b1b2434c6e8f08489a62
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 21 Nov 2022 04:29:02 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8uw7v2GWHiuLhS4pp69e5o7ZywJ%2FSWTrdy1HtUqeyeer6Whf6UktNWzAruFhOQVZsekDz7SLemsfmbkLcIeCDIkAfn%2BPJSVmJo99mlDLyVjFq1ow15MpkO2bPKWq5I%2FDHC2Q3A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d6ae9ada328926-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 913a828f0f87e891c1e29334eddee0a7
eeb36887905d7e031b5b8a5f9bca30f25d61eddf
c033a53f811feb2884ea72d7d0a4ebfedd8530dbfd3fe71e1f86439d3f17a65f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124097
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637a2c18-1d7"
Expires: Tue, 22 Nov 2022 14:57:19 GMT
Last-Modified: Sun, 20 Nov 2022 13:31:04 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CmFYFiWqIxl98eNogO2gExt88MAwav6Fs1nBNlifgsolrubDnulZxg==
Age: 5175
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 913a828f0f87e891c1e29334eddee0a7
eeb36887905d7e031b5b8a5f9bca30f25d61eddf
c033a53f811feb2884ea72d7d0a4ebfedd8530dbfd3fe71e1f86439d3f17a65f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122051
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637a2c18-1d7"
Expires: Tue, 22 Nov 2022 14:23:13 GMT
Last-Modified: Sun, 20 Nov 2022 13:31:04 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eCkrIwr72tZuozwnObmhiOcYb2IpoZHS9Go8soVHSVr3vCz2EW4FFw==
Age: 3129
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hgamegallery.com/wp-content/plugins/age-gate/dist/age-gate.js?ver=3.0.9
162.144.3.79200 OK 35 kB URL HTTP/1.1 hgamegallery.com/wp-content/plugins/age-gate/dist/age-gate.js?ver=3.0.9
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65470)
Hash cb13983703693fe2a83d5f134c60457a
0fb56e9f55c09c0d9ff6cf77deff78cbc3128cf2
b8e4db290b4635a3c2ee2c9feef91812ca9bd9caefab4e1b4ff9782a5f73a3bc
GET /wp-content/plugins/age-gate/dist/age-gate.js?ver=3.0.9 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 08:08:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 11 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (2946)
Hash 50589bfddb8303913d3cd8860e413f8c
e66b76b31d2c685c90f23feb0a57bbde107e5571
731daf5681144f2e1b09a6656c6a932d72e7d30ae2ebaf21005e9779979a9390
GET /c/6.1.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
hgamegallery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.144.3.79200 OK 5.3 kB URL HTTP/1.1 hgamegallery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:02 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 16:26:24 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
Content-Length: 5321
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 380113
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 377694
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 63e9c091fdb6e39c6a4d1012711501d6
fb2cb3fdc161d8618f404e0a125cb9b24f836fca
5536cdaa6ce02596f106215c570598fe85d1ba68e920c7287478da2d9a7adda3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
set-cookie: uid_id2=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e:3:1; expires=Thu, 18 Nov 2032 04:29:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 2e0a305f5ceb02323fd43fa65a38ea4c
027d9192181a3c3f1dd003fcfab78a113aec6eec
372ed25db26060d5f724cefd8b30d68fbf91329374446817e7d5fa763a1fc4ef
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
set-cookie: uid_id2=01d74c2a-54ee-45f8-a503-fb9b87ec4c55:1:1; expires=Thu, 18 Nov 2032 04:29:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 2e0a305f5ceb02323fd43fa65a38ea4c
027d9192181a3c3f1dd003fcfab78a113aec6eec
372ed25db26060d5f724cefd8b30d68fbf91329374446817e7d5fa763a1fc4ef
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: uid_id2=01d74c2a-54ee-45f8-a503-fb9b87ec4c55:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7d3c2b4e376d61870d633061e922efc5
027c2c7b6c5237629b9dad9f0b171c3bf4682c4a
9aff4416a6e117ca8af8c684bbe664c35841ad1707e17eedb95e491bc7301490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1555
Cache-Control: max-age=171608
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637af3d3-117"
Expires: Wed, 23 Nov 2022 04:09:10 GMT
Last-Modified: Mon, 21 Nov 2022 03:43:15 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 279
www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 www.topdisplayformat.com/46de34ba3992a32486c1b089a1e267de/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26957), with no line terminators
Hash 0db772eac3d593b76f0b7b577f1446b1
dd9c4c575a1ebbd9d44c83ad68e4909f3ebf19fe
ed2b43d32274d9f017cc65249e1ae6eec2ebc69b38b53c2daba065dc9090ff9c
Analyzer Verdict Alert quad9 Sinkholed
GET /46de34ba3992a32486c1b089a1e267de/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 21 Nov 2022 04:29:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d11b2b49b3121d49ea0680629615aad3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pFekJ6H7f2wyJs9X0mixmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lauo6kp40nH5PcyGGak6IMceuVo=
vjs.zencdn.net/7.8.4/video.min.js?ver=7.8.4
151.101.86.217200 OK 77 kB URL HTTP/1.1 vjs.zencdn.net/7.8.4/video.min.js?ver=7.8.4
IP 151.101.86.217:0
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /7.8.4/video.min.js?ver=7.8.4 HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 139307
Last-Modified: Wed, 08 Jul 2020 20:29:39 GMT
ETag: "102cc1896541330762962b95fcb31f95"
Cache-Control: public, max-age=31536000
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Date: Mon, 21 Nov 2022 04:29:02 GMT
X-Served-By: cache-bma1652-BMA
X-Cache: HIT
X-Cache-Hits: 36
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7d3c2b4e376d61870d633061e922efc5
027c2c7b6c5237629b9dad9f0b171c3bf4682c4a
9aff4416a6e117ca8af8c684bbe664c35841ad1707e17eedb95e491bc7301490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1555
Cache-Control: max-age=171608
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:02 GMT
Etag: "637af3d3-117"
Expires: Wed, 23 Nov 2022 04:09:10 GMT
Last-Modified: Mon, 21 Nov 2022 03:43:15 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 6.3 kB IP 142.250.74.35:0
Hash 9e5b051f49cdaf6a17609d7214695d32
c1d7e4bbbe3c78ebea70336b80192c3c57f4717f
8be01fcb91dd3c6fef2713459cdeb4344c7c4550a4135b68e6907ed75751db8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 9972e93a2483e5c448bd9f8cde5ccade
4d9544441bf5d0922ebbceaddbf2a1824135e190
2db6671a4f9b05b25ce10acd3bc9c409436a9dc7abab72dfb8a83778a485087f
GET /recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 21 Nov 2022 04:29:03 GMT
date: Mon, 21 Nov 2022 04:29:03 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hgamegallery.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282
162.144.3.79409 Conflict 83 B URL HTTP/1.1 hgamegallery.com/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1668197282 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1
HTTP/1.1 409 Conflict
Date: Mon, 21 Nov 2022 04:29:03 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cdcd936a1ca3729e5415928204c25f17
2a0d0e6f94f8145a32f98b725bba52a9a6616f2b
e92ab786e674810e9a0faf3a8c98a99eddb356fa27861f965fd688e54b5bf8c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a7205a2b341262d488e6cf658cdeccec
b21c47c6d9298404f27a990e2607c5c389e1e997
cfdd47d3eb5ab2d6a4834b1130164262843de6e6c879f050e3681fe8f247519f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103453
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "6379efac-117"
Expires: Tue, 22 Nov 2022 09:13:16 GMT
Last-Modified: Sun, 20 Nov 2022 09:13:16 GMT
Server: nginx
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 34985760f5d78060e03c7553a007afc4
47b2ae17f38f7af08c4a156a76f948a43e6f35ee
202d5f8c20719cc3c80334bd41b98c64782036bb3499d37915b5e6f8592a7ad8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "202D5F8C20719CC3C80334BD41B98C64782036BB3499D37915B5E6F8592A7AD8"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19546
Expires: Mon, 21 Nov 2022 09:54:49 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 46e26782d3c03a35b91d0430cb065413
ca780dd423a8bb4bbe5fad00cd2b21b19099c044
2f7678678532a5fca292e6b9b033fb66307459f4da05a5fe4b5ce7df0d12da29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F7678678532A5FCA292E6B9B033FB66307459F4DA05A5FE4B5CE7DF0D12DA29"
Last-Modified: Fri, 18 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16363
Expires: Mon, 21 Nov 2022 09:01:46 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive
thumb.tapecontent.net/thumb/eLJpmLa02kiYqzW/W1W8almzMAHbdB1.jpg
104.21.235.147200 OK 145 kB URL HTTP/2 thumb.tapecontent.net/thumb/eLJpmLa02kiYqzW/W1W8almzMAHbdB1.jpg
IP 104.21.235.147:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1280x720, components 3\012- data
Size 145 kB (144777 bytes)
Hash 623ab15e01db0d990737dedf93f1537d
b8a51fca6b136645be76ce2fd306f0d95bef7006
085aad3ff71f3bf2d6176819ba92e9aaa27939c288a4382f85418d051d5cb600
GET /thumb/eLJpmLa02kiYqzW/W1W8almzMAHbdB1.jpg HTTP/1.1
Host: thumb.tapecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/jpeg
content-length: 144777
last-modified: Wed, 31 Aug 2022 02:39:31 GMT
etag: 811e4488475b
access-control-allow-origin: *
allow: OPTIONS, GET, HEAD, POST
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
content-disposition: inline; filename="W1W8almzMAHbdB1.jpg"
cache-control: public, max-age=259200
expires: Wed, 23 Nov 2022 19:08:24 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQVkmB2ImFtE2q8fGPi30lIozYB%2B4gc3sCmaRrh69KXBK48jinwOrIoHwqkm6kcg%2BdEb%2FANRsCe88JFVeEs32iXUe6iGbqMIJYosB2YMBjIzxitUtKixYUxb5UBxDPmqV5n5zIbHdjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d6ae9f4abde624-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e115dde2d6275a272d7acf52ef69ef0e
22f34279f7477442534ff3c41187d8c086a906bd
c372db26485826107bbc1ea883c4235dfbaf64bc4dafc488060ca8dd74f7a4cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C372DB26485826107BBC1EA883C4235DFBAF64BC4DAFC488060CA8DD74F7A4CD"
Last-Modified: Sat, 19 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2735
Expires: Mon, 21 Nov 2022 05:14:38 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6741610afac085b55e36e0958f9f491
8e267c40d8226aabdf384d5e56e375823969b619
0f60c46b390186a021eef0ff264430580886449250638db4b596bfa57ffe85ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F60C46B390186A021EEF0FF264430580886449250638DB4B596BFA57FFE85AC"
Last-Modified: Sat, 19 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11284
Expires: Mon, 21 Nov 2022 07:37:07 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 885ae044f36bbad8594173a79e30837e
2d6c5153e4a56714fd15a6063e1ec361401abece
f94e45d8442d9c2715a12e3f1d37b4ac3b0c040eba2db1be67a325793f4d9104
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F94E45D8442D9C2715A12E3F1D37B4AC3B0C040EBA2DB1BE67A325793F4D9104"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5336
Expires: Mon, 21 Nov 2022 05:57:59 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 34985760f5d78060e03c7553a007afc4
47b2ae17f38f7af08c4a156a76f948a43e6f35ee
202d5f8c20719cc3c80334bd41b98c64782036bb3499d37915b5e6f8592a7ad8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "202D5F8C20719CC3C80334BD41B98C64782036BB3499D37915B5E6F8592A7AD8"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19546
Expires: Mon, 21 Nov 2022 09:54:49 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive
pixel.wp.com/g.gif?v=ext&blog=208484685&post=1741&tz=8&srv=hgamegallery.com&j=1%3A11.5.1&host=hgamegallery.com&ref=&fcp=1311&rand=0.6296287029967894
192.0.76.3200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&blog=208484685&post=1741&tz=8&srv=hgamegallery.com&j=1%3A11.5.1&host=hgamegallery.com&ref=&fcp=1311&rand=0.6296287029967894
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=208484685&post=1741&tz=8&srv=hgamegallery.com&j=1%3A11.5.1&host=hgamegallery.com&ref=&fcp=1311&rand=0.6296287029967894 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a7205a2b341262d488e6cf658cdeccec
b21c47c6d9298404f27a990e2607c5c389e1e997
cfdd47d3eb5ab2d6a4834b1130164262843de6e6c879f050e3681fe8f247519f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=103453
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "6379efac-117"
Expires: Tue, 22 Nov 2022 09:13:16 GMT
Last-Modified: Sun, 20 Nov 2022 09:13:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Nov 2022 11:26:10 GMT
expires: Mon, 20 Nov 2023 11:26:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 61373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 19e00c4af824f5136ae6ba07a09da002
a609b6292cb58d2ebf876d463787c67cd2eafeb7
06a3263784cc0b826f415719172a61f29577765e1418e24b8de439766debd7ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06A3263784CC0B826F415719172A61F29577765E1418E24B8DE439766DEBD7BA"
Last-Modified: Sun, 20 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17716
Expires: Mon, 21 Nov 2022 09:24:19 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive
unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js?ver=1.2.4
104.16.126.175302 Found 116 B URL HTTP/2 unpkg.com/@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js?ver=1.2.4
IP 104.16.126.175:0
File type ASCII text, with no line terminators
Hash a3e76fbecf35f0eaab82e1aa69d50316
88c472a442e7d97f7bd0bb6ecbe335f48bb90e46
0b0a9dedccddcc9297dd1a8afe58db1f787ceac8518f37dc21659bb1f468139b
GET /@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js?ver=1.2.4 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@silvermine/videojs-quality-selector@1.2.4/dist/js/silvermine-videojs-quality-selector.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJC6AAKQWREGQEMYPC8GMD23-ams
cf-cache-status: HIT
age: 865
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76d6ae97fa66b52d-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e50f0f15cdae3d8e360d9da5394f105
7302a08d1c265f63352909a373f06f13d4be48c8
afccc8d123c9798025b4e2a3f76b7074844267071aba5b3bed189708aaf3ad58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFCCC8D123C9798025B4E2A3F76B7074844267071ABA5B3BED189708AAF3AD58"
Last-Modified: Sun, 20 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9721
Expires: Mon, 21 Nov 2022 07:11:04 GMT
Date: Mon, 21 Nov 2022 04:29:03 GMT
Connection: keep-alive
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Mon, 21 Nov 2022 04:29:03 GMT
access-control-allow-origin: *
etag: "63776891-11e33"
expires: Mon, 21 Nov 2022 05:29:03 GMT
last-modified: Fri, 18 Nov 2022 14:12:17 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1 HTTP/1.1
Host: grewquartersupporting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Location: https://grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=09dbda2b1888e11ec3acd7deef9c83c630d02230661e3fc575541dc01229729aa56b7d26963d1fff73e96e9408f2e9e41bb659ceec76fec6f306c74dc2fc357d1b4978572cc81420bc3fcf9f74bb52e831f739e4&pst=1669005003&rmtc=t
Set-Cookie: u_pl=17344896; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg5NiwiayI6IjNlMmRkMGNlYzc4MjY3OWUwMjMxM2I5MTk5MWM5MDllIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjozMiwicHQiOjQsInBrIjoiemtiajFqY3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2hnYW1lZ2FsbGVyeS5jb20vUElEL1YtMTc0MS8ifX0.w2p0C8cpBpA6HxtxDwA68eXtjCR_YaWvaNqeMLj45sA; expires=Mon, 21 Nov 2022 04:30:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25a818e9985e598dc71bc6b7687dc60d
Strict-Transport-Security: max-age=0; includeSubdomains
monkeysloveyou.com/get/1938828?zoneid=1938828&jp=_clprjquqou9uhnjdj170zd&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738879442201701
62.122.171.6200 OK 6.7 kB URL HTTP/2 monkeysloveyou.com/get/1938828?zoneid=1938828&jp=_clprjquqou9uhnjdj170zd&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738879442201701
IP 62.122.171.6:0
Hash ccb2babf5b954cc90d9795f335c3210a
5806c4a89f3b2d447df4e4eedd67850448d62be4
43d6085ccc800267cad765c05a877ef84c131ae7656f5c8ff990135fd3933b90
GET /get/1938828?zoneid=1938828&jp=_clprjquqou9uhnjdj170zd&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5738879442201701 HTTP/1.1
Host: monkeysloveyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221120232911346b8d710d43e991155a76ae; Path=/; Expires=Tue, 21 Nov 2023 04:29:03 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
192.0.77.37200 OK 16 kB URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 040d0a0b041a5b5b119249dd40945fed
1e856e08ea8fd0df9a33f3234e88db19d45ccba9
db7b456f1f5a4a13cfff42cca2289ff0a3e2b71c75c5ff4668bdd2a6077aa172
GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a4e1d9ca2b68db3f0e10ab4799788da6
73a95ba2679c9be6c644c36021ddd4bc73d041c3
6c5aafd609d922aced7669e32f0d4b118d2e496706fceab96a883f5eda15ebdf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: max-age=158394
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "637ab022-118"
Expires: Wed, 23 Nov 2022 00:28:57 GMT
Last-Modified: Sun, 20 Nov 2022 22:54:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Location: https://yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=ff6c41bf229fd4c403d96a829540e5fd0a88444acd5a92a7b5154babee445e2f7bd817f2a782357270403e3f8b27edda9cd9b8cacaa310e079cc1d28e6bbf2924114ad1ee5b1f1d3b2bcb5d308b5840384c2865907bfd2066e766be8ede976&pst=1669005003&rmtc=t
Set-Cookie: u_pl=17344874; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg3NCwiayI6IjQ2ZGUzNGJhMzk5MmEzMjQ4NmMxYjA4OWExZTI2N2RlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiamV0YTU2NTk3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZ2FtZWdhbGxlcnkuY29tL1BJRC9WLTE3NDEvIn19.7a8kjETbp3-F_04n6jTVFkHAsUTzSiCtoCttqL2KDrY; expires=Mon, 21 Nov 2022 04:30:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b1301a5eebffa80904c0cf90e7bb8e2
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a4e1d9ca2b68db3f0e10ab4799788da6
73a95ba2679c9be6c644c36021ddd4bc73d041c3
6c5aafd609d922aced7669e32f0d4b118d2e496706fceab96a883f5eda15ebdf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: max-age=158394
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "637ab022-118"
Expires: Wed, 23 Nov 2022 00:28:57 GMT
Last-Modified: Sun, 20 Nov 2022 22:54:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
cdn.pncloudfl.com/pn/4af/ed1/215/4afed1215aeed96c9610daad7049eebebe9842fb.png
104.22.59.221200 OK 38 kB URL HTTP/2 cdn.pncloudfl.com/pn/4af/ed1/215/4afed1215aeed96c9610daad7049eebebe9842fb.png
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2e9960266c19877a91bf385de87eeda2
0d30eff039716b21f202e0bf2be6b76e718593c5
d6ee65dd959bfe76abac552ca181e156184ef415f2489dce6d2076d039bf11f3
GET /pn/4af/ed1/215/4afed1215aeed96c9610daad7049eebebe9842fb.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/webp
content-length: 38000
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=61565
content-disposition: inline; filename="4afed1215aeed96c9610daad7049eebebe9842fb.webp"
etag: a1f1496bb7662ed1e374dba8af3ca723
expires: Tue, 22 Nov 2022 17:30:59 GMT
last-modified: Mon, 23 Mar 2020 14:58:42 GMT
vary: Accept
x-openstack-request-id: txd1405c57899541f0b0b39-0061b0cee0
x-proxy-cache: HIT
x-timestamp: 1584975521.32419
x-trans-id: txd1405c57899541f0b0b39-0061b0cee0
cf-cache-status: HIT
age: 39484
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 76d6aea20b22b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png
104.22.59.221200 OK 26 kB URL HTTP/2 cdn.pncloudfl.com/pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b6d761b7b5c023024688500314127cd4
f551b98cae17ec049b718c69cb2331d90a6f6744
83007760fba67e5f90582e905166ea09d3898fcadee33c1cbd648aa8570c9fd6
GET /pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/webp
content-length: 25916
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=43190
content-disposition: inline; filename="7e414af69a8398dbd277d2a568900209aadf8344.webp"
etag: f61b34793263f04710039a549ae72cbc
expires: Mon, 21 Nov 2022 19:02:17 GMT
last-modified: Mon, 23 Mar 2020 14:47:21 GMT
vary: Accept
x-openstack-request-id: tx4718e70e0011494f8a57f-0061b0ba7a
x-proxy-cache: HIT
x-timestamp: 1584974840.94302
x-trans-id: tx4718e70e0011494f8a57f-0061b0ba7a
cf-cache-status: HIT
age: 120406
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 76d6aea21b23b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png
104.22.59.221200 OK 43 kB URL HTTP/2 cdn.pncloudfl.com/pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3e1c3d6737455035df23e1dd8c628159
ff5c77c8792281620a4793b43f38f1fdcc6f1c0a
eacb5c75d830f937a643288a9bb5ef5076c072ab6a2c5c4b3a9280ac8b0e0689
GET /pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/webp
content-length: 42896
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=55940
content-disposition: inline; filename="56ba423bcacf05767ef7de043ed317f576e84ee2.webp"
etag: b1f706760c0795f113260650d8b23f19
expires: Tue, 22 Nov 2022 18:18:47 GMT
last-modified: Wed, 13 Oct 2021 17:28:50 GMT
vary: Accept
x-openstack-request-id: tx9efe245160574944a0d40-0061b07698
x-proxy-cache: HIT
x-timestamp: 1634146129.98710
x-trans-id: tx9efe245160574944a0d40-0061b07698
cf-cache-status: HIT
age: 36616
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 76d6aea21b25b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f1608290f2255634612a9a27a2cd643b
b9bc815e09590dbaa4a5891d714577918becc60d
739bb8946d6540368e37d6a21763b3829095fe5c489997eae48fa32a5c39c1bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2255
Cache-Control: max-age=141320
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "637a7ac8-1d7"
Expires: Tue, 22 Nov 2022 19:44:23 GMT
Last-Modified: Sun, 20 Nov 2022 19:06:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
cdn.pncloudfl.com/pn/8f0/45b/18b/8f045b18b55fe7fdc72b2691500def4d530750c0.png
104.22.59.221200 OK 6.7 kB URL HTTP/2 cdn.pncloudfl.com/pn/8f0/45b/18b/8f045b18b55fe7fdc72b2691500def4d530750c0.png
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 44224161f8962dfd9e99c65d15b86eea
92f0c3793f8ffd9a62befd195cf65bdda8fa668e
4bd5f390d44341a25237611bc0334b56fb5c98953c326b58a1b01206db401f8d
GET /pn/8f0/45b/18b/8f045b18b55fe7fdc72b2691500def4d530750c0.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/webp
content-length: 6656
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=15458
content-disposition: inline; filename="8f045b18b55fe7fdc72b2691500def4d530750c0.webp"
etag: 755c4a2f0f57828e7c65bce93b3563dd
expires: Tue, 22 Nov 2022 17:13:41 GMT
last-modified: Wed, 06 Jul 2022 13:51:54 GMT
vary: Accept
x-openstack-request-id: tx4cbc7429e3f94537807f4-0062c5937b
x-proxy-cache: HIT
x-timestamp: 1657115513.82081
x-trans-id: tx4cbc7429e3f94537807f4-0062c5937b
cf-cache-status: HIT
age: 40522
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 76d6aea22b29b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
concernederase.com/ntv.json?key=bd38453025de0eb11821070501c78831&vstc=4
173.233.139.164200 OK 18 kB URL HTTP/1.1 concernederase.com/ntv.json?key=bd38453025de0eb11821070501c78831&vstc=4
IP 173.233.139.164:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (17883), with no line terminators
Hash 8f4a03635aea08bc958eba5249f3b0de
29919f1e7d4be4d866e9042391dd97965e8c626e
93b30fe9262109043fd3ff4931da4971a47d70efe5f28a861ae413fd10b76976
GET /ntv.json?key=bd38453025de0eb11821070501c78831&vstc=4 HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: application/json
Content-Length: 17920
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17344984; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
nlecbd38453025de0eb11821070501c78831=[3790237,3790236,3790235,3637745]; expires=Mon, 21 Nov 2022 04:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c309ff3463a590af86d91c2b810eea8
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a4e1d9ca2b68db3f0e10ab4799788da6
73a95ba2679c9be6c644c36021ddd4bc73d041c3
6c5aafd609d922aced7669e32f0d4b118d2e496706fceab96a883f5eda15ebdf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5671
Cache-Control: max-age=158394
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:03 GMT
Etag: "637ab022-118"
Expires: Wed, 23 Nov 2022 00:28:57 GMT
Last-Modified: Sun, 20 Nov 2022 22:54:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
concernederase.com/ntv.json?key=a4053ddd11c2864345cfbcfc68e33003&vstc=4
173.233.139.164200 OK 18 kB URL HTTP/1.1 concernederase.com/ntv.json?key=a4053ddd11c2864345cfbcfc68e33003&vstc=4
IP 173.233.139.164:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (17885), with no line terminators
Hash b53330d092ba76d14b6c6c0203c8ca90
929799d835a03b59b621f8d28c00ab0c88014c42
fb05e775b4623e51b176e70cd28bf18597af479e0e227abea66c92b78a6f6d25
GET /ntv.json?key=a4053ddd11c2864345cfbcfc68e33003&vstc=4 HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: application/json
Content-Length: 17922
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17344826; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
nleca4053ddd11c2864345cfbcfc68e33003=[3790236,3790237,3790235,3637745]; expires=Mon, 21 Nov 2022 04:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae70ecae1e0926314c65f107cfd2be4f
Strict-Transport-Security: max-age=0; includeSubdomains
hgamegallery.com/PID/V-1741/?relatedposts=1
162.144.3.79200 OK 551 B URL HTTP/1.1 hgamegallery.com/PID/V-1741/?relatedposts=1
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (1381), with no line terminators
Hash b8bda41e6aee152fec9b3d4afc208585
9e6fbcb6a055bab4f95aa8d2df5b6378aa57d555
9e26114d0f2848c1dff9cdf439f267cb74515bd658b2dcaa74d4b6ddbf2d3ff4
GET /PID/V-1741/?relatedposts=1 HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
x-requested-with: XMLHttpRequest
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1; sb_main_85dde4232c6b160541619f82fd5c2b8a=1; sb_count_85dde4232c6b160541619f82fd5c2b8a=1; visited=1
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:01 GMT
Server: nginx/1.21.6
Content-Type: application/json; charset=utf-8
Content-Length: 551
X-Content-Type-Options: nosniff
Cache-Control: max-age=604800
Expires: Mon, 28 Nov 2022 04:29:03 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
X-Server-Cache: false
relativelyweptcurls.com/watch.597856604557.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e%3A3%3A1&shu=4e1a917003d52471cd39bebd30dd5fba9ed1b5337daa6b094626359e5305c6434f92e0c3f8c2ca38abdf8ced3c760c7b33eb6cd505fd9664099e831f0eb7e4c2978dda559d5f0480f963128a5ffd64091eb81221a7554aec4f26d3016225b4&pst=1669005003&rmtc=t
173.233.137.36200 OK 637 B URL HTTP/1.1 relativelyweptcurls.com/watch.597856604557.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e%3A3%3A1&shu=4e1a917003d52471cd39bebd30dd5fba9ed1b5337daa6b094626359e5305c6434f92e0c3f8c2ca38abdf8ced3c760c7b33eb6cd505fd9664099e831f0eb7e4c2978dda559d5f0480f963128a5ffd64091eb81221a7554aec4f26d3016225b4&pst=1669005003&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (593)
Hash 5eec97d123ad739b9b39b2f78d32926b
3b884f5a3e64c8f7a5fc71a8c5cc0a1a5f725cce
d4479a55187e880aa428f5f8c3398d22bd300d65f283e1740e0b56440b7dee66
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.597856604557.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e%3A3%3A1&shu=4e1a917003d52471cd39bebd30dd5fba9ed1b5337daa6b094626359e5305c6434f92e0c3f8c2ca38abdf8ced3c760c7b33eb6cd505fd9664099e831f0eb7e4c2978dda559d5f0480f963128a5ffd64091eb81221a7554aec4f26d3016225b4&pst=1669005003&rmtc=t HTTP/1.1
Host: relativelyweptcurls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Referer: http://hgamegallery.com/
Connection: keep-alive
Cookie: u_pl=17344874; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg3NCwiayI6IjQ2ZGUzNGJhMzk5MmEzMjQ4NmMxYjA4OWExZTI2N2RlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiamV0YTU2NTk3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZ2FtZWdhbGxlcnkuY29tL1BJRC9WLTE3NDEvIn19.7a8kjETbp3-F_04n6jTVFkHAsUTzSiCtoCttqL2KDrY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=dbc946e1-3f00-4171-a1d8-f4ccd2ab487e:3:1; expires=Mon, 28 Nov 2022 04:29:03 GMT; secure; SameSite=None
iprc9f9c19787232cbb4006865b71c6e06a4=2116935; expires=Tue, 22 Nov 2022 06:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 93e4866f855296e1ae0a3f1c54cdcbe6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
morbidlocally.com/ntv.json?key=bace4014c7f34a29f5bb45d0c209255e&vstc=4
192.243.61.225200 OK 18 kB URL HTTP/1.1 morbidlocally.com/ntv.json?key=bace4014c7f34a29f5bb45d0c209255e&vstc=4
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (17943), with no line terminators
Hash 9f6a1f49257b1732295cf0b5945a1c17
d1fbe9e9e1049ab5d6cf10b438df3c9470205239
219791d185b101f50eb0c0168b4369a03870f58b830c24927efae1a0e34ece69
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=bace4014c7f34a29f5bb45d0c209255e&vstc=4 HTTP/1.1
Host: morbidlocally.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: application/json
Content-Length: 17980
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17344982; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
nlecbace4014c7f34a29f5bb45d0c209255e=[3790235,3790236,3790237,3637745]; expires=Mon, 21 Nov 2022 04:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 872e5f23dcee1b79e2229f8928fb44aa
Strict-Transport-Security: max-age=0; includeSubdomains
grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=09dbda2b1888e11ec3acd7deef9c83c630d02230661e3fc575541dc01229729aa56b7d26963d1fff73e96e9408f2e9e41bb659ceec76fec6f306c74dc2fc357d1b4978572cc81420bc3fcf9f74bb52e831f739e4&pst=1669005003&rmtc=t
192.243.59.13200 OK 2.4 kB URL HTTP/1.1 grewquartersupporting.com/watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=09dbda2b1888e11ec3acd7deef9c83c630d02230661e3fc575541dc01229729aa56b7d26963d1fff73e96e9408f2e9e41bb659ceec76fec6f306c74dc2fc357d1b4978572cc81420bc3fcf9f74bb52e831f739e4&pst=1669005003&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (3105)
Hash da81a34e605b6acfeaf5b0d7ef484b3b
e8d931461ef47de4407c1e0d6aa6cee59f601cbf
41e5660ad42e1780fcfda1759ca75e74b34148f066826d017e2fd0bef35bd204
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.756290898585.js?key=3e2dd0cec782679e02313b91991c909e&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=09dbda2b1888e11ec3acd7deef9c83c630d02230661e3fc575541dc01229729aa56b7d26963d1fff73e96e9408f2e9e41bb659ceec76fec6f306c74dc2fc357d1b4978572cc81420bc3fcf9f74bb52e831f739e4&pst=1669005003&rmtc=t HTTP/1.1
Host: grewquartersupporting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Referer: http://hgamegallery.com/
Connection: keep-alive
Cookie: u_pl=17344896; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg5NiwiayI6IjNlMmRkMGNlYzc4MjY3OWUwMjMxM2I5MTk5MWM5MDllIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjozMiwicHQiOjQsInBrIjoiemtiajFqY3QiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2hnYW1lZ2FsbGVyeS5jb20vUElEL1YtMTc0MS8ifX0.w2p0C8cpBpA6HxtxDwA68eXtjCR_YaWvaNqeMLj45sA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=01d74c2a-54ee-45f8-a503-fb9b87ec4c55:1:1; expires=Mon, 28 Nov 2022 04:29:03 GMT; secure; SameSite=None
iprc6599ea326070ff9a6e0b47f13d52a0e6=3569682; expires=Mon, 21 Nov 2022 08:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81ee2afc98bab12171a55caa55535597
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
bmc-cdn.nyc3.digitaloceanspaces.com/Fonts/65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff
162.243.189.2200 OK 22 kB URL HTTP/2 bmc-cdn.nyc3.digitaloceanspaces.com/Fonts/65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff
IP 162.243.189.2:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format, TrueType, length 22051, version 1.0\012- data
Hash edc05a13a301b3a6e023292eb0762d1c
df8a2b7200cb4b9eb5f73c7fd2ff67d92ff5d833
ab4883df74435cbd0eb4d9ddfa492e7cc2a4be7ceff47fcefe82199aed9c4ed0
GET /Fonts/65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff HTTP/1.1
Host: bmc-cdn.nyc3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-request-id: tx000000000000008e3c23a-00637afe64-21d287ee-nyc3a
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
date: Mon, 21 Nov 2022 04:28:21 GMT
content-length: 22051
last-modified: Wed, 02 May 2018 07:26:09 GMT
x-rgw-object-type: Normal
etag: "edc05a13a301b3a6e023292eb0762d1c"
cache-control: max-age=60000
content-type: application/font-woff
age: 41
accept-ranges: bytes
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2
bg4nxu2u5t.com/solid.gif?z=1876944&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 bg4nxu2u5t.com/solid.gif?z=1876944&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1876944&abvar=0 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=ff6c41bf229fd4c403d96a829540e5fd0a88444acd5a92a7b5154babee445e2f7bd817f2a782357270403e3f8b27edda9cd9b8cacaa310e079cc1d28e6bbf2924114ad1ee5b1f1d3b2bcb5d308b5840384c2865907bfd2066e766be8ede976&pst=1669005003&rmtc=t
173.233.137.36200 OK 637 B URL HTTP/1.1 yearbookhobblespinal.com/watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=ff6c41bf229fd4c403d96a829540e5fd0a88444acd5a92a7b5154babee445e2f7bd817f2a782357270403e3f8b27edda9cd9b8cacaa310e079cc1d28e6bbf2924114ad1ee5b1f1d3b2bcb5d308b5840384c2865907bfd2066e766be8ede976&pst=1669005003&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (593)
Hash 5eec97d123ad739b9b39b2f78d32926b
3b884f5a3e64c8f7a5fc71a8c5cc0a1a5f725cce
d4479a55187e880aa428f5f8c3398d22bd300d65f283e1740e0b56440b7dee66
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.143974537431.js?key=46de34ba3992a32486c1b089a1e267de&kw=%5B%220566%22%2C%22-%22%2C%22%E3%80%90r18-mmd%E3%80%91genshin%22%2C%22impact%22%2C%22%E5%8E%9F%E7%A5%9E%22%2C%22nahida%22%2C%22%E8%8D%89%E7%A5%9E%22%2C%22-%22%2C%22hgamegallery%22%2C%22com%22%5D&refer=http%3A%2F%2Fhgamegallery.com%2FPID%2FV-1741%2F&tz=0&dev=e&res=12.1053&uuid=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1&shu=ff6c41bf229fd4c403d96a829540e5fd0a88444acd5a92a7b5154babee445e2f7bd817f2a782357270403e3f8b27edda9cd9b8cacaa310e079cc1d28e6bbf2924114ad1ee5b1f1d3b2bcb5d308b5840384c2865907bfd2066e766be8ede976&pst=1669005003&rmtc=t HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Referer: http://hgamegallery.com/
Connection: keep-alive
Cookie: u_pl=17344874; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM0NDg3NCwiayI6IjQ2ZGUzNGJhMzk5MmEzMjQ4NmMxYjA4OWExZTI2N2RlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODg2MTU3LCJwaWQiOjQ4NDIyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiamV0YTU2NTk3IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZ2FtZWdhbGxlcnkuY29tL1BJRC9WLTE3NDEvIn19.7a8kjETbp3-F_04n6jTVFkHAsUTzSiCtoCttqL2KDrY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=01d74c2a-54ee-45f8-a503-fb9b87ec4c55:1:1; expires=Mon, 28 Nov 2022 04:29:03 GMT; secure; SameSite=None
iprc9f9c19787232cbb4006865b71c6e06a4=2116935; expires=Tue, 22 Nov 2022 06:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5a92e16476373ce66247d651df9a58c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
revoketypes.com/sbar.json?key=85dde4232c6b160541619f82fd5c2b8a&uuid=f1f40382-2bad-4405-a6ce-7b5b8892ff62%3A2%3A1
173.233.137.44200 OK 4.2 kB URL HTTP/1.1 revoketypes.com/sbar.json?key=85dde4232c6b160541619f82fd5c2b8a&uuid=f1f40382-2bad-4405-a6ce-7b5b8892ff62%3A2%3A1
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (5882), with no line terminators
Hash 1ca4a8f4675f9415c26be8293df890f1
142a701bf55110b2d0910b5377364985a9309b30
366c0473b5917baa27e7b6aa45bddc28e343937b91a0b605fd54e190149bc5e9
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=85dde4232c6b160541619f82fd5c2b8a&uuid=f1f40382-2bad-4405-a6ce-7b5b8892ff62%3A2%3A1 HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:03 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://hgamegallery.com
Access-Control-Allow-Origin: http://hgamegallery.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17344880; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uid_id2=f1f40382-2bad-4405-a6ce-7b5b8892ff62:2:1; expires=Mon, 28 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 22 Nov 2022 04:29:03 GMT; secure; SameSite=None
slec85dde4232c6b160541619f82fd5c2b8a=[3760946]; expires=Mon, 21 Nov 2022 04:29:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aec3f2250243a48a336d58dbfb99401f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=1.2.3
142.250.74.10200 OK 503 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=1.2.3
IP 142.250.74.10:0
Hash d1c6dd76311f2e7c2b2f47f1a0afd89e
56132a39430ca0138c39cc353cf855f63806de42
dc6a7b93deabdc767e2c50376bf0954b378a757637ebf1a8a38d2e06022afa29
GET /css?family=Roboto%3A400%2C700&ver=1.2.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 21 Nov 2022 04:29:02 GMT
date: Mon, 21 Nov 2022 04:29:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash dfa0d5b4f90848e05433347edb1d4a9a
1de9fe575c0ea9f14ab4d78796e73f1a8f2b6c81
21c56fbc931c4312d543b5cedcf7fde6e115995768e22ecd5cdfac9622589a91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3908
Cache-Control: max-age=157046
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637ab1c2-116"
Expires: Wed, 23 Nov 2022 00:06:30 GMT
Last-Modified: Sun, 20 Nov 2022 23:01:22 GMT
Server: ECS (amb/6B82)
X-Cache: HIT
Content-Length: 278
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 143826
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.gravatar.com/avatar/4c68ceb6e7b1466b28f7d5d3d90154b9?s=32&d=wavatar&r=g
192.0.73.2200 OK 1.7 kB URL HTTP/1.1 1.gravatar.com/avatar/4c68ceb6e7b1466b28f7d5d3d90154b9?s=32&d=wavatar&r=g
IP 192.0.73.2:0
File type PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash f526aae2182bef16bc67ae14786e9444
cb72d85c865ce6468149e5975d2c23fbcb6a2e47
ea1c95af834c17d92e685737acf9d0f7241e6846fd16815c77f720876eaa9b15
GET /avatar/4c68ceb6e7b1466b28f7d5d3d90154b9?s=32&d=wavatar&r=g HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 04:29:04 GMT
Content-Type: image/png
Content-Length: 1684
Connection: keep-alive
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Link: <https://www.gravatar.com/avatar/4c68ceb6e7b1466b28f7d5d3d90154b9?s=32&d=wavatar&r=g>; rel="canonical"
Access-Control-Allow-Origin: *
Expires: Mon, 21 Nov 2022 04:34:04 GMT
Cache-Control: max-age=300
X-nc: HIT arn 1
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:46:16 GMT
expires: Fri, 17 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 283368
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13224
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131cae0245e456c2497833b48cc1be0e
01b7bf2cfcdac73911dbd0a570d262978a43daf1
539cc2fdefb049df026b18d450c56d85b7821b8723ea0070efa460096669576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308504cf-ed6b-4fb8-bc67-4165549bba4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7996
x-amzn-requestid: af3a6545-f0ad-40de-b1f6-56b9607242f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1BvREKZoAMFzDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63784994-2659c8ec5fc04c510ea0e643;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 03:12:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: UU9m-kzHM4oKCHNiK2q4NWftsCueXeiBpJkk0cDv3et4v3MpF6eCtQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 13:08:40 GMT
age: 55224
etag: "01b7bf2cfcdac73911dbd0a570d262978a43daf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F094c0060-bf98-4333-9e68-8d59aeaad47d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F094c0060-bf98-4333-9e68-8d59aeaad47d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ae8d4ec7c5c9342187a53f31ff047f0
edc867e01f7ab5f74e354cecbef80f33c351ee50
2e8e395279eaf6484a64377950ef8a78ce91c386e5041781e4e1cf90aa1d9a29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F094c0060-bf98-4333-9e68-8d59aeaad47d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8845
x-amzn-requestid: 00b60fd9-9a63-43f5-b609-bbfffba697ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b63BeGujIAMFiDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9ed6-097273382ac910de3f5866fc;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QexqsQytBUFtg99sZUHFQQu3r4d1HPDM8IseDPtbe4Jupg0u6_yr_g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:45:41 GMT
age: 24203
etag: "edc867e01f7ab5f74e354cecbef80f33c351ee50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456dceb5-a83f-4f88-a0fd-f91e73828913.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456dceb5-a83f-4f88-a0fd-f91e73828913.jpeg
IP 34.120.237.76:0
Hash 384c94b8f40a4b798ee0c6ee54e24142
a3724a139f8b49b977ee60a4fd27e33aa045c816
de35a0b5cd8dc9ef37c51a16124d9363ac0152cd672c0cfa7095c0fee5c33827
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F456dceb5-a83f-4f88-a0fd-f91e73828913.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8147
x-amzn-requestid: 29cd738b-e3db-4941-b2f3-e561be4ec4a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqqIKE5LIAMFqIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637423cd-5b33bc833556948658451d80;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 23:42:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4lRsQHZydDSiZ_G042RgL2nzOBZl_9cA1nFzacfMGjxUnLkbRYCmaQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 05:35:20 GMT
age: 82424
etag: "45230c58ca0e76ac900dd554fa2edf562e531657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc808a76a-e93b-4c6e-9163-b69ab5e7076e.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc808a76a-e93b-4c6e-9163-b69ab5e7076e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 994eefbfbd0e842814d889c8d279d375
34bc1857b5e78b3a059f9a1b3eed33bd8d3fe920
c5c510dcf074dbb2d180f3d3e5013aef84016a095c154ee091b88d68cf528e42
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc808a76a-e93b-4c6e-9163-b69ab5e7076e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7013
x-amzn-requestid: 2ca74e56-be57-4f3d-85d0-f937bc3ace9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: buJZcHKnIAMF6Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63758909-6d753cac1d6d55255aecb08a;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 01:06:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: u6cuVA2ZBv1RuSv2A2x5jM9mrsKoJ9o4M8tCuhi_yp4rR09AAV0jsA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:55:55 GMT
age: 23589
etag: "34bc1857b5e78b3a059f9a1b3eed33bd8d3fe920"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3772d125a1545839b0b7c9a93772789d
d6e231549bee7d58704829c2ecb35ae1d8bfd342
b87e135b56409c18c7a4ed999730e0e8b651205896e7966502fe7a63a52da881
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4898
Cache-Control: max-age=171666
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637ae700-1d7"
Expires: Wed, 23 Nov 2022 04:10:10 GMT
Last-Modified: Mon, 21 Nov 2022 02:48:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d0200f7-6c58-4279-9894-e77af33a20b9.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d0200f7-6c58-4279-9894-e77af33a20b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90c4a11a433a7e6f63d5a7e4a002670c
3dd59232288f753e2497e7a4aa941170bf749c19
fd8269b78bdcdf90605b584ee03e16b0fbd9c63671e0bc114e231f6aaa50f5b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d0200f7-6c58-4279-9894-e77af33a20b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7776
x-amzn-requestid: bb008677-aa5c-4097-8c01-fe1ee60f8e55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bXWfeE9LoAMFRcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c6ac9-3ecac1081f7f8b2c54bb3d76;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 03:06:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AClt1dfxNEnWC_rf8wD5FRFperdQApthZGSC-NUQejIYtEKwwE3S7A==
via: 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 18:14:58 GMT
age: 36846
etag: "3dd59232288f753e2497e7a4aa941170bf749c19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: nirP6BxhN9QUwG2Z_RdA5pCRm36dQKCJMPZMIBRCjt39dQueZh094g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 09:31:47 GMT
age: 68237
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.facebook.net/fr_FR/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/fr_FR/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash 5bcaf3a3e8ecfc53fe6a4fdfe5253d4b
1d93bb3845a2a54207354d79f8ea669475b7c16d
cf1f6b89cb27bfabc61a6169116bd3d599133c04408322d1710f6f9a513a583e
GET /fr_FR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4cc9727c3e33a1c4780808cdd0ea6065
etag: "6002cbf0a5fcff21a64b05af7e305c44"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 21 Nov 2022 04:39:42 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: W8rzo+js/FP+ak/f5SU9Sw==
x-fb-debug: uFTRZySEnYC0MMtoBqP692aM8mnrbYuS7qqcsz1xJENn9cWh89subpnBFPq5L6rjzSvqlQdD7ed4p35Lta8hlA==
content-length: 1682
x-fb-trip-id: 1679558926
date: Mon, 21 Nov 2022 04:29:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3772d125a1545839b0b7c9a93772789d
d6e231549bee7d58704829c2ecb35ae1d8bfd342
b87e135b56409c18c7a4ed999730e0e8b651205896e7966502fe7a63a52da881
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4898
Cache-Control: max-age=171666
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637ae700-1d7"
Expires: Wed, 23 Nov 2022 04:10:10 GMT
Last-Modified: Mon, 21 Nov 2022 02:48:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
bg4nxu2u5t.com/aas/r45d/vki/1876944/105dadc5.js
62.122.171.6200 OK 27 kB URL HTTP/2 bg4nxu2u5t.com/aas/r45d/vki/1876944/105dadc5.js
IP 62.122.171.6:0
Hash 7ac3ab63f3b216a9626b99cabeb54851
f6cb5089f55721225a06ab10cdf73ffc70a0ee00
31cee94ead8bb6926cc62f1fed621c620b7e16a3f5590d3923c92f160364f1a8
Analyzer Verdict Alert quad9 Sinkholed
GET /aas/r45d/vki/1876944/105dadc5.js HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-10f52"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
hgamegallery.com/favicon.ico
162.144.3.79200 OK 2.8 kB URL HTTP/1.1 hgamegallery.com/favicon.ico
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 2 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 8 bits/pixel, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 8 bits/pixel\012- data
Hash dabe9ce5581670f84e89a789a78d09b8
1662f23ff5553364505a29cac571102cf370fc85
04ec9ba779be752a6480758574feae350370480887bc7fe52fd968519cf27208
GET /favicon.ico HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/PID/V-1741/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=01d74c2a-54ee-45f8-a503-fb9b87ec4c55%3A1%3A1; sb_main_85dde4232c6b160541619f82fd5c2b8a=1; sb_count_85dde4232c6b160541619f82fd5c2b8a=1; visited=1
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:01 GMT
Server: nginx/1.21.6
Content-Type: image/x-icon
Content-Length: 2780
Last-Modified: Thu, 23 Jun 2022 23:28:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 21 Nov 2023 04:29:04 GMT
X-Endurance-Cache-Level: 3
X-nginx-cache: WordPress
X-Server-Cache: false
hgamegallery.com/wp-admin/admin-ajax.php
162.144.3.79200 OK 35 B URL HTTP/2 hgamegallery.com/wp-admin/admin-ajax.php
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with no line terminators
Hash 2117539abba5cd84cd4349ec7b6694c0
65e59fe22e26ef52ac8206090d89bb6430f70576
0ebb03d7b604e1da8275d143f1b40765b1fbe4d6091b8e16da3665be1bfe08cc
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 47
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 3
x-nginx-cache: WordPress
content-length: 35
content-type: application/json; charset=UTF-8
date: Mon, 21 Nov 2022 04:29:04 GMT
server: Apache
X-Firefox-Spdy: h2
connect.facebook.net/fr_FR/sdk.js?hash=be4d7b9aeee2afcdfac20d17b3da4ae4
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/fr_FR/sdk.js?hash=be4d7b9aeee2afcdfac20d17b3da4ae4
IP 157.240.200.14:0
Hash 44cee203da40f847e9747cdad7aa7a62
7c3e34b05c72d3d51306e632a9e03ed0f1d93ea2
9f109fa5178b2008f4de52957caf71f16c67c3b04c7a319c6ca281a42fc73116
GET /fr_FR/sdk.js?hash=be4d7b9aeee2afcdfac20d17b3da4ae4 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ee79d7b66c07584bdc7d4129269b3e6a
etag: "481f09418282385982cd353af67fa85c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Nov 2023 03:52:37 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: g5XrAkr087nlslABg0J3ZA==
x-fb-debug: ZXdplePPqlt6tkG1SC3enpJ1TVSxIf7gFsoDIy7PmNrctld3hzeRvORnGKsioR2gRVOFiw7oEOIUUQm0pzd2nQ==
priority: u=3,i
content-length: 88420
x-fb-trip-id: 1679558926
date: Mon, 21 Nov 2022 04:29:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 21 Nov 2022 04:29:04 GMT
access-control-allow-origin: *
etag: "63776891-2b"
expires: Mon, 21 Nov 2022 05:29:04 GMT
accept-ranges: bytes
last-modified: Fri, 18 Nov 2022 14:12:17 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash dfa0d5b4f90848e05433347edb1d4a9a
1de9fe575c0ea9f14ab4d78796e73f1a8f2b6c81
21c56fbc931c4312d543b5cedcf7fde6e115995768e22ecd5cdfac9622589a91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3908
Cache-Control: max-age=157046
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637ab1c2-116"
Expires: Wed, 23 Nov 2022 00:06:30 GMT
Last-Modified: Sun, 20 Nov 2022 23:01:22 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=221120232966544f2375e243d88469a25ad9; Path=/; Expires=Tue, 21 Nov 2023 04:29:04 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
monkeysloveyou.com/i/npage/1938828/code.js
62.122.171.6200 OK 61 kB URL HTTP/2 monkeysloveyou.com/i/npage/1938828/code.js
IP 62.122.171.6:0
Hash 5652c9f56da1e43a30b914155f063033
6934c2c9b194c82756a16f8716b91044a82c310f
61d373827930aa8931d48609a11f17b8abe8889b26598625e9a5026a4f9a832a
GET /i/npage/1938828/code.js HTTP/1.1
Host: monkeysloveyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-3416a"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1876944/?pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=9MsMPS0zcvw786S7aZiQJuEowVviHbF5zuhYG9__9LiMx911FyUsy_6bkUeLHdSl78Q9sD7UNYv7vfphHyqeTXxNfXRLrAqhFX9nl3FxI2q6bMnmvTxYw8Kw-LF0hPruiNUCSH-ojL3m2ib0exQfhM2fCbF0cOyieoHhjuwMy3CXGJJfYwjE9ib_Imx64wgQM1OhXZwZY5wEZJHjx17fLKl3cgABxoV3PWbEHNPX-egPZJA04EIXSv2DoDK2UqWURQftdZyZ1Jg6r9S4Jn5w7Ced9BImOIi6xSysvmAKbWhjgZEye4w7ZZ2L1OZfbzPiG8ObDVpFw2dG5AFlzm0X1APTWbgWrhS3F9xELU0kG36H2SOJbbY3oB49RYh6-8xMRlCrkP0EHBeGt_aXgfdSay8xArU2DLbo4yG3VJiK2sNEz4keoLJZVgxwZnHnpO_Lg3T928p1TGgMDzUIBgeuUZuivtFnWfOO&cb=_clhp55r3gherwvhny027op&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Cookie: UID=22112023292a2dd881a60e4f36ac61f84c2f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/css/mdb.min.css
104.17.25.14200 OK 22 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/css/mdb.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (32440)
Hash 1ce63a849115c009114d40d33c6c8324
5d87297fd4c557d6f02e7096d027cefadc05e45f
5e4b6c37e6a5aa0ab79643ad30df75898e35fb0be7d5507c991694b0aa582224
GET /ajax/libs/mdbootstrap/4.15.0/css/mdb.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/css; charset=utf-8
content-length: 22440
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f1e-43a3c"
last-modified: Mon, 04 May 2020 16:13:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9882654
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYTINk4fIGE8kca6xUqKiXtquf0xFM5puHVTqZ5uWAeFNCNIVhdox6%2Bkl8AENvC56u8Ct8leysMION0VTEfkJvUUsfug9L5jAHpkcGd2vLrDantUU4KB8YAgP3ikL90Av4%2BdWPy%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea93faf0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js
104.17.25.14200 OK 78 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js
IP 104.17.25.14:0
File type Unicode text, UTF-8 text, with very long lines (54740)
Hash f39e4857eba59722acb8ee8aaef193bf
c7b375731ca9766c1ed6e1f18d1f8726059b4370
255559d129ed3633be774a0f7356a066948aa305e3df156413c103bcd53c9240
GET /ajax/libs/mdbootstrap/4.15.0/js/mdb.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 77846
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f1e-46675"
last-modified: Mon, 04 May 2020 16:13:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12047095
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZn0V2xhufK%2B%2FTzwqvhZNlqaAHt9PvQdn8GnIlLDxu9ttjl9eub5PzBs0cEJ2YIAQnZM7KUw1Pw%2By0aolv%2FHRmC66h5S2tqu2uWwycQkPwM2u%2FPTQ0WXOHwyBZc0p6KcVNQ%2Blo0r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea94fb10b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 662c6190c63609f87a23660fc808a650
a4178dd92d6f8a4f7c4da846a08d4104575f3636
93a8fd2af027f09640a8f5c3e2f10603d8b7aff4c74bc274cdbea7deeb396f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (59729)
Hash 807c97d007517c960b2ae0d4eda466a5
ad1f8d047c7c67198dde54ca8b492476b8186aa5
d91d980e6201082fa83e91404d11c4072de2c45f40701e4c9026949b85f50c71
GET /ajax/libs/twitter-bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 13947
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-ea6a"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 464127
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t76KFKiFVhOJPfyW8iqwqmJqG5saTghFzzr9Z2d0nHadXZ1eCzno1M5mLmcMF7lYFgvmYTI2RVnjj2Gw4EnZFD0OAuErOWYr7YyMEyKLhQx2ewMnHO9U3dZ42ZFDDIJ%2FWQOpEXh6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea98fc60b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js
104.17.25.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (20363)
Hash 22a17487e127905f0bf065dbdd7e7713
48fb0d6befae7d0a3a04b128a01112879f08c539
190fe4ede9affea21a5f4bac7ef581cb5ff1ec25f19620309dd3ed93f40158b3
GET /ajax/libs/popper.js/1.14.4/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 6507
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-5038"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14449168
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sszJTiYql6mNF3tg21AcpH%2F3xWELeT20Z0KEa22gKSU87XwjKzwDbk8h0OanAKBOaT4dLLA9pnZrQllQ4NC384xSAcjbottlY1Tlqdve4vwktYHqi0tuaOMb99ALQalEFER0mbn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea98fc70b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css
104.17.25.14200 OK 17 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65324)
Hash 675ff56eda9ae73f640fa87814e52cde
9bd263c7df549aef43732744ea206c57cc3523b5
ae57d8b9f66ab7515bce739bcf396038f119280c874da00f8b8e19ae57fa6655
GET /ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/css; charset=utf-8
content-length: 17437
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-26f1b"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17978958
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVWRPZzlW741GVCfI82azF29RwR6%2Fd%2Fccu8Y3WvnsPKuD2iLCFzEVo6DKgNurFCUM8P%2FtgIiopzopSjOArVJOqhR%2FkcO5IjwkSkGZNJ8YKFfNjZNXSSUq1Ng4kY%2BBc%2FagEL0fdo8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea98fc50b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 29b3c3177d17f1154cb79768eca6e1e7
5a14b8835be80c2f9b21f6d3736abd1aaf6fe74d
df25a156df424c4356b7251e7c8f95f44a0b1b4bf53be4c3e6d50208c1655c98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3447
Cache-Control: max-age=117329
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Etag: "637a186a-117"
Expires: Tue, 22 Nov 2022 13:04:33 GMT
Last-Modified: Sun, 20 Nov 2022 12:07:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=UA-166309154-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-166309154-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e91cc2718d7b8016628a644a2089c054
a8e9e4cfa7bbeaa675cb97ae23f28408a83b5404
75e93f5b008965c0889c175d16345459a6f30d040d0314b76e1e3ff432452e2e
GET /gtag/js?id=UA-166309154-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 21 Nov 2022 04:29:04 GMT
expires: Mon, 21 Nov 2022 04:29:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 21 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43600
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 19af00281047f9a9ea49105da051a837
391baf3f4bb29777b6c1f6a2a130184063326715
368922c518775e7a894078d9429dc353c1e89ecec96041eab1d1558b7d7e166e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "368922C518775E7A894078D9429DC353C1E89ECEC96041EAB1D1558B7D7E166E"
Last-Modified: Sun, 20 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17433
Expires: Mon, 21 Nov 2022 09:19:37 GMT
Date: Mon, 21 Nov 2022 04:29:04 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 20 kB IP 142.250.74.35:0
Hash 6fea0d706f3cc72ff6fd81039992c4d6
3ecf6231465083b8c375befd727544355430dbfb
5d34d46fadacb2bfaeb3f1f82ab49ed1ca4d4545d8deb7426785e81a6eda91da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 29b3c3177d17f1154cb79768eca6e1e7
5a14b8835be80c2f9b21f6d3736abd1aaf6fe74d
df25a156df424c4356b7251e7c8f95f44a0b1b4bf53be4c3e6d50208c1655c98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3448
Cache-Control: max-age=117329
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "637a186a-117"
Expires: Tue, 22 Nov 2022 13:04:34 GMT
Last-Modified: Sun, 20 Nov 2022 12:07:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/ytube2dl.com/choice.js
143.204.55.62204 No Content 0 B URL HTTP/2 quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/ytube2dl.com/choice.js
IP 143.204.55.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /choice/6Fv0cGNfc_bw8/ytube2dl.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: max-age=900
date: Mon, 21 Nov 2022 04:28:05 GMT
server: AmazonS3
cross-origin-resource-policy: cross-origin
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oh2ZmriiISo_JMWqoKVjTlOVUjJ_4X6sECBulV_sWMpH8rL0JkP2fg==
age: 59
X-Firefox-Spdy: h2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
104.21.51.225302 Found 278 B URL HTTP/2 q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP 104.21.51.225:0
Hash a32874386648085fa9c65243b982b3da
dc0341da7b44dd3d39fe60211a54fc3296b2fa2b
4fd2f1639699b03d30a86947acc0e152b5537c48394acab7b677dc1de57e059a
GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:04 GMT
location: https://www.ytube2dl.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUeQR0rGCV5QMopoF8DpT3ilAqGp2UiK8epcvARb1wW4DH9ma3%2BRE3mz3y5xLtWXxDmC5SQntkYhXHWlWYYPoPH7OZel1rNgshthSpYrBKbxWYUDBQkueKrTCiobK0%2FIMYPshSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea7797b1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
104.21.51.225302 Found 280 B URL HTTP/2 q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP 104.21.51.225:0
Hash 1ec9fedbe916229e3e076eff7c8cad24
457c269a934ad9d21b93681ce913096f5823469c
ddf932682a3b31714ffb4595868cd6da0267987774c6e13ba91627ee21620b57
GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:04 GMT
location: http://c.cachegorilla.com/cf?id=11633020869986487817&sid=dgDsw7VfNXk&subid=0000&fid=19265&redir=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0JLpHUQzNe3rfEyf3C3XHuCnYwoo1UDXD4Uh1GnnFrq8poXUC%2BAZ7R6CBZYYAkwXcIP%2B8B7FxY%2BJ3GPRoFd7JpNr08lmZ2xObhNx4xhzvuGPDAExWNMFUbmb5DNx4Mh1tbv2X0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea7797c1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
104.21.51.225302 Found 1.3 kB URL HTTP/2 q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP 104.21.51.225:0
Hash f000770a0051249480249483caf13e38
0d3049512de1c4a379629dba848aa3d23674ab52
6ff5a7cce7d5901897f9e8504a90a81fac7d2ea108e3dcf53def80450b1268c4
GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:04 GMT
location: https://www.ytube2dl.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqSXF04PLVw28ieYGF29e5elBQAWO2XMW2xJeVpJ6wn8nJSfk%2F4d7ieWoKUtkldG9ipySXuX8MBf%2FZMDnCMx%2FpBJnYWObw27BvpzMYZQysu4Nra7Mlkuv6dKuCA8Bt78QLL%2FSMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea488b31c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 680 B IP 93.184.220.29:0
Hash 538c5573e1a4ba6727bd44523df821fa
a923367c3a882f4380f45938fc7096d66e04d60f
5ed3857366d76b57403577ec5db48438f49280490aa1ab465760332929cd1906
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4568
Cache-Control: max-age=162746
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "637ac573-116"
Expires: Wed, 23 Nov 2022 01:41:31 GMT
Last-Modified: Mon, 21 Nov 2022 00:25:23 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
go.eabids.com/openrtb/p_imp.go?xref=p9fAiFz41eM410RvFUUdop01Kmm9adfddb--8oQMmL1KesNL3SXGGXsu4L7FX4x4h7ysy0uxel3PzEu3As153zDcyPrtjeaA4eEyB1VwvwFGcTYJdVGec3EVvnqyzwB4R3e4rdGeB27NjM-XvwzFBIJftBrBpwX9vE_h41zKKbOcGjEQAlbdP0uHADzjbzSc125nvKymoL3Qi_pTNNGudTiTVC4TTiNWejn3ppuK4kJzypndpdOzFaB4sVn-bfHozlFtfUjG2IP0J9bOYO9Vf-LKEgX591j0CrFpg32AICcDCx8q6WBGMmLA5ni1J8DRK-9KRGPbRY8f6Wntr7fK7gpADrNYUCyoRzdOqVK5D-9Hdyn3Dk-XcKAoHla2P45-ZpkoBK5uArLjcFuE_aEVmmsO2EQJLovScrih-jR14rmGuBzSNXtZZAtL6T3gxw9v0MThxo_ep9cl3bNcrHExaDO738kfT9fmz0GrayHiN2tuVN2fIKNxXX0rxpsycCCr9EpYPE5J80L8HgSf7_DUvuiHnCMwK3dUEj0nbH4JaWlw5QM9IfwoECn6q8NkjnAilTWhHlhxStMiPKZF0ovfUgyVPV6suOjiffTiqElNG0fyupMC94bUGz_mKT6vAgXMRZLhdWGTdzV14wcYrrwplIDLWbM2bgGUIFfn719Vzw8hTicPIw5vveZkyZL5vNT08TVz_-J63d-HE6L9ZiQ7LJXjcQJwQsvqbS3ok3CQK6DzOLUuFtqSgVg6P6snodWrecraqevduugel8sbY-qvtUKycdhrPGu8h0bi4K5hOTk94HNDZPVqiW8c4YcChlLnU6Fq6JNBkS83I1uthKgRYALKQowQ1EwRFv0uf5f48xaxCPpmkBoi-KwNWj2-bPIhP1une7TTsIMTytEaqqgRkmWF-bCjazvfkTn1STP2lvlBkn5H6bwQaKCa8tCM_Za4G6QJdRvHgVn9Gs0kQLXFBQXr04U-KhGOuYXU9PnXaPKmKALnP-N3SVLg3KGp0A48ye9mmDDgokItDIUs7Cw2LbeqtmQILXXhIegC63QDneuzBYasoeqtwC6jpfAqKn_T3gVWy7ThJTuqWO5M80EGDy4TZiCGj-uqe2HUaTo1yAGCwhqcbTkFr5F06PUR8USM9sMoMchSWvMQUO4DQy7d9ezHXD_PRY43of1dTmhXrPA1wgXoPcQOru8CxgJHVXQJ4aBkbu6Mkic37Da-jGDEJA-cuQhvEOwiEb6JMov46JJv_5UGkv1hZyB22ec_mRDTiREnu4_Fk6NviWTW03sg5GHAbruItQpZ8Vll2-Ho2yI1tjqXmsVvVGpbNEtSzQ5swBNuyjViWkVnca1XDqoZQLONIzDrXRq2SF5gXMTYrBbNOWm4H8cc_o6dPbKW-0OAxx1SPKbZl6saNSCfRqVTR1ZjB9_JoYnABLT2yMSFvbu-NLWnkSP1FTn9oJqOeCwmx17VY8ijkNoXeGY3A1ekJv76H81T4qhiKF2XOmqwOCf5riXqwGPIcR_1RoSI9aZIL-5yIjgSouJ_b0ScFxiVis5cs0_AZTyb1xVLdri8uzRUvaCsttvk7N4gmVgHPGQ7Nw01ZjLIYa_xpJwOTl1PaTD9vyObwWDNSeu66xBPC4e8zRfcPTfCLEafLIkTJ8iJA12lvC1e56adUvV4tOB6UKE56282li39PXDwVk28_T-VStN2B1TSQwuVvF0RU8hDzhbW8cdc5WzuTOp2mWIXOkgrSMb0P6BBZo0SQcmnyhRnbhMM5Eg1qiyszycscWqPLn94WxU9Vvh-PoAzyp1fidiVw4LqLKvRWo-vgpwTd2SwW-DOjszpxQTrs9_EJRgVsC38lS2KfFvYJNbVEiCc6Dqi0bmfGMPSBoint4E4TM1lMJzbkBCWE7Hpw1jjpcpQo4roAM4UoTR4giDwTiLkaUQeYDYyjq4RAgUDYLRsNJf_bGhiNejNAMGfftKPdLEk390gmBj0sI9E2mpbUmGsca3IWvSpr_ETCnP20_7E0S1yiJ7g8ZdEZXGK6uKiGE2oi7S_VUQCh7ttDUJ9L1Yuk_PVMdvXiLoDRpehLVzoOt3-_lcpvpbakL6Iwa30Sxk3c-G2Kz_cu_5vVJlAfLHTd_6QDv51_JVLT_wAZEyV8Fv3L2XtZkjhEtpquXOBipRx3LOzuNuQ6qId5M3S4NoLeLP8Adcu35UNDeVy4-7X3CO14ADe_zhUnCLd-yRGvpQEVVpHuxUkg6CuZgTjeyOZBDTn8ktZXmbO5CCU-3qErmlu0XFN37fT5yljd64ZX5mqbui4eWLCO8F1u5twFoY4Z8A1saDdfm72dnv9fTQsT9xriGOKo8MkTYEwVRykcyRCF-GfXlWCBriC3g4YjhS8Lw0hzEc3dJa9qs2kQBwNQdupYSC94aB9dTeLZ53PapyBs-0CCJnoNc88iGePEe1gcHa57dipwJ4yxQnygredLcKEfvcQri0skRbXMLNl22i-iHZyrSR5znGjyztm-6lTdWOn927ps_5HYiYn5sghnN0EB8gXg8HOQJhMh2ggMvkFcf0tNbn89CIUxkuZ855WOuIi2UGThQFBTgxFiqRM0Bte0ygaoVObjGTGYoCKGrO6KpxI1aDXutZW94PHvpUPf91wrSJkJhuw29bcLdc8lxsoSdkyTUB5otBImUpm93PJQWWfrLQQERzH3aLB7SZ_OOPAuqvLQOZvtyyhhe7D_7HOembQNIUSkW6hCzrXSNB3QgZ_SQ_LnSYJ_2APmC9a1-waBHw0w5gtel4tQrvFYinh6s81S5S722xsYuP5ePHLvYpohBuf-n3aHLIN5e2nl94_1aPAvEPIjdzAs7zFRp4u30c7SvGsQLBm-YptJyMzh0gcpR4zqCYcyDnkoGT1Jve1tbG84P7j8A304IW_dyUXkgMOPipv888sKO0gpJ-2UER_qsqiLidex0lVLhJ1E1I3i4UyYKiLKc42ztd_Ru7CnBb4eVppJLTF1I0rWiTLKwI2ex9RTZpei_g09sishOj9WBj_jnK6BREZVC5Z0EEpZcGu7svscq8p5NFaUYfGh34PTQ150vpz_tQI0b_IDihzKAoHiQQ9GXJk4REHaTLa5P51F5DxjaZVkvtYfpcUPHSj5xtj1_Q34A4rRVZ6Oi41n-4kyYAj0Y9KdZ9branyIwUA32hspwYDbBlsiacf7mgEAbSBePqI0Xiiu3JmF6UVBzYVXrYhTgogHW4uAgGXlCct2vs4pg9DTgaDh31iy4fzgVfBdXntkMNJGhKxEf92M_VlCpRSQ4IjFONWRA3YjA13-BkcvUEoTGhSBh0P39WO4xGF1Z4tr0KmZKSO3LQdyta95Z2nZ6v-YiTGuA4KZIvMa19hr-l4nLyjuVsXKhiVg8jhOYNQK1GD3cYSMZ2flfB_BRLyp-htzo3b3N9nxeThKhTO8PWzBRK8tMsj3Voz8y_r2BLQ7GOZ1osiqb0B23qmZAo-FQYc7P5kOdJcqXir5tXr2oLtszHcdHzKn0uFPnzOy4Tjk-eM8L1sbbMu1K6xhVTead6gVfXJVoZz_wTYCnK0D39TvQWC71nl8JYPUcKlIN0tnD2C1IcjQHW7HbF81tpxFIg_aOde9o2X7gCSZQKhc7mS56XWBxgHkD5oxF5ga5MQ8a7-D8tvLbpiYdoUMetMLkvTGiqAwxrAmPSBmuzFKbydvn0uEX1OxocVS3U6_2a74pLK59GqNHaFG8m7vkJexfTbqW4T_FBVtDd0AUzYivt4l5JBPmg0fy3ipWa5-MWNQwQg1AJg4eS33FZHs97PRv8ywPWZsffFUE2jkpApzoFb5aHWzlg60QV8h8DGZJmGrxUyMFy0fX8CRM7hO7KbVxlbNnkV-k1qyNJ4KWM7k33HkeYXNRvakSfOCgaIzQAFLHom6VubgW9wW8w7kcjH2aVccEedxnX7UkU_OF8bTpOTL_Rf4ovejivUr3YmLcNNTbKdOFMfRWiyuxSV8-c3q4DirjRPNXOi3XTWT-jjUVsZ7E_L0TA8tjNGWnMcfQRhPEYAeXhF6CHRUNTlTqzlimbYoPpGVI1zTz8plIEBZg_HIuReMonFdDTHjRun62Z0LnsbQFPZvS2Pajfz40sJgDMpF3BwU-4SkpDQ7TLqdl9l-kdNsBNNmal4w4lIR1vjOMhLz4Xc6vJbYD6S15JiWIhV0KTlKzYL-lOAP9mNyPUQFxxTo16ytG80KyRGWyl8HKXQOVqEBBu5oRAs_z83qrjsMnHpDhApxF1AI5zMCXYNIR4Wa7mUlIYpxqszn4QDhzc_0_6WyG01ezLsQjnSfwaylW5UFqaco9npQoJ4HoEQtXeGcr1ftpoUrBul_qYahbYT2F9OkbCYbEkwSVvw5qhaZ0zndGlnuGkRFgxi2CZBWNrq3r1950xC7o-Dl4i0FlnFcHBbMJTd6i2cN9t_39-FuJh7NIBALg_NvPgApbbpWGFy3mv0XGYPQmFByBGo12CNzg==
217.22.19.194303 See Other 0 B URL HTTP/2 go.eabids.com/openrtb/p_imp.go?xref=p9fAiFz41eM410RvFUUdop01Kmm9adfddb--8oQMmL1KesNL3SXGGXsu4L7FX4x4h7ysy0uxel3PzEu3As153zDcyPrtjeaA4eEyB1VwvwFGcTYJdVGec3EVvnqyzwB4R3e4rdGeB27NjM-XvwzFBIJftBrBpwX9vE_h41zKKbOcGjEQAlbdP0uHADzjbzSc125nvKymoL3Qi_pTNNGudTiTVC4TTiNWejn3ppuK4kJzypndpdOzFaB4sVn-bfHozlFtfUjG2IP0J9bOYO9Vf-LKEgX591j0CrFpg32AICcDCx8q6WBGMmLA5ni1J8DRK-9KRGPbRY8f6Wntr7fK7gpADrNYUCyoRzdOqVK5D-9Hdyn3Dk-XcKAoHla2P45-ZpkoBK5uArLjcFuE_aEVmmsO2EQJLovScrih-jR14rmGuBzSNXtZZAtL6T3gxw9v0MThxo_ep9cl3bNcrHExaDO738kfT9fmz0GrayHiN2tuVN2fIKNxXX0rxpsycCCr9EpYPE5J80L8HgSf7_DUvuiHnCMwK3dUEj0nbH4JaWlw5QM9IfwoECn6q8NkjnAilTWhHlhxStMiPKZF0ovfUgyVPV6suOjiffTiqElNG0fyupMC94bUGz_mKT6vAgXMRZLhdWGTdzV14wcYrrwplIDLWbM2bgGUIFfn719Vzw8hTicPIw5vveZkyZL5vNT08TVz_-J63d-HE6L9ZiQ7LJXjcQJwQsvqbS3ok3CQK6DzOLUuFtqSgVg6P6snodWrecraqevduugel8sbY-qvtUKycdhrPGu8h0bi4K5hOTk94HNDZPVqiW8c4YcChlLnU6Fq6JNBkS83I1uthKgRYALKQowQ1EwRFv0uf5f48xaxCPpmkBoi-KwNWj2-bPIhP1une7TTsIMTytEaqqgRkmWF-bCjazvfkTn1STP2lvlBkn5H6bwQaKCa8tCM_Za4G6QJdRvHgVn9Gs0kQLXFBQXr04U-KhGOuYXU9PnXaPKmKALnP-N3SVLg3KGp0A48ye9mmDDgokItDIUs7Cw2LbeqtmQILXXhIegC63QDneuzBYasoeqtwC6jpfAqKn_T3gVWy7ThJTuqWO5M80EGDy4TZiCGj-uqe2HUaTo1yAGCwhqcbTkFr5F06PUR8USM9sMoMchSWvMQUO4DQy7d9ezHXD_PRY43of1dTmhXrPA1wgXoPcQOru8CxgJHVXQJ4aBkbu6Mkic37Da-jGDEJA-cuQhvEOwiEb6JMov46JJv_5UGkv1hZyB22ec_mRDTiREnu4_Fk6NviWTW03sg5GHAbruItQpZ8Vll2-Ho2yI1tjqXmsVvVGpbNEtSzQ5swBNuyjViWkVnca1XDqoZQLONIzDrXRq2SF5gXMTYrBbNOWm4H8cc_o6dPbKW-0OAxx1SPKbZl6saNSCfRqVTR1ZjB9_JoYnABLT2yMSFvbu-NLWnkSP1FTn9oJqOeCwmx17VY8ijkNoXeGY3A1ekJv76H81T4qhiKF2XOmqwOCf5riXqwGPIcR_1RoSI9aZIL-5yIjgSouJ_b0ScFxiVis5cs0_AZTyb1xVLdri8uzRUvaCsttvk7N4gmVgHPGQ7Nw01ZjLIYa_xpJwOTl1PaTD9vyObwWDNSeu66xBPC4e8zRfcPTfCLEafLIkTJ8iJA12lvC1e56adUvV4tOB6UKE56282li39PXDwVk28_T-VStN2B1TSQwuVvF0RU8hDzhbW8cdc5WzuTOp2mWIXOkgrSMb0P6BBZo0SQcmnyhRnbhMM5Eg1qiyszycscWqPLn94WxU9Vvh-PoAzyp1fidiVw4LqLKvRWo-vgpwTd2SwW-DOjszpxQTrs9_EJRgVsC38lS2KfFvYJNbVEiCc6Dqi0bmfGMPSBoint4E4TM1lMJzbkBCWE7Hpw1jjpcpQo4roAM4UoTR4giDwTiLkaUQeYDYyjq4RAgUDYLRsNJf_bGhiNejNAMGfftKPdLEk390gmBj0sI9E2mpbUmGsca3IWvSpr_ETCnP20_7E0S1yiJ7g8ZdEZXGK6uKiGE2oi7S_VUQCh7ttDUJ9L1Yuk_PVMdvXiLoDRpehLVzoOt3-_lcpvpbakL6Iwa30Sxk3c-G2Kz_cu_5vVJlAfLHTd_6QDv51_JVLT_wAZEyV8Fv3L2XtZkjhEtpquXOBipRx3LOzuNuQ6qId5M3S4NoLeLP8Adcu35UNDeVy4-7X3CO14ADe_zhUnCLd-yRGvpQEVVpHuxUkg6CuZgTjeyOZBDTn8ktZXmbO5CCU-3qErmlu0XFN37fT5yljd64ZX5mqbui4eWLCO8F1u5twFoY4Z8A1saDdfm72dnv9fTQsT9xriGOKo8MkTYEwVRykcyRCF-GfXlWCBriC3g4YjhS8Lw0hzEc3dJa9qs2kQBwNQdupYSC94aB9dTeLZ53PapyBs-0CCJnoNc88iGePEe1gcHa57dipwJ4yxQnygredLcKEfvcQri0skRbXMLNl22i-iHZyrSR5znGjyztm-6lTdWOn927ps_5HYiYn5sghnN0EB8gXg8HOQJhMh2ggMvkFcf0tNbn89CIUxkuZ855WOuIi2UGThQFBTgxFiqRM0Bte0ygaoVObjGTGYoCKGrO6KpxI1aDXutZW94PHvpUPf91wrSJkJhuw29bcLdc8lxsoSdkyTUB5otBImUpm93PJQWWfrLQQERzH3aLB7SZ_OOPAuqvLQOZvtyyhhe7D_7HOembQNIUSkW6hCzrXSNB3QgZ_SQ_LnSYJ_2APmC9a1-waBHw0w5gtel4tQrvFYinh6s81S5S722xsYuP5ePHLvYpohBuf-n3aHLIN5e2nl94_1aPAvEPIjdzAs7zFRp4u30c7SvGsQLBm-YptJyMzh0gcpR4zqCYcyDnkoGT1Jve1tbG84P7j8A304IW_dyUXkgMOPipv888sKO0gpJ-2UER_qsqiLidex0lVLhJ1E1I3i4UyYKiLKc42ztd_Ru7CnBb4eVppJLTF1I0rWiTLKwI2ex9RTZpei_g09sishOj9WBj_jnK6BREZVC5Z0EEpZcGu7svscq8p5NFaUYfGh34PTQ150vpz_tQI0b_IDihzKAoHiQQ9GXJk4REHaTLa5P51F5DxjaZVkvtYfpcUPHSj5xtj1_Q34A4rRVZ6Oi41n-4kyYAj0Y9KdZ9branyIwUA32hspwYDbBlsiacf7mgEAbSBePqI0Xiiu3JmF6UVBzYVXrYhTgogHW4uAgGXlCct2vs4pg9DTgaDh31iy4fzgVfBdXntkMNJGhKxEf92M_VlCpRSQ4IjFONWRA3YjA13-BkcvUEoTGhSBh0P39WO4xGF1Z4tr0KmZKSO3LQdyta95Z2nZ6v-YiTGuA4KZIvMa19hr-l4nLyjuVsXKhiVg8jhOYNQK1GD3cYSMZ2flfB_BRLyp-htzo3b3N9nxeThKhTO8PWzBRK8tMsj3Voz8y_r2BLQ7GOZ1osiqb0B23qmZAo-FQYc7P5kOdJcqXir5tXr2oLtszHcdHzKn0uFPnzOy4Tjk-eM8L1sbbMu1K6xhVTead6gVfXJVoZz_wTYCnK0D39TvQWC71nl8JYPUcKlIN0tnD2C1IcjQHW7HbF81tpxFIg_aOde9o2X7gCSZQKhc7mS56XWBxgHkD5oxF5ga5MQ8a7-D8tvLbpiYdoUMetMLkvTGiqAwxrAmPSBmuzFKbydvn0uEX1OxocVS3U6_2a74pLK59GqNHaFG8m7vkJexfTbqW4T_FBVtDd0AUzYivt4l5JBPmg0fy3ipWa5-MWNQwQg1AJg4eS33FZHs97PRv8ywPWZsffFUE2jkpApzoFb5aHWzlg60QV8h8DGZJmGrxUyMFy0fX8CRM7hO7KbVxlbNnkV-k1qyNJ4KWM7k33HkeYXNRvakSfOCgaIzQAFLHom6VubgW9wW8w7kcjH2aVccEedxnX7UkU_OF8bTpOTL_Rf4ovejivUr3YmLcNNTbKdOFMfRWiyuxSV8-c3q4DirjRPNXOi3XTWT-jjUVsZ7E_L0TA8tjNGWnMcfQRhPEYAeXhF6CHRUNTlTqzlimbYoPpGVI1zTz8plIEBZg_HIuReMonFdDTHjRun62Z0LnsbQFPZvS2Pajfz40sJgDMpF3BwU-4SkpDQ7TLqdl9l-kdNsBNNmal4w4lIR1vjOMhLz4Xc6vJbYD6S15JiWIhV0KTlKzYL-lOAP9mNyPUQFxxTo16ytG80KyRGWyl8HKXQOVqEBBu5oRAs_z83qrjsMnHpDhApxF1AI5zMCXYNIR4Wa7mUlIYpxqszn4QDhzc_0_6WyG01ezLsQjnSfwaylW5UFqaco9npQoJ4HoEQtXeGcr1ftpoUrBul_qYahbYT2F9OkbCYbEkwSVvw5qhaZ0zndGlnuGkRFgxi2CZBWNrq3r1950xC7o-Dl4i0FlnFcHBbMJTd6i2cN9t_39-FuJh7NIBALg_NvPgApbbpWGFy3mv0XGYPQmFByBGo12CNzg==
IP 217.22.19.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /openrtb/p_imp.go?xref=p9fAiFz41eM410RvFUUdop01Kmm9adfddb--8oQMmL1KesNL3SXGGXsu4L7FX4x4h7ysy0uxel3PzEu3As153zDcyPrtjeaA4eEyB1VwvwFGcTYJdVGec3EVvnqyzwB4R3e4rdGeB27NjM-XvwzFBIJftBrBpwX9vE_h41zKKbOcGjEQAlbdP0uHADzjbzSc125nvKymoL3Qi_pTNNGudTiTVC4TTiNWejn3ppuK4kJzypndpdOzFaB4sVn-bfHozlFtfUjG2IP0J9bOYO9Vf-LKEgX591j0CrFpg32AICcDCx8q6WBGMmLA5ni1J8DRK-9KRGPbRY8f6Wntr7fK7gpADrNYUCyoRzdOqVK5D-9Hdyn3Dk-XcKAoHla2P45-ZpkoBK5uArLjcFuE_aEVmmsO2EQJLovScrih-jR14rmGuBzSNXtZZAtL6T3gxw9v0MThxo_ep9cl3bNcrHExaDO738kfT9fmz0GrayHiN2tuVN2fIKNxXX0rxpsycCCr9EpYPE5J80L8HgSf7_DUvuiHnCMwK3dUEj0nbH4JaWlw5QM9IfwoECn6q8NkjnAilTWhHlhxStMiPKZF0ovfUgyVPV6suOjiffTiqElNG0fyupMC94bUGz_mKT6vAgXMRZLhdWGTdzV14wcYrrwplIDLWbM2bgGUIFfn719Vzw8hTicPIw5vveZkyZL5vNT08TVz_-J63d-HE6L9ZiQ7LJXjcQJwQsvqbS3ok3CQK6DzOLUuFtqSgVg6P6snodWrecraqevduugel8sbY-qvtUKycdhrPGu8h0bi4K5hOTk94HNDZPVqiW8c4YcChlLnU6Fq6JNBkS83I1uthKgRYALKQowQ1EwRFv0uf5f48xaxCPpmkBoi-KwNWj2-bPIhP1une7TTsIMTytEaqqgRkmWF-bCjazvfkTn1STP2lvlBkn5H6bwQaKCa8tCM_Za4G6QJdRvHgVn9Gs0kQLXFBQXr04U-KhGOuYXU9PnXaPKmKALnP-N3SVLg3KGp0A48ye9mmDDgokItDIUs7Cw2LbeqtmQILXXhIegC63QDneuzBYasoeqtwC6jpfAqKn_T3gVWy7ThJTuqWO5M80EGDy4TZiCGj-uqe2HUaTo1yAGCwhqcbTkFr5F06PUR8USM9sMoMchSWvMQUO4DQy7d9ezHXD_PRY43of1dTmhXrPA1wgXoPcQOru8CxgJHVXQJ4aBkbu6Mkic37Da-jGDEJA-cuQhvEOwiEb6JMov46JJv_5UGkv1hZyB22ec_mRDTiREnu4_Fk6NviWTW03sg5GHAbruItQpZ8Vll2-Ho2yI1tjqXmsVvVGpbNEtSzQ5swBNuyjViWkVnca1XDqoZQLONIzDrXRq2SF5gXMTYrBbNOWm4H8cc_o6dPbKW-0OAxx1SPKbZl6saNSCfRqVTR1ZjB9_JoYnABLT2yMSFvbu-NLWnkSP1FTn9oJqOeCwmx17VY8ijkNoXeGY3A1ekJv76H81T4qhiKF2XOmqwOCf5riXqwGPIcR_1RoSI9aZIL-5yIjgSouJ_b0ScFxiVis5cs0_AZTyb1xVLdri8uzRUvaCsttvk7N4gmVgHPGQ7Nw01ZjLIYa_xpJwOTl1PaTD9vyObwWDNSeu66xBPC4e8zRfcPTfCLEafLIkTJ8iJA12lvC1e56adUvV4tOB6UKE56282li39PXDwVk28_T-VStN2B1TSQwuVvF0RU8hDzhbW8cdc5WzuTOp2mWIXOkgrSMb0P6BBZo0SQcmnyhRnbhMM5Eg1qiyszycscWqPLn94WxU9Vvh-PoAzyp1fidiVw4LqLKvRWo-vgpwTd2SwW-DOjszpxQTrs9_EJRgVsC38lS2KfFvYJNbVEiCc6Dqi0bmfGMPSBoint4E4TM1lMJzbkBCWE7Hpw1jjpcpQo4roAM4UoTR4giDwTiLkaUQeYDYyjq4RAgUDYLRsNJf_bGhiNejNAMGfftKPdLEk390gmBj0sI9E2mpbUmGsca3IWvSpr_ETCnP20_7E0S1yiJ7g8ZdEZXGK6uKiGE2oi7S_VUQCh7ttDUJ9L1Yuk_PVMdvXiLoDRpehLVzoOt3-_lcpvpbakL6Iwa30Sxk3c-G2Kz_cu_5vVJlAfLHTd_6QDv51_JVLT_wAZEyV8Fv3L2XtZkjhEtpquXOBipRx3LOzuNuQ6qId5M3S4NoLeLP8Adcu35UNDeVy4-7X3CO14ADe_zhUnCLd-yRGvpQEVVpHuxUkg6CuZgTjeyOZBDTn8ktZXmbO5CCU-3qErmlu0XFN37fT5yljd64ZX5mqbui4eWLCO8F1u5twFoY4Z8A1saDdfm72dnv9fTQsT9xriGOKo8MkTYEwVRykcyRCF-GfXlWCBriC3g4YjhS8Lw0hzEc3dJa9qs2kQBwNQdupYSC94aB9dTeLZ53PapyBs-0CCJnoNc88iGePEe1gcHa57dipwJ4yxQnygredLcKEfvcQri0skRbXMLNl22i-iHZyrSR5znGjyztm-6lTdWOn927ps_5HYiYn5sghnN0EB8gXg8HOQJhMh2ggMvkFcf0tNbn89CIUxkuZ855WOuIi2UGThQFBTgxFiqRM0Bte0ygaoVObjGTGYoCKGrO6KpxI1aDXutZW94PHvpUPf91wrSJkJhuw29bcLdc8lxsoSdkyTUB5otBImUpm93PJQWWfrLQQERzH3aLB7SZ_OOPAuqvLQOZvtyyhhe7D_7HOembQNIUSkW6hCzrXSNB3QgZ_SQ_LnSYJ_2APmC9a1-waBHw0w5gtel4tQrvFYinh6s81S5S722xsYuP5ePHLvYpohBuf-n3aHLIN5e2nl94_1aPAvEPIjdzAs7zFRp4u30c7SvGsQLBm-YptJyMzh0gcpR4zqCYcyDnkoGT1Jve1tbG84P7j8A304IW_dyUXkgMOPipv888sKO0gpJ-2UER_qsqiLidex0lVLhJ1E1I3i4UyYKiLKc42ztd_Ru7CnBb4eVppJLTF1I0rWiTLKwI2ex9RTZpei_g09sishOj9WBj_jnK6BREZVC5Z0EEpZcGu7svscq8p5NFaUYfGh34PTQ150vpz_tQI0b_IDihzKAoHiQQ9GXJk4REHaTLa5P51F5DxjaZVkvtYfpcUPHSj5xtj1_Q34A4rRVZ6Oi41n-4kyYAj0Y9KdZ9branyIwUA32hspwYDbBlsiacf7mgEAbSBePqI0Xiiu3JmF6UVBzYVXrYhTgogHW4uAgGXlCct2vs4pg9DTgaDh31iy4fzgVfBdXntkMNJGhKxEf92M_VlCpRSQ4IjFONWRA3YjA13-BkcvUEoTGhSBh0P39WO4xGF1Z4tr0KmZKSO3LQdyta95Z2nZ6v-YiTGuA4KZIvMa19hr-l4nLyjuVsXKhiVg8jhOYNQK1GD3cYSMZ2flfB_BRLyp-htzo3b3N9nxeThKhTO8PWzBRK8tMsj3Voz8y_r2BLQ7GOZ1osiqb0B23qmZAo-FQYc7P5kOdJcqXir5tXr2oLtszHcdHzKn0uFPnzOy4Tjk-eM8L1sbbMu1K6xhVTead6gVfXJVoZz_wTYCnK0D39TvQWC71nl8JYPUcKlIN0tnD2C1IcjQHW7HbF81tpxFIg_aOde9o2X7gCSZQKhc7mS56XWBxgHkD5oxF5ga5MQ8a7-D8tvLbpiYdoUMetMLkvTGiqAwxrAmPSBmuzFKbydvn0uEX1OxocVS3U6_2a74pLK59GqNHaFG8m7vkJexfTbqW4T_FBVtDd0AUzYivt4l5JBPmg0fy3ipWa5-MWNQwQg1AJg4eS33FZHs97PRv8ywPWZsffFUE2jkpApzoFb5aHWzlg60QV8h8DGZJmGrxUyMFy0fX8CRM7hO7KbVxlbNnkV-k1qyNJ4KWM7k33HkeYXNRvakSfOCgaIzQAFLHom6VubgW9wW8w7kcjH2aVccEedxnX7UkU_OF8bTpOTL_Rf4ovejivUr3YmLcNNTbKdOFMfRWiyuxSV8-c3q4DirjRPNXOi3XTWT-jjUVsZ7E_L0TA8tjNGWnMcfQRhPEYAeXhF6CHRUNTlTqzlimbYoPpGVI1zTz8plIEBZg_HIuReMonFdDTHjRun62Z0LnsbQFPZvS2Pajfz40sJgDMpF3BwU-4SkpDQ7TLqdl9l-kdNsBNNmal4w4lIR1vjOMhLz4Xc6vJbYD6S15JiWIhV0KTlKzYL-lOAP9mNyPUQFxxTo16ytG80KyRGWyl8HKXQOVqEBBu5oRAs_z83qrjsMnHpDhApxF1AI5zMCXYNIR4Wa7mUlIYpxqszn4QDhzc_0_6WyG01ezLsQjnSfwaylW5UFqaco9npQoJ4HoEQtXeGcr1ftpoUrBul_qYahbYT2F9OkbCYbEkwSVvw5qhaZ0zndGlnuGkRFgxi2CZBWNrq3r1950xC7o-Dl4i0FlnFcHBbMJTd6i2cN9t_39-FuJh7NIBALg_NvPgApbbpWGFy3mv0XGYPQmFByBGo12CNzg== HTTP/1.1
Host: go.eabids.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 303 See Other
server: nginx
date: Mon, 21 Nov 2022 04:29:05 GMT
content-length: 0
location: http://go.goasrv.com/openrtb/p_imp.go?xref=4VEQ9NdOr0t52IhMNCeCGxiWdgMG2lJnBFr5pH2LXYedhepIE0JTCvWoimJ7mToqA80HK_KuEmsoP3U0EqYXclVRsM7cJLPp3G9qy_FoRGZFlFq1nWpIrmJuGY-hXFIeoTKxGIYFFxMCNxZBrWVIzToCSe3tngAduDRn92AAKsuO_NvaAWC2Qz1awsfscf6Az2iP-opqtBhRAXO3IVH2TnFxIaZTP5_CciZQ0FHIzGwmWKZiQGvy-w3K0wFSY1XZfq3sUWx0gGA9Skdb_imoPsJZFl69DRXkKHJbRFE_ek9f6MfMuaNe2qvIjrrmQMxJb38SeekRnxBv1B0Y0itfTlpO7Q2ANERmjrXUxXxYad75pNqPKpEfcSfor98nUmkqFn89q4CCdDqe6d_kt7kkA9e1q4snX1Mu1i3KV2b7P2GxFytkuabh12bsBp9xwfs6A1STHEhwPDLmXYLQ9S5YwqIwNA3lD6DbqJPWDHIq1Je3scEml3GPO6Bhy0wlzIa4w_GRJ2ivID4jFslp9LpWr_b-bXLu_1JRT-FPGiyPslMKU7K3V0lbxgLX7y6qO_reJZRFEgGEJum5fgaQybVsnZWpCNP7iaCtC88dWpnpHXGqfDnj0FR-OrOqaP0_30QicpjTyAbETOfgGsDkd0TktcGPn3Yl0_m45cvDGjMZPmYJxOhgi-bMN2cxGZY1ZzY4FZ_qZZTXxrOYtTyuw70SW1Pm2l8d-EsNUF6Ihi0XlL6VMskKR7alegR6V-0GPxsLD6bjH7MLOn-FYUvcL9Akg94UhcXSrpF5qKtfnkSkqJZzYOS2CKU5cmGtpiNX1UMU0T53lLISYQ8DrIUhqjWj25nJ8tvPzw4CqvL9Gy3Rdn9Qquqt_yn65dlR7QPhJ9CIUqZgFCZzl4WRsOCqyT8INw-s7GTmXFjaTnZAm_CRBsQdJGwU2q1hQuJIThk0gOhv7FQaFZGm5MnZHRmtXKJhBzXZi6oJV7uhdj7IBssOqan_dk-6wsKEASowtOxMBOwaAhpT2aRPH0fRB7ySlwI095vVWnoao_NjUOrLUkdXAXItkOeNrg8BLoSsNMKyhdyyb7vlJyl3LAUwqqjw-Y7MRbFWpSFVsn2tLJSAHJeURwa9HQyaF0eBUOzqz4y_kc8gdHFFbhwvSziBAEw2aiVAR9iaCKXuqJT5vWVMaQbhSa0-F1bkl_o9jfkb_8L-cV3e2gp9CYN2s62jN28fHya4BEwq550yAYrHxHzV8Bn0uo87lvauupGivyvtv1DkNQMeawAGcrkm4w5HOttWIRXEz-ej-zyi4d0ALEnkA53jcEL3jWHz7xQnGycm-lvm_8iTfNxgIqKrfkiWs_5pacT8JWqO6Wu535xLHnAuzAsuY-sHLJq6HasxyjxSktOVm8-0ZTgl00jnK2t8WOJO1JsaEixjYwuEu-BoSzb304mCyUXpZc1J8g2fmhMbRKXDlY0YgWeHYzgMe_b_tfvJ1r3RZSf0w2MgdpgRHwAVTm3XAZsfo-_Igry5QhM0INCaMIT4mVye27mJa4_L-hG2-rSAH_nt4G_X8R9m6aqmLiQJJ5rAR1NExUNgop4cic9FR4kbPTKFqB04UNMY4vs7zQ2L6JFEJsr0h2nZubb5IXmgkJnpR7Z1gm4sGHtgv_LyXWocVNdAVOnu968zEs5jj2xP7pzc2q6prPy-IJ7_ncYR6paUGUmYiqTDFpJNkMVWUrzCNq-s2RV5XTnt3HKLvD1qmTC_kOgjEG_3fiPu-a6PH-gP21pAzaha4fEfoW4unr7mvCJGwojAfdC5TQ3aPPKR4BcWhS8nieQo82ywd5IJhZL8WQDVhRgRiGl0D0GyIChH964KdRUsHsHb-y6Dixv5B-Z3ANLfLPfNr0KLmfK8GkEGYOsDlpx_QvtNfEWehu9nYOXvb1qqB-2St4c2j49gNvZyGzw65i5EVyWlyiU4wTq8JUNEofSK2SPo_otmJpnEmEHunukHI_lA9VqiSyVgwOoyBRx_t5DrCS9zmUGIp9sFYF3HvFLOUQ3tB2MOnjc77kZEkbEP8osxkQ-r36W9CWn0RNWKsOVNpyYaqYyOn7OGlkDZ4CFz5dSbCJWA91fxHQKpL7hdz_t2ThhdKQOJq5K0ZeaR58D8vs3nkDo6UrSATjKoqgBkQPTfDOv4RGorP57JWb7PL25NGIjYyBoMxdGOdGhr_KQtChZIvOFC7i_wDBp3cp9HNomSibXil2pspIjCWNnlPUAAOWaiS1qcqHomhsxpybnMHchK84cvXPHQKIIEo6F7A8WEnXVqVuxdfmntfenXVPClWq_MzNjiAUUazTbFrZ8h5iFjKy249mpNCnAh3HNl_VR5bbFgj7VyZoeCSfn7wlEfQAzNlfsfPDB6adDqFA4gO_J-LUCMszpUCbh9Ul3XhJN8tJOr-_MLxGt6mt_0SSFKMMxPp8xTCj_vS1ZrzjLALpm3IT3ZIIMCNfTunyKzr-vCF4dN-ItnD9GHSYHHTP_zSk-SR4vc9HnXhqpvaEkp_kz-mw_YP8HL2nplmO8B3hIH2leLdRPa88FKZ9kOhwxfczexs3RethJMrQ==
x-backend-server: nl2-web-203
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1ec9fedbe916229e3e076eff7c8cad24
457c269a934ad9d21b93681ce913096f5823469c
ddf932682a3b31714ffb4595868cd6da0267987774c6e13ba91627ee21620b57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4159
Cache-Control: max-age=93914
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "6379ba2c-118"
Expires: Tue, 22 Nov 2022 06:34:19 GMT
Last-Modified: Sun, 20 Nov 2022 05:25:00 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 912 B IP 93.184.220.29:0
Hash dce7e4421e3c753ed866a55e2a8b87a2
7ce13d28b86626a8dce95d360fd5d232b3c4bc12
f7cd924f767ea8c55ad0227e330f1daaef4c12b42504c3cf8a578fd62d2ba877
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2422
Cache-Control: max-age=162712
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "637acdb4-117"
Expires: Wed, 23 Nov 2022 01:40:57 GMT
Last-Modified: Mon, 21 Nov 2022 01:00:36 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
misctraff.com/l/26997115f3e3b5c262a2
172.67.129.169200 OK 52 kB URL HTTP/2 misctraff.com/l/26997115f3e3b5c262a2
IP 172.67.129.169:0
File type ASCII text, with very long lines (40232), with no line terminators
Hash 21bd98677b6542786206eea4f5fc18e5
f35dd30410dbc8fcba0641ffb09e960fae6c922b
14e3f7c22adf3c17058cc6d027b643a5cab239dc67c141a70a0d163d485ab5f9
GET /l/26997115f3e3b5c262a2 HTTP/1.1
Host: misctraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytube2dl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:05 GMT
content-type: text/html
last-modified: Tue, 20 Aug 2019 14:25:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiiENZdQfk9G5t8Lv%2BvShg%2BypR157H092Qlk68iaXbpo%2FWLXqpn2DB7RP5xBU%2Fjyi80fEXXa7RPDSz2T92C%2BSLORBKNDO1LCGYRbm9DKljzngq4%2FYS3DdQEvzzEr3iq1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeac78970b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 573 B IP 93.184.220.29:0
Hash f80450e75ac5cdd353a7d578a78d656c
3a598a8c93b3221d8480011b5a41a554ddb13d08
0870c5a62e2affa97f57d4037ba47cec4f1ce2886d04133a8eaa62ce45230767
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Last-Modified: Mon, 21 Nov 2022 04:03:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
engine.spotscenered.info/link.engine?z=65496&guid=9c6b98fb-eec1-42a9-b793-641c8be15d39
104.18.97.60302 Found 29 kB URL HTTP/2 engine.spotscenered.info/link.engine?z=65496&guid=9c6b98fb-eec1-42a9-b793-641c8be15d39
IP 104.18.97.60:0
Hash 2d77291b2441daa103c294af5f0ca135
f27c83c7a71f63ed1f9f81d80981a485fd0bb7e5
1952dbcf84d6fd4b63d8be7336c9fd65307e18ddb0573a4ef12a611376bdaa5e
GET /link.engine?z=65496&guid=9c6b98fb-eec1-42a9-b793-641c8be15d39 HTTP/1.1
Host: engine.spotscenered.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytube2dl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:05 GMT
content-type: text/html; charset=utf-8
location: https://engine.spotscenered.info/Redirect.eng?MediaSegmentId=50693&dcid=1_ctx_d082ec59-7184-4bfd-8610-eb0053c1d224&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=rqFF0X34yHxV-wXnS1igNrH0CwNjDCLc1ERV9rym3tl2AKqnrI1W70Oig995Ut407HRBVkYwxvtN7b7lulSqifSkdOa2NhOFzLBDuqCvrG50I75R4HNNr0ul5BaF100-tSMXse-5Kh99I2nK2QDAUTmMyrt4wSaWJTAAX8DWd1XTzxn5ib5cqgT8-vx3w4IduIAAwSFKzcG4PElVTwKEkWNtE89--4PpSyjqPwCL_xerSqLM5w3ZEv5MGPODLu65EO22tA5fLPv8tKRJHx_76qnjeJppmqqy8l3VXkQWle0cufXHwzgVlKZEXdelEL9wwEPx_tt_qa0YqgHhBtFKvthVXVcYsO50Xo4ep5tPIEmK440GigSOpL35oHL9w3dEc-x00Q53rulU7EGwv57wFhWCf-2csI6JNq3pc6IYBlOm6-jqIuhmC3tbTnmMbHasmffprScM5bEesKSQWEJ9LXHQ8Ml4DcrOHvUhuWD-EfbHgo7yzOY5vP_6iQdJlBIb79VR_ADoxkTYxQjlEdyW24_3qFxl4VSVPIvfwO9xKLW0CXY-m-12f6sEpuhyW0hDGh4uKhXYv78ukw1dfR7bfc8YBZHbCB6Q6bquam1XrkvwTmdSvDpO6Rfz_i3C4SyDjezcKvTvH5OESscisJJfuH6u-mToU67LC_XuJ9O1c07zl2f_hIuNyRP2wTPkno6y448q8xYrfLPZr7qEh_JJa65Ho5IteUbu6UpKk2T16CLCLMB_Bha5OnHAtGWpLA5jnqjlyiVkcg-x6tfe-eLyJ-wuyAj2FAsqvq_t6oU3NC5YUgW4f38EbW6IlQwSVZVXhE4qs63AQ7VqFtsBOdMIFiBoLIznkrdMm7NHrrd1B0UkLZmepugg8eaKQZCtq3r00&kw=&mw=1024&mh=535
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=1365b197-00e1-46a9-a441-b8ac6cf79776; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure
ISSH=676C0D; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Mon, 21-Nov-2022 08:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{"16924":[{"SId":"676C0D","D":"22/11/20T20:29:5"}]}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[16924]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Sun, 21-Nov-2032 04:29:05 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76d6aeaba872b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 676 B IP 93.184.220.29:0
Hash 7cc342d86a2d0c18d597163fcfe8a71d
d7fdb4bede80a4f02edb789a504fa5634949c33a
6375e914d5c5313054e3f4c5640d5ad4b16ca824be2ad2a59cbcfb157174cd11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:05 GMT
Etag: "6379f828-117"
Last-Modified: Mon, 21 Nov 2022 02:41:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
174.137.133.18302 Found 0 B URL HTTP/1.1 xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 21 Nov 2022 04:29:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://tsyndicate.com/api/v1/direct/4e420276e1634be7bd548706bf4bd864?extID=362815
Pragma: no-cache
q.popbutler.com/r?fid=404Fp6kIN4q
172.67.155.254204 No Content 0 B URL HTTP/2 q.popbutler.com/r?fid=404Fp6kIN4q
IP 172.67.155.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r?fid=404Fp6kIN4q HTTP/1.1
Host: q.popbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mpshark.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 21 Nov 2022 04:29:05 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIK01bkhN1sKrUQPScG329wM2w4GnK6vAQWwxK11jWxat0gQ1M02xFG64RQamvlAdkF7sDASAxqWF7I2Hfh7b4859N%2FqAcSrSdKhzlC5Mjb3Zz8iBUouwbLEcX4a0Qnrsaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeaf1d3eb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
q.xmlrtb.com/r?fid=40vCpqrINnW
172.67.142.212204 No Content 9.7 kB URL HTTP/2 q.xmlrtb.com/r?fid=40vCpqrINnW
IP 172.67.142.212:0
Hash e5c107418b6ee6794f80206532b7af8e
ca3422c5b20d313a485187d50fee152963716189
72752bde933c556a6b00084c88418fd98b9f775b7ad6dba79bf792caf11d843f
GET /r?fid=40vCpqrINnW HTTP/1.1
Host: q.xmlrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mpshark.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 21 Nov 2022 04:29:05 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ72pNRrQb9u%2FB4bMHqLDFI69kR3rFHVciYSjUvkRT6%2FgOhhqb8z3loGjp%2FeqwBVqowVrTmmUF3J%2BEidibKzG9bRmuQhnW0soYSVw8sxSdc90SCvYM7OVl7IjfEkBck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeaf28770b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8bce3a7ed0e14e002a3647ec47881b1d
9f55d234df3b2bd083779815724059ac8ccd9e6d
6e4c2ad76a55c4b0509696f99742599cb0d6f88d54fdcb4df2fe8c68b6610e15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:06 GMT
Last-Modified: Mon, 21 Nov 2022 04:03:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
104.17.25.14200 OK 4.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 104.17.25.14:0
File type HTML document, ASCII text
Hash 0034a6d5953dccaafa8bec89564728c7
d277a4480a01d15e03978e4b5222ddf306b7f562
51198a285be709f63d93bd44500759fe4dc9350997e521b8a31775caef201422
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2171968
expires: Sat, 11 Nov 2023 04:29:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4fDF1Im7klj%2Bx4teQyOuh8T3wIbBBBzdXkgFUJJhMk2i4GUSohtjVwhWJXRmWD4JjoEAaYSfpFaTTQZOVqB1SNnyrAZ2Ft9rC11H0Q1XwCkFQZHhmlQackQm1PbfwadTpx%2FYwPh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d6aea95fb20b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 18 kB IP 93.184.220.29:0
Hash 5a617a508cc4e0fb0aee514132995b5a
cb8f33548d74aa907d1f23fa403c2400ccde65e4
26c5faf6dff04481b91f06064ad59614a4095f5463fdacf81109f560a2056ac6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6453
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:06 GMT
Etag: "6379f828-117"
Last-Modified: Mon, 21 Nov 2022 02:41:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
misctraff.com/l/26997115f3e3b5c262a2
172.67.129.169200 OK 13 kB URL HTTP/2 misctraff.com/l/26997115f3e3b5c262a2
IP 172.67.129.169:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash d1952037cfb4d70f288b22d1976eaccb
7a488ce30f0b0ec86edd02452dbed27b22f229b8
ec231dd55f281d6279c3527f333f98c0bc73d6e36a0513699c15e58b8ac6726d
GET /l/26997115f3e3b5c262a2 HTTP/1.1
Host: misctraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytube2dl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:05 GMT
content-type: text/html
last-modified: Thu, 15 Oct 2020 14:13:33 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QDQ%2Bj%2FBr9wdOl3w5DBSOFUVn2TML1CoLkF6UxfhjzyDHh83vTdyY0431RziiBVvbTvRximnEZBAu%2BY3SgOBET5Rx1h%2FZl21O2aN3qxo%2BB0ZNs3P3s3qvcZNZc0DqjDi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeaba8430b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mpshark.com/
104.21.76.196200 OK 24 kB IP 104.21.76.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7311)
Hash 5d1464ff5338c5741a74f616fee50a5d
5379d96ac4c31a264b3eca6bec36aa9aae3892a4
f2c5371337c3605eb0a383f6315fbcff1c65273a259edcaae1ee2de2dbbe4c17
GET / HTTP/1.1
Host: www.mpshark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ytube2dl.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:05 GMT
content-type: text/html; charset=utf-8
vary: Cookie
set-cookie: session=eyJjc3JmX3Rva2VuIjoiOWIyODgzOTJmODUwMjA3ODAxNjMwNjUxZDZjYTI2NzMwYTdhMDM5YyJ9.Y3r-kQ.Y87lQV-6wQ7juY-v2I4HhOYqFQU; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FshQ5RGtlMVlgjUlAFboGVEa7osqJsg3HidStU2o%2Beh1S57WXWekXlZsnwcSWFPWGVI8jjefkco%2BM85udM2tTk6smqz1TQUogwqwE%2FRSiDbgpRLJouh3j79eE9kliayI6A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeab8fdbb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
q.cachegorilla.com/r?fid=dgDsw7VfNXk
104.21.51.225302 Found 30 kB URL HTTP/2 q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP 104.21.51.225:0
Hash b07febd9e1af0b24b72da70a976405da
63b081d896c52498e56bbed19eff1d788eddfeef
a53380fcbf489aa99f94b828cebaeb349d1618214b346764371882218ec39c12
GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:05 GMT
location: https://www.ytube2dl.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmHLOnWEUU9aQc%2Brk5P3tDz%2B9FUyqMD8c3MDJiHr8JprEA2A1Yuyz13lZkRB5QAON9qW1QxbKyo6M5h7UpfTqGRqmRZqwZ5R8Xq%2FUbxeeZQ%2BtoNcS1s%2BqUD%2FuTNLSM4y2ugeUkA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea7797d1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 639 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0258ef104e7b13aef0c793b4a6598994
1d5404a1cc08ccd3e8d328b73d619495029bb2f9
4788ce6f1d097d1d174e99a765aff03b2fa1ff837514ba7c806e7d9e2f6c61e4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "345B7F55E53B0E432C2B1DFE455FCF7C75C2AC81C12CFF7789C72647F2DB6856"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4745
Expires: Mon, 21 Nov 2022 05:48:11 GMT
Date: Mon, 21 Nov 2022 04:29:06 GMT
Connection: keep-alive
digiadsply.com/m87673.jpg
104.18.5.101200 OK 231 kB URL HTTP/2 digiadsply.com/m87673.jpg
IP 104.18.5.101:0
File type gzip compressed data, from Unix\012- data
Size 231 kB (231352 bytes)
Hash 30012cdb8af6fb1b0807f2a304b220be
2210f528e861d6f1d31517cbc1f2e92d1e196d46
8b319096faf5b4287f73877de3f421bf004f2e2bf34c0ea37424e51fad7d48cc
GET /m87673.jpg HTTP/1.1
Host: digiadsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engine.spotscenered.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:06 GMT
content-type: image/jpeg
content-length: 230376
cf-ray: 76d6aeb49fa2b50f-OSL
accept-ranges: bytes
age: 1448253
cache-control: max-age=2592000
etag: "761874248a86755381e719557f95ed0b"
expires: Thu, 22 Dec 2022 04:29:06 GMT
last-modified: Wed, 15 May 2019 22:04:37 GMT
via: 1.1 f9a0ddc3860252ab6c4d02ab024b4891.cloudfront.net (CloudFront)
cf-cache-status: HIT
cf-bgj: h2pri
x-amz-cf-id: mRckKyeFyJI-phRYxWBWc6Bh4A7rQUbfCmRs-jhtJzrhmRjSlIwL2g==
x-amz-cf-pop: ARN1-C1
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: RefreshHit from cloudfront
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 40 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b4f7056a31717218b264a5910df377b6
ee76e94e49577c3db1febd69e6f1a588d221a247
265fd30db1f5235b501fa007d503df0c2954d17868e782097a7804f6e104df87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "345B7F55E53B0E432C2B1DFE455FCF7C75C2AC81C12CFF7789C72647F2DB6856"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4745
Expires: Mon, 21 Nov 2022 05:48:11 GMT
Date: Mon, 21 Nov 2022 04:29:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 580 B IP 93.184.220.29:0
Hash 96854362350a531c3477df1590b1cbee
fb84349ed5e727192f8dbd7afb6a7e854ceeb42f
2bef1679461d01a0f3c28734cba88413f5e67c788fb8b4a8a47f82967ee2558d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5424
Cache-Control: max-age=92305
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:07 GMT
Etag: "6379aef4-118"
Expires: Tue, 22 Nov 2022 06:07:32 GMT
Last-Modified: Sun, 20 Nov 2022 04:37:08 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ce98d89bf5d3df861bf883810083b55a
a2bc048f90bd35410d91063b4cff9faee488f02a
4fd2194f4aa642141170c5066052aa5f67992a19e1bba70078925be809ad6e9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5424
Cache-Control: max-age=92305
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:29:07 GMT
Etag: "6379aef4-118"
Expires: Tue, 22 Nov 2022 06:07:32 GMT
Last-Modified: Sun, 20 Nov 2022 04:37:08 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
q.cachegorilla.com/r?fid=dgDsw7VfNXk
104.21.51.225302 Found 4.4 kB URL HTTP/2 q.cachegorilla.com/r?fid=dgDsw7VfNXk
IP 104.21.51.225:0
Hash cc00c963282fe9fe63404db4765e1bd3
932bf0a8498bb2b7e799e41ffbb454ec89e800cd
faab24f1c573798d754924cb3703a08790175242d577d120a6d14001200df746
GET /r?fid=dgDsw7VfNXk HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adforcast.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 21 Nov 2022 04:29:04 GMT
location: https://www.ytube2dl.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3I%2B%2FS1lz5Zl9SLpg79jU65kZsQGygQk5Lji97ErqnegMVPaiDZxdb8F3DN%2Fv9TxMRNr8HNjZCnrrhd8tOgQQewj7p5%2BNiKa04keDBeh5hJRO%2F%2BRVnuo2ST7rO6UKvEGy5q6IRCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aea7797a1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fanasti.com/rc/3d8a3d97e5?affclick=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&pubid=135921_Unknown
172.67.197.219200 OK 1.9 kB URL HTTP/2 fanasti.com/rc/3d8a3d97e5?affclick=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&pubid=135921_Unknown
IP 172.67.197.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a0915f9e15fa7623214ce67964d9faf
b82eb68fe0aa1f15cc72e8c2dbec5f4802b0f91e
b30e57f525aaeeda50bba2fb5704b4e4473b9223adeed06ce7bc2c1d858b0ac6
GET /rc/3d8a3d97e5?affclick=bmconv_20221121052906_5c8ab1f9_5314_46ff_86ea_35e56081f4ca&pubid=135921_Unknown HTTP/1.1
Host: fanasti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://misctraff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:07 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=cwNfmWflxbxZwLSrSkQ+MC8nqLrwnev1ScfDIfiA1sAGv0Ya/icqaqlTjdBbISi0QgLew6AEhj/rrxu/Kx4OluY12bxYKqAeQv5CS8BE90jJosGaP9ei1SSMgJgH; Expires=Mon, 28 Nov 2022 04:29:07 GMT; Path=/
AWSALBCORS=cwNfmWflxbxZwLSrSkQ+MC8nqLrwnev1ScfDIfiA1sAGv0Ya/icqaqlTjdBbISi0QgLew6AEhj/rrxu/Kx4OluY12bxYKqAeQv5CS8BE90jJosGaP9ei1SSMgJgH; Expires=Mon, 28 Nov 2022 04:29:07 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3F7%2FJDtmsFZBJJ0kOoNzvM%2FxVDJj5GSNn4Ed%2FgbtvMkZ66X0IAZOVzEVWIpVjh%2F7VY3VhMz3qd4TqUVCLETxskgU0QY1qTNVt%2BLdlY%2BymtgSYwlM6WY9Qev61cZOZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeb9ae4cb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiNKvKh4EUTmqCCz1fMjM2MOwTWuLK67axLZc3VV9Wy51V1NVff07JxWA5KD4Bw8%2BBN6v9nNEg2SHD0IMitIWBQyILqi%2Bz%2BIkKNITwbGPKj3o74H9X3v1Yf72RmhyNjp5ttmqLRmS60arb60pWJhclddv1b1aY1erG6p%2BELzYnVQOtt%2F1aetGn25%2BqbkO2apTn1KfepXV5SVoRkszVCo5HbXr3VprVmv%2Ba0mBvbR2mUeHPMg%2BmfkWSgxfXz73l0oPkEc3bks3U5qklfeiDLNUmPRF0fvxjuxyWNEizS0HsL4aN4N46aEfHoOJj6aK4DpH5QKEKgp8X7zEcRHc5oI%2BocPmQYaMkYgnkLen0DqCRSbgJvrUOI%2BAbjA%2Bgbi6Oa6sTnbfYiyEp2SyoN%2FoPIpqfz1HOLo22WtBtWrRmepMrHDICygBhOo3gRJdox06EHlx%2BDpB1DiF7L0YA1xdLDhtIESxUy9UhOocAItR2DOQ1Ye5SELPWSJh0icVlmrG1LaDoOw0eg0OeeNBuetzgXREo1mJ6TIeElvhDQZgesRuN1DYvewo0aw2Q9w2wWc8ODSKfHe2UNfFMglQe4IckaQK4I8Jcj7xaHQru6Km0K7LPDnsT6PjWJs0t4%2BOzRpT8ZkPzkjz5Rz8Z689Tt25Gk1EI1Os9Wg9ZaQVAa%2B36n7tE1b1OftTqfhw6kCyp2bSR2qKXnhp5%2BRqCl5gu8hYMdw%2BhhcPQ2W%2BWD5uF2nYNvjZodiGN%2FZ7rFI9pjW0u7WuIkgTIEkrSDd9fb1GXl%2BtqPur19B8pNL331W2ufgtkBiC7ynfiTo6RvjKyYnB1dM7sjdjSRVkRqycn9XU5bKx75%2BS%2B7mxorVy2506zVeAmV6%2B5p06RqLhYp7jnyzrISQdsVYLsn3q25LBpuZ217ObJwla5uvr6xGiZXOKRNPwNR99xG4mpLz0R%2Bzn%2Fnin30oO4HNCkTZCZkblDkGT%2FbgkgV7ZwisXvQEiYc8K8a2HiwutSLQclGzoID7Xx0s8n13Az1bAUuvI44K9G2Bvi7A9AguOz9OE3ty6d788UBXxoG2lYNAW%2F3JbLSl%2B7J0X0xJ%2B%2F2%2F4dRpVbZCGkpal0HYDcI2o6IbNrsB6%2FqyHbSYj9RN%2BfDfj%2F8DAAD%2F%2FwEAAP%2F%2FacSnlIAEAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiNKvKh4EUTmqCCz1fMjM2MOwTWuLK67axLZc3VV9Wy51V1NVff07JxWA5KD4Bw8%2BBN6v9nNEg2SHD0IMitIWBQyILqi%2Bz%2BIkKNITwbGPKj3o74H9X3v1Yf72RmhyNjp5ttmqLRmS60arb60pWJhclddv1b1aY1erG6p%2BELzYnVQOtt%2F1aetGn25%2BqbkO2apTn1KfepXV5SVoRkszVCo5HbXr3VprVmv%2Ba0mBvbR2mUeHPMg%2BmfkWSgxfXz73l0oPkEc3bks3U5qklfeiDLNUmPRF0fvxjuxyWNEizS0HsL4aN4N46aEfHoOJj6aK4DpH5QKEKgp8X7zEcRHc5oI%2BocPmQYaMkYgnkLen0DqCRSbgJvrUOI%2BAbjA%2Bgbi6Oa6sTnbfYiyEp2SyoN%2FoPIpqfz1HOLo22WtBtWrRmepMrHDICygBhOo3gRJdox06EHlx%2BDpB1DiF7L0YA1xdLDhtIESxUy9UhOocAItR2DOQ1Ye5SELPWSJh0icVlmrG1LaDoOw0eg0OeeNBuetzgXREo1mJ6TIeElvhDQZgesRuN1DYvewo0aw2Q9w2wWc8ODSKfHe2UNfFMglQe4IckaQK4I8Jcj7xaHQru6Km0K7LPDnsT6PjWJs0t4%2BOzRpT8ZkPzkjz5Rz8Z689Tt25Gk1EI1Os9Wg9ZaQVAa%2B36n7tE1b1OftTqfhw6kCyp2bSR2qKXnhp5%2BRqCl5gu8hYMdw%2BhhcPQ2W%2BWD5uF2nYNvjZodiGN%2FZ7rFI9pjW0u7WuIkgTIEkrSDd9fb1GXl%2BtqPur19B8pNL331W2ufgtkBiC7ynfiTo6RvjKyYnB1dM7sjdjSRVkRqycn9XU5bKx75%2BS%2B7mxorVy2506zVeAmV6%2B5p06RqLhYp7jnyzrISQdsVYLsn3q25LBpuZ217ObJwla5uvr6xGiZXOKRNPwNR99xG4mpLz0R%2Bzn%2Fnin30oO4HNCkTZCZkblDkGT%2FbgkgV7ZwisXvQEiYc8K8a2HiwutSLQclGzoID7Xx0s8n13Az1bAUuvI44K9G2Bvi7A9AguOz9OE3ty6d788UBXxoG2lYNAW%2F3JbLSl%2B7J0X0xJ%2B%2F2%2F4dRpVbZCGkpal0HYDcI2o6IbNrsB6%2FqyHbSYj9RN%2BfDfj%2F8DAAD%2F%2FwEAAP%2F%2FacSnlIAEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiNKvKh4EUTmqCCz1fMjM2MOwTWuLK67axLZc3VV9Wy51V1NVff07JxWA5KD4Bw8%2BBN6v9nNEg2SHD0IMitIWBQyILqi%2Bz%2BIkKNITwbGPKj3o74H9X3v1Yf72RmhyNjp5ttmqLRmS60arb60pWJhclddv1b1aY1erG6p%2BELzYnVQOtt%2F1aetGn25%2BqbkO2apTn1KfepXV5SVoRkszVCo5HbXr3VprVmv%2Ba0mBvbR2mUeHPMg%2BmfkWSgxfXz73l0oPkEc3bks3U5qklfeiDLNUmPRF0fvxjuxyWNEizS0HsL4aN4N46aEfHoOJj6aK4DpH5QKEKgp8X7zEcRHc5oI%2BocPmQYaMkYgnkLen0DqCRSbgJvrUOI%2BAbjA%2Bgbi6Oa6sTnbfYiyEp2SyoN%2FoPIpqfz1HOLo22WtBtWrRmepMrHDICygBhOo3gRJdox06EHlx%2BDpB1DiF7L0YA1xdLDhtIESxUy9UhOocAItR2DOQ1Ye5SELPWSJh0icVlmrG1LaDoOw0eg0OeeNBuetzgXREo1mJ6TIeElvhDQZgesRuN1DYvewo0aw2Q9w2wWc8ODSKfHe2UNfFMglQe4IckaQK4I8Jcj7xaHQru6Km0K7LPDnsT6PjWJs0t4%2BOzRpT8ZkPzkjz5Rz8Z689Tt25Gk1EI1Os9Wg9ZaQVAa%2B36n7tE1b1OftTqfhw6kCyp2bSR2qKXnhp5%2BRqCl5gu8hYMdw%2BhhcPQ2W%2BWD5uF2nYNvjZodiGN%2FZ7rFI9pjW0u7WuIkgTIEkrSDd9fb1GXl%2BtqPur19B8pNL331W2ufgtkBiC7ynfiTo6RvjKyYnB1dM7sjdjSRVkRqycn9XU5bKx75%2BS%2B7mxorVy2506zVeAmV6%2B5p06RqLhYp7jnyzrISQdsVYLsn3q25LBpuZ217ObJwla5uvr6xGiZXOKRNPwNR99xG4mpLz0R%2Bzn%2Fnin30oO4HNCkTZCZkblDkGT%2FbgkgV7ZwisXvQEiYc8K8a2HiwutSLQclGzoID7Xx0s8n13Az1bAUuvI44K9G2Bvi7A9AguOz9OE3ty6d788UBXxoG2lYNAW%2F3JbLSl%2B7J0X0xJ%2B%2F2%2F4dRpVbZCGkpal0HYDcI2o6IbNrsB6%2FqyHbSYj9RN%2BfDfj%2F8DAAD%2F%2FwEAAP%2F%2FacSnlIAEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344826; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71452a8766cc75c94603645f574f556f
Strict-Transport-Security: max-age=0; includeSubdomains
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BKOtFxYsgMkcFmVTPx86Me1iMayQYk7i7knN1VfWkTHVXU9U9PZlTdEH2IDgHD35C55lkw%2Boiu0cPgkwEWYLCDohGNP%2BDCHsU6dmB0Rfq%2FajnhXqe9633D7JzQpGxs603zVBpzZZbNVp9YVvFwuSuunG96tMavVTdVvHF5qXqoHS2%2F7JPWzX6YvV1yXfNcp36lPrUr64qK0MzWJ6hUMmdrl%2Fr0lqzXvNbTQzsf2uXeXDMg%2Bifk6ehxPT%2FO%2FfvQfEJ4ujuFel2U5O89FqUaZYai744fjvejU0eI1qkofUQxsfzbhg3JeTjJZj4eK4Apn9YKkCgpsT7xUcQH89pIugfPWIaaMgYgXgCeX8CqSdQbAJubkCJBwTgAhubiKNbG8bmbO8Rykp0SioP%2F4LKp6TyxzOIo69XtBpUrxmdpcrEDoOwgBpMoHoTJNkJ0qEHlZ%2BAp%2B9BiZ%2FI8sN1xNHhptMGShQz9UpNoMIJtByBOQ9ZeZSHLPSQJR4icVZlrW5IaTsMwkaj0%2BScNxqctzoXRUs0mp2QIuMlvRHSZASuR%2BB2H4ndx64awWbfwe0UcMKDS6fEe2sffVEglwS5I8gZQa4I8pQg7xdHQru6K24J7bLAn8f6PDaKsUl7B%2BzIpD0Zk4PknDxVzsV7%2FPav2JVn1UA0Os1Wg9ZbQlIZ%2BH6n7tM2bVGftzudhg%2BnCii3NJM6VFPy3A8%2FIlFT8hjfR8BO4PQJuHoSLPPB8nG7TsF2xs0OxTC%2Bu9NjkewxraXdq3ETQZgCSVpBuucd6HPy7GxH3Z8%2Fh%2BSnl7%2F5pLRPwW2BxBZ4R31P0NM3x1dNTg6vmtyRe5tJqiI1ZOX%2BrqUslf%2F78g25lxsr1q640e1XeAmU6Z3r0qXrLBYq7jny1YoSQtpVY7kk3665bRlsZW5nJbNxlqxvvbq6FiVWOqdMPAFTD9wH4GpKLkS%2FzX7m879nUHYCmxWIslMyNyhzAp7swyUL9s4QWL3oCZIl5FkxtvVgcakVgZaLmgUF3L%2FqYJEfuJvo2QpYegNxVKBvC%2FR1AaZHcNmFcZrY08v3548HujIOtK0cBtrqj8rRfjGbb%2Bk%2Bm5L2u3%2FCqbOqbIU0lLQug7AbhG1GRTdsdgPW9WU7aDEfqZvy4d8f%2FgMAAP%2F%2FAQAA%2F%2F8lwLxAgAQAAA%3D%3D
173.233.139.164200 OK 1.5 kB URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BKOtFxYsgMkcFmVTPx86Me1iMayQYk7i7knN1VfWkTHVXU9U9PZlTdEH2IDgHD35C55lkw%2Boiu0cPgkwEWYLCDohGNP%2BDCHsU6dmB0Rfq%2FajnhXqe9633D7JzQpGxs603zVBpzZZbNVp9YVvFwuSuunG96tMavVTdVvHF5qXqoHS2%2F7JPWzX6YvV1yXfNcp36lPrUr64qK0MzWJ6hUMmdrl%2Fr0lqzXvNbTQzsf2uXeXDMg%2Bifk6ehxPT%2FO%2FfvQfEJ4ujuFel2U5O89FqUaZYai744fjvejU0eI1qkofUQxsfzbhg3JeTjJZj4eK4Apn9YKkCgpsT7xUcQH89pIugfPWIaaMgYgXgCeX8CqSdQbAJubkCJBwTgAhubiKNbG8bmbO8Rykp0SioP%2F4LKp6TyxzOIo69XtBpUrxmdpcrEDoOwgBpMoHoTJNkJ0qEHlZ%2BAp%2B9BiZ%2FI8sN1xNHhptMGShQz9UpNoMIJtByBOQ9ZeZSHLPSQJR4icVZlrW5IaTsMwkaj0%2BScNxqctzoXRUs0mp2QIuMlvRHSZASuR%2BB2H4ndx64awWbfwe0UcMKDS6fEe2sffVEglwS5I8gZQa4I8pQg7xdHQru6K24J7bLAn8f6PDaKsUl7B%2BzIpD0Zk4PknDxVzsV7%2FPav2JVn1UA0Os1Wg9ZbQlIZ%2BH6n7tM2bVGftzudhg%2BnCii3NJM6VFPy3A8%2FIlFT8hjfR8BO4PQJuHoSLPPB8nG7TsF2xs0OxTC%2Bu9NjkewxraXdq3ETQZgCSVpBuucd6HPy7GxH3Z8%2Fh%2BSnl7%2F5pLRPwW2BxBZ4R31P0NM3x1dNTg6vmtyRe5tJqiI1ZOX%2BrqUslf%2F78g25lxsr1q640e1XeAmU6Z3r0qXrLBYq7jny1YoSQtpVY7kk3665bRlsZW5nJbNxlqxvvbq6FiVWOqdMPAFTD9wH4GpKLkS%2FzX7m879nUHYCmxWIslMyNyhzAp7swyUL9s4QWL3oCZIl5FkxtvVgcakVgZaLmgUF3L%2FqYJEfuJvo2QpYegNxVKBvC%2FR1AaZHcNmFcZrY08v3548HujIOtK0cBtrqj8rRfjGbb%2Bk%2Bm5L2u3%2FCqbOqbIU0lLQug7AbhG1GRTdsdgPW9WU7aDEfqZvy4d8f%2FgMAAP%2F%2FAQAA%2F%2F8lwLxAgAQAAA%3D%3D
IP 173.233.139.164:0
Hash 3b39021fc4e0e7d692c7676997c692a4
ccbcef0f2d8e31d6a577134bec79c6bacdc83eda
6d2b5e394426a96b632eacf3194bddd569787fe41c4ff45685bd4d320bedd1f0
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzm9%2BKOtFxYsgMkcFmVTPx86Me1iMayQYk7i7knN1VfWkTHVXU9U9PZlTdEH2IDgHD35C55lkw%2Boiu0cPgkwEWYLCDohGNP%2BDCHsU6dmB0Rfq%2FajnhXqe9633D7JzQpGxs603zVBpzZZbNVp9YVvFwuSuunG96tMavVTdVvHF5qXqoHS2%2F7JPWzX6YvV1yXfNcp36lPrUr64qK0MzWJ6hUMmdrl%2Fr0lqzXvNbTQzsf2uXeXDMg%2Bifk6ehxPT%2FO%2FfvQfEJ4ujuFel2U5O89FqUaZYai744fjvejU0eI1qkofUQxsfzbhg3JeTjJZj4eK4Apn9YKkCgpsT7xUcQH89pIugfPWIaaMgYgXgCeX8CqSdQbAJubkCJBwTgAhubiKNbG8bmbO8Rykp0SioP%2F4LKp6TyxzOIo69XtBpUrxmdpcrEDoOwgBpMoHoTJNkJ0qEHlZ%2BAp%2B9BiZ%2FI8sN1xNHhptMGShQz9UpNoMIJtByBOQ9ZeZSHLPSQJR4icVZlrW5IaTsMwkaj0%2BScNxqctzoXRUs0mp2QIuMlvRHSZASuR%2BB2H4ndx64awWbfwe0UcMKDS6fEe2sffVEglwS5I8gZQa4I8pQg7xdHQru6K24J7bLAn8f6PDaKsUl7B%2BzIpD0Zk4PknDxVzsV7%2FPav2JVn1UA0Os1Wg9ZbQlIZ%2BH6n7tM2bVGftzudhg%2BnCii3NJM6VFPy3A8%2FIlFT8hjfR8BO4PQJuHoSLPPB8nG7TsF2xs0OxTC%2Bu9NjkewxraXdq3ETQZgCSVpBuucd6HPy7GxH3Z8%2Fh%2BSnl7%2F5pLRPwW2BxBZ4R31P0NM3x1dNTg6vmtyRe5tJqiI1ZOX%2BrqUslf%2F78g25lxsr1q640e1XeAmU6Z3r0qXrLBYq7jny1YoSQtpVY7kk3665bRlsZW5nJbNxlqxvvbq6FiVWOqdMPAFTD9wH4GpKLkS%2FzX7m879nUHYCmxWIslMyNyhzAp7swyUL9s4QWL3oCZIl5FkxtvVgcakVgZaLmgUF3L%2FqYJEfuJvo2QpYegNxVKBvC%2FR1AaZHcNmFcZrY08v3548HujIOtK0cBtrqj8rRfjGbb%2Bk%2Bm5L2u3%2FCqbOqbIU0lLQug7AbhG1GRTdsdgPW9WU7aDEfqZvy4d8f%2FgMAAP%2F%2FAQAA%2F%2F8lwLxAgAQAAA%3D%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344826; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94cbea3b3d51854407b94ccb46ef2e8e
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
45.133.44.10200 OK 21 kB URL HTTP/1.1 cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919
GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/jpeg
Content-Length: 20566
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Thu, 01 Sep 2022 12:51:28 GMT
ETag: "6310aad0-5056"
Expires: Wed, 23 Nov 2022 04:29:09 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png
45.133.44.10200 OK 113 kB URL HTTP/1.1 cdn.cloudimagesb.com/si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 113 kB (112700 bytes)
Hash a85aa1de5c20ac4eb372e7f76f32ae7f
cc839c5f4d10d95e79ad9b161dff4453ace53149
d5e4a4cd44386fa562de135e43cfe7fdafe70387dd40d805873c982a25ebae83
GET /si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/png
Content-Length: 112700
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Tue, 15 Nov 2022 07:09:29 GMT
ETag: "63733b29-1b83c"
Expires: Wed, 23 Nov 2022 04:29:09 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png
45.133.44.10200 OK 123 kB URL HTTP/1.1 cdn.cloudimagesb.com/si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 123 kB (123291 bytes)
Hash 1c26658a8e0980350d9b1ddd575fa2e1
99514e6f4091235f9ea4ba0933edd20f31c9d031
3b43b009a295edad0eb4c0617671b86f5bb68c732bd57fa090adcdb5807f99a3
GET /si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/png
Content-Length: 123291
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Tue, 15 Nov 2022 07:09:43 GMT
ETag: "63733b37-1e19b"
Expires: Wed, 23 Nov 2022 04:29:09 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png
45.133.44.10200 OK 144 kB URL HTTP/1.1 cdn.cloudimagesb.com/si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144325 bytes)
Hash d76c93ff8a660d41a613c8ef00e2d201
b62383271edfc4b32b571059bcf67c4c33680303
83d31a43474028aa1fe7244059469065fd98dfddca0b11eb04002fa45c039e26
GET /si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hgamegallery.com/
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/png
Content-Length: 144325
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Tue, 15 Nov 2022 07:09:36 GMT
ETag: "63733b30-233c5"
Expires: Wed, 23 Nov 2022 04:29:09 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiPGHwcVL0KEOUkCMls9PzIz5hCMcSUYk5hEcvFSXVU9U251V1PVPT07p9WA5JY5ePAn9H6zmyVxkeQPEKRXkLAoZEB0D%2B7do4g5ivTuwOqDfu99%2Fb3D971Xn6xn%2B4QiY3tX3jUTpTVb6jRo%2FeQNFQuTu%2Fql63WfNuiZ%2Bg0Vn26fqY%2BrZEev%2B7TToKfqb0u%2BYpaa1KfUp359WVkZmvHSAQuVbPf9Rp822s2G32ljbP%2BPXebBMQ9itE9ehBLzJ4cPH0DxEnF0%2F7x0K6lJXnsryjRLjcVIbL0fr8QmjxEdtaH1EMZbi2kYNyfks2Mw8dbCAcxoo3KAQM2J96uPIN5ayEQw2jxUGmjIGIF4FvmohNQlFCvBzU0o8YgAXODSZcTRnUvG5mz1kGUVOye1x39B5XNS%2B%2F0lxNG357Qa168ZnaXKxA7jsIAal1CDEkm2g3TiQeU74OnHUOJnsvT4IuJo47LTBkoUB%2B6VKqHCElpOwZyHrPqUhyz0kCUeIrFXZ51%2BSGk3DMJWq9fmnLdanHd6p0VHtNq9kCLjlbwp0mQKrqfgdg2JXcOKmsJm38MNCzjhwaVz4r23hpEokEuC3BHkjCBXBHlKkI%2BKTaFd0xV3hHZZ4C9qc1Fbxcykg3W2adKBjMl6sk9eqPbiHb%2F7G1bkXj0QrV6706LNjpBUBr7fa%2Fq0SzvU591er%2BXDqQLKHTuwOlFzcuLHn5CoOXmKryFgO3B6B1w9D5b5YPms26Rgw1m7RzGJ7w8HLJIDprW0qw1uIghTIElrSFe9db1PXj64UfejPyH57tntk3%2BXtz84BW4LJLbAh%2BoHgoG%2BNbtqcrJx1eSOPLicpCpSE1bd71rKUvnEvXfkam6suHDeTe%2B%2BwSuiarevS5deZLFQ8cCRb84pIaRdNpZL8t0Fd0MGVzI3PJfZOEsuXnlz%2BUKUWOmcMnEJph49V4KrOXl69%2FzBy3xleQhlS9isQJTtkkVAmR3wZA0u2T1778T2cf%2FVP%2BAMgdVHM0FSQ54VM9sMjn5qRaDlEWZBAfcfHBz16%2B4WBrYGlt5EHBUY2QIjXYDpKVz2zCxN7O7Zh59X8QUCXZsF2tY2Am31p3PS%2F%2BXrKn1VpS8PN%2B3UXl12QhpK2pRB2A%2FCLqOiH7b7Aev7sht0mI%2FUzfnkn9v%2FAgAA%2F%2F8BAAD%2F%2F%2BKAcdiABAAA
173.233.139.164200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiPGHwcVL0KEOUkCMls9PzIz5hCMcSUYk5hEcvFSXVU9U251V1PVPT07p9WA5JY5ePAn9H6zmyVxkeQPEKRXkLAoZEB0D%2B7do4g5ivTuwOqDfu99%2Fb3D971Xn6xn%2B4QiY3tX3jUTpTVb6jRo%2FeQNFQuTu%2Fql63WfNuiZ%2Bg0Vn26fqY%2BrZEev%2B7TToKfqb0u%2BYpaa1KfUp359WVkZmvHSAQuVbPf9Rp822s2G32ljbP%2BPXebBMQ9itE9ehBLzJ4cPH0DxEnF0%2F7x0K6lJXnsryjRLjcVIbL0fr8QmjxEdtaH1EMZbi2kYNyfks2Mw8dbCAcxoo3KAQM2J96uPIN5ayEQw2jxUGmjIGIF4FvmohNQlFCvBzU0o8YgAXODSZcTRnUvG5mz1kGUVOye1x39B5XNS%2B%2F0lxNG357Qa168ZnaXKxA7jsIAal1CDEkm2g3TiQeU74OnHUOJnsvT4IuJo47LTBkoUB%2B6VKqHCElpOwZyHrPqUhyz0kCUeIrFXZ51%2BSGk3DMJWq9fmnLdanHd6p0VHtNq9kCLjlbwp0mQKrqfgdg2JXcOKmsJm38MNCzjhwaVz4r23hpEokEuC3BHkjCBXBHlKkI%2BKTaFd0xV3hHZZ4C9qc1Fbxcykg3W2adKBjMl6sk9eqPbiHb%2F7G1bkXj0QrV6706LNjpBUBr7fa%2Fq0SzvU591er%2BXDqQLKHTuwOlFzcuLHn5CoOXmKryFgO3B6B1w9D5b5YPms26Rgw1m7RzGJ7w8HLJIDprW0qw1uIghTIElrSFe9db1PXj64UfejPyH57tntk3%2BXtz84BW4LJLbAh%2BoHgoG%2BNbtqcrJx1eSOPLicpCpSE1bd71rKUvnEvXfkam6suHDeTe%2B%2BwSuiarevS5deZLFQ8cCRb84pIaRdNpZL8t0Fd0MGVzI3PJfZOEsuXnlz%2BUKUWOmcMnEJph49V4KrOXl69%2FzBy3xleQhlS9isQJTtkkVAmR3wZA0u2T1778T2cf%2FVP%2BAMgdVHM0FSQ54VM9sMjn5qRaDlEWZBAfcfHBz16%2B4WBrYGlt5EHBUY2QIjXYDpKVz2zCxN7O7Zh59X8QUCXZsF2tY2Am31p3PS%2F%2BXrKn1VpS8PN%2B3UXl12QhpK2pRB2A%2FCLqOiH7b7Aev7sht0mI%2FUzfnkn9v%2FAgAA%2F%2F8BAAD%2F%2F%2BKAcdiABAAA
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujiPGHwcVL0KEOUkCMls9PzIz5hCMcSUYk5hEcvFSXVU9U251V1PVPT07p9WA5JY5ePAn9H6zmyVxkeQPEKRXkLAoZEB0D%2B7do4g5ivTuwOqDfu99%2Fb3D971Xn6xn%2B4QiY3tX3jUTpTVb6jRo%2FeQNFQuTu%2Fql63WfNuiZ%2Bg0Vn26fqY%2BrZEev%2B7TToKfqb0u%2BYpaa1KfUp359WVkZmvHSAQuVbPf9Rp822s2G32ljbP%2BPXebBMQ9itE9ehBLzJ4cPH0DxEnF0%2F7x0K6lJXnsryjRLjcVIbL0fr8QmjxEdtaH1EMZbi2kYNyfks2Mw8dbCAcxoo3KAQM2J96uPIN5ayEQw2jxUGmjIGIF4FvmohNQlFCvBzU0o8YgAXODSZcTRnUvG5mz1kGUVOye1x39B5XNS%2B%2F0lxNG357Qa168ZnaXKxA7jsIAal1CDEkm2g3TiQeU74OnHUOJnsvT4IuJo47LTBkoUB%2B6VKqHCElpOwZyHrPqUhyz0kCUeIrFXZ51%2BSGk3DMJWq9fmnLdanHd6p0VHtNq9kCLjlbwp0mQKrqfgdg2JXcOKmsJm38MNCzjhwaVz4r23hpEokEuC3BHkjCBXBHlKkI%2BKTaFd0xV3hHZZ4C9qc1Fbxcykg3W2adKBjMl6sk9eqPbiHb%2F7G1bkXj0QrV6706LNjpBUBr7fa%2Fq0SzvU591er%2BXDqQLKHTuwOlFzcuLHn5CoOXmKryFgO3B6B1w9D5b5YPms26Rgw1m7RzGJ7w8HLJIDprW0qw1uIghTIElrSFe9db1PXj64UfejPyH57tntk3%2BXtz84BW4LJLbAh%2BoHgoG%2BNbtqcrJx1eSOPLicpCpSE1bd71rKUvnEvXfkam6suHDeTe%2B%2BwSuiarevS5deZLFQ8cCRb84pIaRdNpZL8t0Fd0MGVzI3PJfZOEsuXnlz%2BUKUWOmcMnEJph49V4KrOXl69%2FzBy3xleQhlS9isQJTtkkVAmR3wZA0u2T1778T2cf%2FVP%2BAMgdVHM0FSQ54VM9sMjn5qRaDlEWZBAfcfHBz16%2B4WBrYGlt5EHBUY2QIjXYDpKVz2zCxN7O7Zh59X8QUCXZsF2tY2Am31p3PS%2F%2BXrKn1VpS8PN%2B3UXl12QhpK2pRB2A%2FCLqOiH7b7Aev7sht0mI%2FUzfnkn9v%2FAgAA%2F%2F8BAAD%2F%2F%2BKAcdiABAAA HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344826; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 62761740a5cc998e7b41b592e0bc54c4
Strict-Transport-Security: max-age=0; includeSubdomains
s.w.org/images/core/emoji/14.0.0/svg/1f346.svg
192.0.77.48200 OK 432 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f346.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (432), with no line terminators
Hash f92a9f8821057c551982b659b268ed8e
6238f3b621be938ec83d96306647991cf8cec28f
6a51feacbc0c6653c8adf378b5bf03b10a82f8ff387674f6434d3ee9019416af
GET /images/core/emoji/14.0.0/svg/1f346.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:09 GMT
content-type: image/svg+xml
content-length: 432
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f60f.svg
192.0.77.48200 OK 1.4 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f60f.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1389), with no line terminators
Hash 480eb6b0f6c22cbc1d98d6ff93e1edc1
4783d272ed82b97f07330743d8d951a2446c01d3
9b365ccd80dfed36f75598c5c06251b56764fde6914bed50a8ec3b43285c35e0
GET /images/core/emoji/14.0.0/svg/1f60f.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:09 GMT
content-type: image/svg+xml
content-length: 1389
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e9ecb364fccfae4aad59726771bf60f2
6dcf1cde146ab0c5fc80946c1378739c01d484e0
b55b2b73581c7bf1354274f7d3c0db3a8edd7d80dd60bc4e3c8e1012ce2430c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B55B2B73581C7BF1354274F7D3C0DB3A8EDD7D80DD60BC4E3C8E1012CE2430C7"
Last-Modified: Sat, 19 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3545
Expires: Mon, 21 Nov 2022 05:28:14 GMT
Date: Mon, 21 Nov 2022 04:29:09 GMT
Connection: keep-alive
revoketypes.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3t%2BzGFJjJHg5ockGo%2FWX8%2BWW93VVHVP7%2B5pMaARBEdy8dj7ZpMlGiS5K4bZgMiikPEge3APQu6ikKPI7A4sfof6vqr3Dt97rz7dLPeJj5LuXTxn1pXWdCFu%2Bo3Xr6pMmMo1zl9pBH7TP9G4qrJ2dKKxOj3s4K3Aj5v%2BG413JV8xC6Ef%2BH7gB40zysrErC4coFD5nV7Q7PnNKGwGcYRV%2B%2F%2B7Kz046kEM9snzUGLy5PLP96D4GFl697R0K4XJ33wnLTUtjMVAbL%2BfrWSmypAejYn1kGTbMzaMmxDy9TGYbHumAGawNVUApibE%2Bz0Ay7Zna4INbh5uyjRkBiaeRTUYQ%2BoxFB2Dm2tQ4iEBuMD5C8jSW%2BeNrejaIUqn6ITMPf4HqpqQuT9eQJZ%2Bd0qr1cZlo8tCmcxhNamhVsdQ%2FTHycgfFugdV7YAXn0CJX8nC4yVk6dYFpw2U2HstCZLIb3XD%2BZBRMR9FfjxP21zOd1jMut1emCTt8MAipcZQyRhaDkHdMZTOQ6k8lImHMveQir0GjXuJ73cSlrRa3Yhz3mpxHnfbIhatqJv4KPlUwxBFPgTXQ3C7gdxuYEUNYcv7cMs1nPDgCoKBqFFJgsoRVJSgUgRVQVAN6ptCu9DVt4R2JQtmPZz1Vj0yRX%2BT3jRFX2ZkM98nz02N856%2BnWNF7jW6sRAyClshb7Og7cdR0A56STdMRMxD1qVwqoZyx0Cdh3U1IS%2F%2F9AtyNSFP8Q0wugOnd8DVcdDyFdBq1Al90OVR1PWxnt1d7tNU9qnW0q41uUkhTI28mEOx5m3qffLSQYg9HkLy3cU%2FP5h78UbxPbitkdsaH6sHBH19fXTJVGTrkqkcuXchL1Sq1uk04MsFLeTcN%2B%2FJtcpYcfa0G94%2ByafAdLxzRbpiiWZCZX1Hvj2lhJD2jLFckh%2FOuquSXSzd8qnSZmW%2BdPHtM2fT3ErnlMnGoOph5wa4mpBnzm0cfN1Xv3gAZcewZY203CWzgjI74PkGXL67%2BPDD4%2Bzc5G84Q2D1EYflHqqyHtmQHT1qNSHRZ4%2Bg5e7i%2FUcfnfy8swTKajh5ZAOTuz%2F%2BdcjfdNfRtx5ocQ1ZWmNgawx0DaqHcOUToyK3u4u%2FtQ4KTHsjpq23xbTVXx3a69ReQ8aJn0g%2FlCzpsaRDfdFLoh6jvUB2WEwDFG7C1%2F%2F98j8AAAD%2F%2FwEAAP%2F%2FTAyNCJYEAAA%3D
173.233.137.44200 OK 59 B URL HTTP/1.1 revoketypes.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3t%2BzGFJjJHg5ockGo%2FWX8%2BWW93VVHVP7%2B5pMaARBEdy8dj7ZpMlGiS5K4bZgMiikPEge3APQu6ikKPI7A4sfof6vqr3Dt97rz7dLPeJj5LuXTxn1pXWdCFu%2Bo3Xr6pMmMo1zl9pBH7TP9G4qrJ2dKKxOj3s4K3Aj5v%2BG413JV8xC6Ef%2BH7gB40zysrErC4coFD5nV7Q7PnNKGwGcYRV%2B%2F%2B7Kz046kEM9snzUGLy5PLP96D4GFl697R0K4XJ33wnLTUtjMVAbL%2BfrWSmypAejYn1kGTbMzaMmxDy9TGYbHumAGawNVUApibE%2Bz0Ay7Zna4INbh5uyjRkBiaeRTUYQ%2BoxFB2Dm2tQ4iEBuMD5C8jSW%2BeNrejaIUqn6ITMPf4HqpqQuT9eQJZ%2Bd0qr1cZlo8tCmcxhNamhVsdQ%2FTHycgfFugdV7YAXn0CJX8nC4yVk6dYFpw2U2HstCZLIb3XD%2BZBRMR9FfjxP21zOd1jMut1emCTt8MAipcZQyRhaDkHdMZTOQ6k8lImHMveQir0GjXuJ73cSlrRa3Yhz3mpxHnfbIhatqJv4KPlUwxBFPgTXQ3C7gdxuYEUNYcv7cMs1nPDgCoKBqFFJgsoRVJSgUgRVQVAN6ptCu9DVt4R2JQtmPZz1Vj0yRX%2BT3jRFX2ZkM98nz02N856%2BnWNF7jW6sRAyClshb7Og7cdR0A56STdMRMxD1qVwqoZyx0Cdh3U1IS%2F%2F9AtyNSFP8Q0wugOnd8DVcdDyFdBq1Al90OVR1PWxnt1d7tNU9qnW0q41uUkhTI28mEOx5m3qffLSQYg9HkLy3cU%2FP5h78UbxPbitkdsaH6sHBH19fXTJVGTrkqkcuXchL1Sq1uk04MsFLeTcN%2B%2FJtcpYcfa0G94%2ByafAdLxzRbpiiWZCZX1Hvj2lhJD2jLFckh%2FOuquSXSzd8qnSZmW%2BdPHtM2fT3ErnlMnGoOph5wa4mpBnzm0cfN1Xv3gAZcewZY203CWzgjI74PkGXL67%2BPDD4%2Bzc5G84Q2D1EYflHqqyHtmQHT1qNSHRZ4%2Bg5e7i%2FUcfnfy8swTKajh5ZAOTuz%2F%2BdcjfdNfRtx5ocQ1ZWmNgawx0DaqHcOUToyK3u4u%2FtQ4KTHsjpq23xbTVXx3a69ReQ8aJn0g%2FlCzpsaRDfdFLoh6jvUB2WEwDFG7C1%2F%2F98j8AAAD%2F%2FwEAAP%2F%2FTAyNCJYEAAA%3D
IP 173.233.137.44:0
Hash d99b0aee39b603403e89dfbc62b53914
0ee91f316242249ad47667c306c3f67f884a87b3
490003186d1dd350ce04d9ac6397ef369f9efa3df7aba2d28f3a91de4dab80c6
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3t%2BzGFJjJHg5ockGo%2FWX8%2BWW93VVHVP7%2B5pMaARBEdy8dj7ZpMlGiS5K4bZgMiikPEge3APQu6ikKPI7A4sfof6vqr3Dt97rz7dLPeJj5LuXTxn1pXWdCFu%2Bo3Xr6pMmMo1zl9pBH7TP9G4qrJ2dKKxOj3s4K3Aj5v%2BG413JV8xC6Ef%2BH7gB40zysrErC4coFD5nV7Q7PnNKGwGcYRV%2B%2F%2B7Kz046kEM9snzUGLy5PLP96D4GFl697R0K4XJ33wnLTUtjMVAbL%2BfrWSmypAejYn1kGTbMzaMmxDy9TGYbHumAGawNVUApibE%2Bz0Ay7Zna4INbh5uyjRkBiaeRTUYQ%2BoxFB2Dm2tQ4iEBuMD5C8jSW%2BeNrejaIUqn6ITMPf4HqpqQuT9eQJZ%2Bd0qr1cZlo8tCmcxhNamhVsdQ%2FTHycgfFugdV7YAXn0CJX8nC4yVk6dYFpw2U2HstCZLIb3XD%2BZBRMR9FfjxP21zOd1jMut1emCTt8MAipcZQyRhaDkHdMZTOQ6k8lImHMveQir0GjXuJ73cSlrRa3Yhz3mpxHnfbIhatqJv4KPlUwxBFPgTXQ3C7gdxuYEUNYcv7cMs1nPDgCoKBqFFJgsoRVJSgUgRVQVAN6ptCu9DVt4R2JQtmPZz1Vj0yRX%2BT3jRFX2ZkM98nz02N856%2BnWNF7jW6sRAyClshb7Og7cdR0A56STdMRMxD1qVwqoZyx0Cdh3U1IS%2F%2F9AtyNSFP8Q0wugOnd8DVcdDyFdBq1Al90OVR1PWxnt1d7tNU9qnW0q41uUkhTI28mEOx5m3qffLSQYg9HkLy3cU%2FP5h78UbxPbitkdsaH6sHBH19fXTJVGTrkqkcuXchL1Sq1uk04MsFLeTcN%2B%2FJtcpYcfa0G94%2ByafAdLxzRbpiiWZCZX1Hvj2lhJD2jLFckh%2FOuquSXSzd8qnSZmW%2BdPHtM2fT3ErnlMnGoOph5wa4mpBnzm0cfN1Xv3gAZcewZY203CWzgjI74PkGXL67%2BPDD4%2Bzc5G84Q2D1EYflHqqyHtmQHT1qNSHRZ4%2Bg5e7i%2FUcfnfy8swTKajh5ZAOTuz%2F%2BdcjfdNfRtx5ocQ1ZWmNgawx0DaqHcOUToyK3u4u%2FtQ4KTHsjpq23xbTVXx3a69ReQ8aJn0g%2FlCzpsaRDfdFLoh6jvUB2WEwDFG7C1%2F%2F98j8AAAD%2F%2FwEAAP%2F%2FTAyNCJYEAAA%3D HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344880; uid_id2=f1f40382-2bad-4405-a6ce-7b5b8892ff62:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 839e0092c40d2a0072d5ef0b7ea14828
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 1.1 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c8c1d8e812347ec8667b70e2a6a79e5d
15353b7748c35df20f9fe71a26583e360d620b2c
c046870c8abd588ac6254372534c8f6fc00d8928f6edc0c3242003000b0c93e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F102F0DCDA5D31F36AF051FB9F5970EBCAD56D230DABA65CD52E1BE38050084"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15254
Expires: Mon, 21 Nov 2022 08:43:24 GMT
Date: Mon, 21 Nov 2022 04:29:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 755 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5027ef18cd6aa6ade86993043bb639
839bdede77b0090837444c7c9af51e0ce8fdb0f1
fe40803ed42272917ba32afecb724c73c36f0aab6f1ee09b4783db8481cc09e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC793BAAE4F7896AC0C9C46CAFF3B49A015AB1712C7FC21F8650C42314F55518"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11872
Expires: Mon, 21 Nov 2022 07:47:02 GMT
Date: Mon, 21 Nov 2022 04:29:10 GMT
Connection: keep-alive
monkeysloveyou.com/chicken.gif?z=1938828&pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=mEpXpB01cetR-YniOuyTLzFD1Wk0A2O-0RyXSYFY7zZxCTooyrHp_Bvv_NNuhWSrQud8jaHsvbfZwVjTf8sM0bCS2QUV_4Ev6E9_xFbjqDERzmpGk7vjUIZLhT_9eHD1c4PrtL5eGQ0qv0YBH-Wi3e0keywDoiRzqlE4sIXXxpgsC86rQ6inTx9npy6qpBVAMcXcs4OJt62ZynE4QJ1LQz-J7aZ2p59aM2M7mjPrHNMTXI-Ho3Jz89oMlodK31fHWot92r8Dm7PkuejdjtjZpwkjWmmmuZA1ZNxnkagTBNU0Femf423ku2W_GxJgT_0uthnX2NaQz6jSZ8xtTpHSsrTY-1SvfmFIKSiI83LT8Z_DkBjXienimcjLDZdPA6mGynh4dacVss_fM77DrwF1xN1s_m1_wVobUYZ-XV3kc0bkjvCJDSrTno5bYcWuQ0UnSpwsll3-LKhMm_qhVcNsGig3K6LIbPkjKx3MEIJ6lJZnGo8zzGpiO2MjLgCKA2wR6J4r4jPdjIZqp2oFVtv3iBz_2SAYEyPcUQeRHGQrHeruDhR2FcknfKvUmrzJjHdVHQ4wQEW-NbfdmrjXB_hP7k3FWxb16xzUX4Xel-aGfZUngR5KGKOJrYgQg6FyECcIbATaQH6NJMpZ3iR1XvpgKcoQzxQgRSdzxxNitIzEAE_NK-xEejBFrySZ2pqY8aUt2QFa5UGwbSF5ikuOoOA-JFXxxaLJ1LlUfkHBb5lqFqAKFeHoWOn7O3DoHwMRTGfELfbPopM0vJqNML7uCYbbx5_ZpuSk6QvaW5akpvZFPlb-1t3QUFaZNz7SWOeYBzyaSepZccObdDd0kKjGvNMWrYIYNc6qco4LIXgcUa0fOa6arQVO8uiEM91HAvG65Y8rp_30nHfyNUKyaEvHEAKENBJRYUH28E-_8U4oS_oyrzHV31rbrRVJO_Q1cRBe_s7lbY_VT1kfs57dmBtsbrJYWZ7ufbYUV5QcwlIm2Jh_wF3zLDMgH_ALJYjIvTeSJ9-emYLV7ugeI-7DcY5kHT03DW79mjW2iit3rBCmfPjKqIEoOv6SX29SDNJSEOV1VJTLuc1S9CIkqpc3z0Z-3gXTB2sLsKUbEyOQJX7RecCVJongw9iXBO1NDD1iPIXuVQysG09yEvPdl1DZd6UyNc5xZ9OuZaancEgC9VOhMVuRPw8ggUjIAA7Uv7LtdHtNCbOf_wzc2qv-DLBRHnsY66b-1Z_CygQO&abvar=0&os=0
62.122.171.6200 OK 325 B URL HTTP/2 monkeysloveyou.com/chicken.gif?z=1938828&pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=mEpXpB01cetR-YniOuyTLzFD1Wk0A2O-0RyXSYFY7zZxCTooyrHp_Bvv_NNuhWSrQud8jaHsvbfZwVjTf8sM0bCS2QUV_4Ev6E9_xFbjqDERzmpGk7vjUIZLhT_9eHD1c4PrtL5eGQ0qv0YBH-Wi3e0keywDoiRzqlE4sIXXxpgsC86rQ6inTx9npy6qpBVAMcXcs4OJt62ZynE4QJ1LQz-J7aZ2p59aM2M7mjPrHNMTXI-Ho3Jz89oMlodK31fHWot92r8Dm7PkuejdjtjZpwkjWmmmuZA1ZNxnkagTBNU0Femf423ku2W_GxJgT_0uthnX2NaQz6jSZ8xtTpHSsrTY-1SvfmFIKSiI83LT8Z_DkBjXienimcjLDZdPA6mGynh4dacVss_fM77DrwF1xN1s_m1_wVobUYZ-XV3kc0bkjvCJDSrTno5bYcWuQ0UnSpwsll3-LKhMm_qhVcNsGig3K6LIbPkjKx3MEIJ6lJZnGo8zzGpiO2MjLgCKA2wR6J4r4jPdjIZqp2oFVtv3iBz_2SAYEyPcUQeRHGQrHeruDhR2FcknfKvUmrzJjHdVHQ4wQEW-NbfdmrjXB_hP7k3FWxb16xzUX4Xel-aGfZUngR5KGKOJrYgQg6FyECcIbATaQH6NJMpZ3iR1XvpgKcoQzxQgRSdzxxNitIzEAE_NK-xEejBFrySZ2pqY8aUt2QFa5UGwbSF5ikuOoOA-JFXxxaLJ1LlUfkHBb5lqFqAKFeHoWOn7O3DoHwMRTGfELfbPopM0vJqNML7uCYbbx5_ZpuSk6QvaW5akpvZFPlb-1t3QUFaZNz7SWOeYBzyaSepZccObdDd0kKjGvNMWrYIYNc6qco4LIXgcUa0fOa6arQVO8uiEM91HAvG65Y8rp_30nHfyNUKyaEvHEAKENBJRYUH28E-_8U4oS_oyrzHV31rbrRVJO_Q1cRBe_s7lbY_VT1kfs57dmBtsbrJYWZ7ufbYUV5QcwlIm2Jh_wF3zLDMgH_ALJYjIvTeSJ9-emYLV7ugeI-7DcY5kHT03DW79mjW2iit3rBCmfPjKqIEoOv6SX29SDNJSEOV1VJTLuc1S9CIkqpc3z0Z-3gXTB2sLsKUbEyOQJX7RecCVJongw9iXBO1NDD1iPIXuVQysG09yEvPdl1DZd6UyNc5xZ9OuZaancEgC9VOhMVuRPw8ggUjIAA7Uv7LtdHtNCbOf_wzc2qv-DLBRHnsY66b-1Z_CygQO&abvar=0&os=0
IP 62.122.171.6:0
Hash fb4af3982a990adaf62779339478b60a
ab122191d4a2579d8fd9f88ea9e92b91224aee66
89a4b326f6e385b9a5b07cfffde62005810ff567c57ed62a7b36ca1a06b2a151
GET /chicken.gif?z=1938828&pb=7a334378f2ec0c2a900993b4981417a41669012143&psp=mEpXpB01cetR-YniOuyTLzFD1Wk0A2O-0RyXSYFY7zZxCTooyrHp_Bvv_NNuhWSrQud8jaHsvbfZwVjTf8sM0bCS2QUV_4Ev6E9_xFbjqDERzmpGk7vjUIZLhT_9eHD1c4PrtL5eGQ0qv0YBH-Wi3e0keywDoiRzqlE4sIXXxpgsC86rQ6inTx9npy6qpBVAMcXcs4OJt62ZynE4QJ1LQz-J7aZ2p59aM2M7mjPrHNMTXI-Ho3Jz89oMlodK31fHWot92r8Dm7PkuejdjtjZpwkjWmmmuZA1ZNxnkagTBNU0Femf423ku2W_GxJgT_0uthnX2NaQz6jSZ8xtTpHSsrTY-1SvfmFIKSiI83LT8Z_DkBjXienimcjLDZdPA6mGynh4dacVss_fM77DrwF1xN1s_m1_wVobUYZ-XV3kc0bkjvCJDSrTno5bYcWuQ0UnSpwsll3-LKhMm_qhVcNsGig3K6LIbPkjKx3MEIJ6lJZnGo8zzGpiO2MjLgCKA2wR6J4r4jPdjIZqp2oFVtv3iBz_2SAYEyPcUQeRHGQrHeruDhR2FcknfKvUmrzJjHdVHQ4wQEW-NbfdmrjXB_hP7k3FWxb16xzUX4Xel-aGfZUngR5KGKOJrYgQg6FyECcIbATaQH6NJMpZ3iR1XvpgKcoQzxQgRSdzxxNitIzEAE_NK-xEejBFrySZ2pqY8aUt2QFa5UGwbSF5ikuOoOA-JFXxxaLJ1LlUfkHBb5lqFqAKFeHoWOn7O3DoHwMRTGfELfbPopM0vJqNML7uCYbbx5_ZpuSk6QvaW5akpvZFPlb-1t3QUFaZNz7SWOeYBzyaSepZccObdDd0kKjGvNMWrYIYNc6qco4LIXgcUa0fOa6arQVO8uiEM91HAvG65Y8rp_30nHfyNUKyaEvHEAKENBJRYUH28E-_8U4oS_oyrzHV31rbrRVJO_Q1cRBe_s7lbY_VT1kfs57dmBtsbrJYWZ7ufbYUV5QcwlIm2Jh_wF3zLDMgH_ALJYjIvTeSJ9-emYLV7ugeI-7DcY5kHT03DW79mjW2iit3rBCmfPjKqIEoOv6SX29SDNJSEOV1VJTLuc1S9CIkqpc3z0Z-3gXTB2sLsKUbEyOQJX7RecCVJongw9iXBO1NDD1iPIXuVQysG09yEvPdl1DZd6UyNc5xZ9OuZaancEgC9VOhMVuRPw8ggUjIAA7Uv7LtdHtNCbOf_wzc2qv-DLBRHnsY66b-1Z_CygQO&abvar=0&os=0 HTTP/1.1
Host: monkeysloveyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=221120232911346b8d710d43e991155a76ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:10 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Tue, 22 Nov 2022 04:29:10 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
revoketypes.com/err.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3umxxyWxBgJbn5IovFodVX1bLnVXU1V9%2FTunBYDGkFwJBePvW82WaJBkrtimA2IDAoZD7IH9yDkLgo5iszuwOJ3qO%2Breu%2Fwvffq061yn7go6d7Fc3oglaJLYdNtvH5VZlxXtnH%2BSsNzm%2B6JxlWZtYMTjfXZYfpveW7YdN9ovCvYml7yXc91PddrnJFGJHp96QCFzO90vWbXbQZ%2B0wsDrJv%2F323pwFIHvL9Pnofk0ydXf74HycbI0runhV0rdP7mO2mpaKEN%2Bnzn%2FWwt01WG9GhMjIMk25mzoe2UkK%2BPQWc7cwXQ%2Fe2ZAsRySpzfPcTZznxNxP2bh5vGCiJDzJ9F1R9DqDEkHYPpa5D8IQEYx%2FkLyNJb57Wp6MYhSmfolCw8%2FgeympKFP15Aln53Ssn1xmWtykLqzGI9qSHXx5C9MfJyF8XAgax2wYpPIPmvZOnxCrJ0%2B4JVGpLvvZZ4SeC2In%2FRjylfDAI3XKRtJhY7cRhHUddPkrZ%2FYJGUY8hkDCWGoPYYSuuglA7KxEGZO0j5XoOG3cR1O0mctFpRwBhrtRgLozYPeSuIEhclm2kYosiHYGoIZjaRm02sySFMeR92tYblDmxB0Oc1KkFQWYKKElSSoCoIqn59kyvr2%2FoWV7aMvXn3571Vj3TR26I3ddETGdnK98lzM%2BOcp2%2FnWBN7jSjkXAR%2By2ft2Gu7YeC1vW4S%2BQkPmR9HFFbWkPYYqHUwkFPy8k%2B%2FIJdT8hTbREx3YdUumDwOWr4CWo06vgu6OgoiF4Ps7mqPpqJHlRJmo8l0Cq5r5MUCig1nS%2B2Tlw5C7DIfgk2W%2F%2Fxg4cUbxfdgpkZuanwsHxD01PXRJV2R7Uu6suTehbyQqRzQWcCXC1qIhW%2FeExuVNvzsaTu8fZLNgNl454qwxQrNuMx6lnx7SnIuzBltmCA%2FnLVXRXyxtKunSpOV%2BcrFt8%2BcTXMjrJU6G4PKh50bYHJKnjm3efB1X%2F3iAaQZw5Q10nJC5gWpd8HyTdh8svzww%2BPxuenfsJrAqCNOnDuoynpk%2FPjoUckpCT57BCUmy%2FcffXTy884KaFzDiiMbYjH58a9D%2Fpa9jp5xQItryNIafVOjr2pQNYQtnxgVuZks%2F9Y6KMTKGcXKONuxMuqrQ3ut3Gtwt9Nxmc%2FCJGrxKIhEt82Tju9HHRqHwvVQ2Ckb%2FPvlfwAAAP%2F%2FAQAA%2F%2F9t0ekVlgQAAA%3D%3D&errd=no%20impr%20and%20no%20err
173.233.137.44200 OK 288 B URL HTTP/1.1 revoketypes.com/err.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3umxxyWxBgJbn5IovFodVX1bLnVXU1V9%2FTunBYDGkFwJBePvW82WaJBkrtimA2IDAoZD7IH9yDkLgo5iszuwOJ3qO%2Breu%2Fwvffq061yn7go6d7Fc3oglaJLYdNtvH5VZlxXtnH%2BSsNzm%2B6JxlWZtYMTjfXZYfpveW7YdN9ovCvYml7yXc91PddrnJFGJHp96QCFzO90vWbXbQZ%2B0wsDrJv%2F323pwFIHvL9Pnofk0ydXf74HycbI0runhV0rdP7mO2mpaKEN%2Bnzn%2FWwt01WG9GhMjIMk25mzoe2UkK%2BPQWc7cwXQ%2Fe2ZAsRySpzfPcTZznxNxP2bh5vGCiJDzJ9F1R9DqDEkHYPpa5D8IQEYx%2FkLyNJb57Wp6MYhSmfolCw8%2FgeympKFP15Aln53Ssn1xmWtykLqzGI9qSHXx5C9MfJyF8XAgax2wYpPIPmvZOnxCrJ0%2B4JVGpLvvZZ4SeC2In%2FRjylfDAI3XKRtJhY7cRhHUddPkrZ%2FYJGUY8hkDCWGoPYYSuuglA7KxEGZO0j5XoOG3cR1O0mctFpRwBhrtRgLozYPeSuIEhclm2kYosiHYGoIZjaRm02sySFMeR92tYblDmxB0Oc1KkFQWYKKElSSoCoIqn59kyvr2%2FoWV7aMvXn3571Vj3TR26I3ddETGdnK98lzM%2BOcp2%2FnWBN7jSjkXAR%2By2ft2Gu7YeC1vW4S%2BQkPmR9HFFbWkPYYqHUwkFPy8k%2B%2FIJdT8hTbREx3YdUumDwOWr4CWo06vgu6OgoiF4Ps7mqPpqJHlRJmo8l0Cq5r5MUCig1nS%2B2Tlw5C7DIfgk2W%2F%2Fxg4cUbxfdgpkZuanwsHxD01PXRJV2R7Uu6suTehbyQqRzQWcCXC1qIhW%2FeExuVNvzsaTu8fZLNgNl454qwxQrNuMx6lnx7SnIuzBltmCA%2FnLVXRXyxtKunSpOV%2BcrFt8%2BcTXMjrJU6G4PKh50bYHJKnjm3efB1X%2F3iAaQZw5Q10nJC5gWpd8HyTdh8svzww%2BPxuenfsJrAqCNOnDuoynpk%2FPjoUckpCT57BCUmy%2FcffXTy884KaFzDiiMbYjH58a9D%2Fpa9jp5xQItryNIafVOjr2pQNYQtnxgVuZks%2F9Y6KMTKGcXKONuxMuqrQ3ut3Gtwt9Nxmc%2FCJGrxKIhEt82Tju9HHRqHwvVQ2Ckb%2FPvlfwAAAP%2F%2FAQAA%2F%2F9t0ekVlgQAAA%3D%3D&errd=no%20impr%20and%20no%20err
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d2cdd8685f7f28d3a89545258685d6b5
c3587ccb452bf1981d331a6086c05fd6a50189b1
549f5d662a8b354d75261c785362425cc75ed097d2e721f72c21a7d17f4f91cc
Analyzer Verdict Alert quad9 Sinkholed
GET /err.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjiuKXqJ4UFCZgwcFd7a7p3umxxyWxBgJbn5IovFodVX1bLnVXU1V9%2FTunBYDGkFwJBePvW82WaJBkrtimA2IDAoZD7IH9yDkLgo5iszuwOJ3qO%2Breu%2Fwvffq061yn7go6d7Fc3oglaJLYdNtvH5VZlxXtnH%2BSsNzm%2B6JxlWZtYMTjfXZYfpveW7YdN9ovCvYml7yXc91PddrnJFGJHp96QCFzO90vWbXbQZ%2B0wsDrJv%2F323pwFIHvL9Pnofk0ydXf74HycbI0runhV0rdP7mO2mpaKEN%2Bnzn%2FWwt01WG9GhMjIMk25mzoe2UkK%2BPQWc7cwXQ%2Fe2ZAsRySpzfPcTZznxNxP2bh5vGCiJDzJ9F1R9DqDEkHYPpa5D8IQEYx%2FkLyNJb57Wp6MYhSmfolCw8%2FgeympKFP15Aln53Ssn1xmWtykLqzGI9qSHXx5C9MfJyF8XAgax2wYpPIPmvZOnxCrJ0%2B4JVGpLvvZZ4SeC2In%2FRjylfDAI3XKRtJhY7cRhHUddPkrZ%2FYJGUY8hkDCWGoPYYSuuglA7KxEGZO0j5XoOG3cR1O0mctFpRwBhrtRgLozYPeSuIEhclm2kYosiHYGoIZjaRm02sySFMeR92tYblDmxB0Oc1KkFQWYKKElSSoCoIqn59kyvr2%2FoWV7aMvXn3571Vj3TR26I3ddETGdnK98lzM%2BOcp2%2FnWBN7jSjkXAR%2By2ft2Gu7YeC1vW4S%2BQkPmR9HFFbWkPYYqHUwkFPy8k%2B%2FIJdT8hTbREx3YdUumDwOWr4CWo06vgu6OgoiF4Ps7mqPpqJHlRJmo8l0Cq5r5MUCig1nS%2B2Tlw5C7DIfgk2W%2F%2Fxg4cUbxfdgpkZuanwsHxD01PXRJV2R7Uu6suTehbyQqRzQWcCXC1qIhW%2FeExuVNvzsaTu8fZLNgNl454qwxQrNuMx6lnx7SnIuzBltmCA%2FnLVXRXyxtKunSpOV%2BcrFt8%2BcTXMjrJU6G4PKh50bYHJKnjm3efB1X%2F3iAaQZw5Q10nJC5gWpd8HyTdh8svzww%2BPxuenfsJrAqCNOnDuoynpk%2FPjoUckpCT57BCUmy%2FcffXTy884KaFzDiiMbYjH58a9D%2Fpa9jp5xQItryNIafVOjr2pQNYQtnxgVuZks%2F9Y6KMTKGcXKONuxMuqrQ3ut3Gtwt9Nxmc%2FCJGrxKIhEt82Tju9HHRqHwvVQ2Ckb%2FPvlfwAAAP%2F%2FAQAA%2F%2F9t0ekVlgQAAA%3D%3D&errd=no%20impr%20and%20no%20err HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Cookie: u_pl=17344880; uid_id2=f1f40382-2bad-4405-a6ce-7b5b8892ff62:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 21 Nov 2022 04:29:10 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2134875eb6a038606b09b62cd7fe17e4
Strict-Transport-Security: max-age=0; includeSubdomains
spikereekvelocity.com/fwih4jgc?key=d9108d59c1176704036dde15ca47e48e&psid=17344874
192.243.59.12200 OK 30 kB URL HTTP/1.1 spikereekvelocity.com/fwih4jgc?key=d9108d59c1176704036dde15ca47e48e&psid=17344874
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash 3f3807bb95ec1785439a56afb0475c1f
29c55c01d906a9a59cb5948ffd9537178f5aa8f3
0fae48ef6521f7cea0dab84055aedbfdd6c32e99344ef9061d5ebf0f1ed991b9
Analyzer Verdict Alert quad9 Sinkholed
GET /fwih4jgc?key=d9108d59c1176704036dde15ca47e48e&psid=17344874 HTTP/1.1
Host: spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 21 Nov 2022 04:29:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15184015; expires=Tue, 22 Nov 2022 04:29:10 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTE4NDAxNSwiayI6ImQ5MTA4ZDU5YzExNzY3MDQwMzZkZGUxNWNhNDdlNDhlIiwic2lkIjoiMTczNDQ4NzQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoiZndpaDRqZ2MiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9oZ2FtZWdhbGxlcnkuY29tLyJ9fQ.uxAE44aKk5MW0BjwsrjJMeVhA6tAuYlpIWdEccu-BFY; expires=Mon, 21 Nov 2022 04:30:10 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: afceb033d036da591015c0f8b4f5091b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hgamegallery.com/wp-admin/admin-ajax.php
162.144.3.79200 OK 66 B URL HTTP/2 hgamegallery.com/wp-admin/admin-ajax.php
IP 162.144.3.79:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with no line terminators
Hash 14e8dbf9c9d834e8b318d192a9aa5749
26740f184ed25bb42b47226d24b2a8a8e8c52b62
d9400a8bd907f3d428eaaa90170304f2cf292e5e0b1154e36d2127ef92831ac3
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: hgamegallery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 50
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://hgamegallery.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 3
x-nginx-cache: WordPress
content-length: 66
content-type: application/json; charset=UTF-8
date: Mon, 21 Nov 2022 04:29:10 GMT
server: Apache
X-Firefox-Spdy: h2
streamtape.com/e/eLJpmLa02kiYqzW/
104.21.47.209200 OK 0 B URL HTTP/2 streamtape.com/e/eLJpmLa02kiYqzW/
IP 104.21.47.209:0
GET /e/eLJpmLa02kiYqzW/ HTTP/1.1
Host: streamtape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: text/html; charset=UTF-8
cache-control: private
set-cookie: _b=kube16; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1sF2Y8AH8UTKjeptcEgWEFrxgAwBQ%2FxJoKRxbmzcOt%2B1a5neUSk%2BlM2lDaNGA4rZXMkZjM%2FsazXmO%2FhsVlLUIZ6aviyMxAVvfQOfh7LJPHO4PfyovgO2nj5nxNjuEjaYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6ae9cbd65b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:02 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f4a6.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f4a6.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f4a6.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:09 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:02 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f39e.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f39e.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f39e.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:09 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bg4nxu2u5t.com/get/1876944?zoneid=1876944&jp=_cl0hhnonftfus7bkn50e46&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516754791611063
62.122.171.6200 OK 0 B URL HTTP/2 bg4nxu2u5t.com/get/1876944?zoneid=1876944&jp=_cl0hhnonftfus7bkn50e46&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516754791611063
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1876944?zoneid=1876944&jp=_cl0hhnonftfus7bkn50e46&nojs=0&ix=0&abvar=0&t=0&x=891&y=501&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516754791611063 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221120232946c700292f7d4bb8aea761c4f1; Path=/; Expires=Tue, 21 Nov 2023 04:29:03 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
stats.wp.com/e-202247.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.8.2/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.8.2/css/all.css
IP 172.64.132.15:0
GET /releases/v5.8.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ytube2dl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:04 GMT
content-type: text/css
x-amz-id-2: OUhyQEJ5B1WrzEMPio0YBW+W9rmluowRdghuyLYMb93aNEX7MTVeyHutEa9gf9HeYAtfbK02lqM=
x-amz-request-id: F0PQ58ST6Z2H1861
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: W/"77cbad34e5ce95e70847b074e05faeab"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2215039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7ZVHJrjZE3wJ2wp5eSUpe2btYqjBvxFprjikisL1hifPlpArFMyxuWtQtkTjBmBqZFuny8460imMw58DUd4%2BsNXsqi4gx7H705hEiPQWkfziInHKxjCx36kGLe02Zrtg6DQDGKh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d6aeaa0fd073e3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fanasti.com/rc/3d8a3d97e5?affclick=bmconv_20221121052906_23cfefc2_b052_41f1_b1d4_2920bd7d89a3&pubid=135921_Unknown
172.67.197.219200 OK 0 B URL HTTP/2 fanasti.com/rc/3d8a3d97e5?affclick=bmconv_20221121052906_23cfefc2_b052_41f1_b1d4_2920bd7d89a3&pubid=135921_Unknown
IP 172.67.197.219:0
GET /rc/3d8a3d97e5?affclick=bmconv_20221121052906_23cfefc2_b052_41f1_b1d4_2920bd7d89a3&pubid=135921_Unknown HTTP/1.1
Host: fanasti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://misctraff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:07 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=0Qontscac0vSIiJ0qNlvYG3cHcYXuCn5cJ8a2VgYA5zx/B51WJ8mNZlEGwmLvwixCMaiBnE9b1YLKSeyBebKK8jEzCN97JoczUfOwl3Y1i9h86F5uc2kf7NfKg1D; Expires=Mon, 28 Nov 2022 04:29:07 GMT; Path=/
AWSALBCORS=0Qontscac0vSIiJ0qNlvYG3cHcYXuCn5cJ8a2VgYA5zx/B51WJ8mNZlEGwmLvwixCMaiBnE9b1YLKSeyBebKK8jEzCN97JoczUfOwl3Y1i9h86F5uc2kf7NfKg1D; Expires=Mon, 28 Nov 2022 04:29:07 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVly4KbkaevbiBp1OwNC%2Bk5gliFJasEdxoNwY9ApvElnT7sEk324yxgJWTkp8YoOe2BgWYx6UVIE7wScR5EPD6rpIlxOZsPOEG%2Bvlcj8PEGAk1UHMDjAApxsxgP8VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6aeba7e9bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/build/related-posts/related-posts.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/related-posts/related-posts.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/_inc/build/related-posts/related-posts.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:29:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Tue, 21 Nov 2023 04:29:01 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdnjs.buymeacoffee.com/1.0.0/widget.prod.min.js
172.67.70.99200 OK 0 B URL HTTP/2 cdnjs.buymeacoffee.com/1.0.0/widget.prod.min.js
IP 172.67.70.99:0
GET /1.0.0/widget.prod.min.js HTTP/1.1
Host: cdnjs.buymeacoffee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:02 GMT
content-type: application/javascript; charset=UTF-8
age: 1107490
cache-control: public, max-age=2678400, must-revalidate
etag: W/"04fdc5869e458463191b1590830f47bc-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01GCA3ZK099MAGGF6D0H0VRYTW
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plnsVePy0QZq91IF%2Fb%2ByjLztLlz0tY3dImzWU3rF7bzSVhFs9NnvkvKcUbdJ3adR09U00Sb%2B%2BU5%2FX0sfhZzz%2BO7hSf58yxNZbmG8uwmuxIWDIkPCLmiCKR0yyYgZqoxK3nAQIfLdyYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d6ae978a39b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
908356674.tapecontent.net/radosgw/eLJpmLa02kiYqzW/Zg-S2LDlBxXSPhu1-obr6tiVPuVfXjPV-dwbIb0yTJCA79l2e4TGYK9IrPC22SLu4ZrAWWoMM8dH_deLilUyVcNcDR_xEUM1Fjwf-OzP79i-eTt-Ap0PYPoDym_SWG4Gzg4TqUjkLzQvgwvkYJwD_aetlLV9gjnacd1UhHGDpOLSCJSYEzOVxjANHcSkGOY2NbyKzW0Nb3eDEQ3Le-0HoVOedVTQAcg10Ku5bujW-pNCYkDT1MZDbqXTiq1FQtBQaGH5-ER1YZEQCQcR/0566?stream=1
54.36.108.66206 Partial Content 0 B URL HTTP/1.1 908356674.tapecontent.net/radosgw/eLJpmLa02kiYqzW/Zg-S2LDlBxXSPhu1-obr6tiVPuVfXjPV-dwbIb0yTJCA79l2e4TGYK9IrPC22SLu4ZrAWWoMM8dH_deLilUyVcNcDR_xEUM1Fjwf-OzP79i-eTt-Ap0PYPoDym_SWG4Gzg4TqUjkLzQvgwvkYJwD_aetlLV9gjnacd1UhHGDpOLSCJSYEzOVxjANHcSkGOY2NbyKzW0Nb3eDEQ3Le-0HoVOedVTQAcg10Ku5bujW-pNCYkDT1MZDbqXTiq1FQtBQaGH5-ER1YZEQCQcR/0566?stream=1
IP 54.36.108.66:0
GET /radosgw/eLJpmLa02kiYqzW/Zg-S2LDlBxXSPhu1-obr6tiVPuVfXjPV-dwbIb0yTJCA79l2e4TGYK9IrPC22SLu4ZrAWWoMM8dH_deLilUyVcNcDR_xEUM1Fjwf-OzP79i-eTt-Ap0PYPoDym_SWG4Gzg4TqUjkLzQvgwvkYJwD_aetlLV9gjnacd1UhHGDpOLSCJSYEzOVxjANHcSkGOY2NbyKzW0Nb3eDEQ3Le-0HoVOedVTQAcg10Ku5bujW-pNCYkDT1MZDbqXTiq1FQtBQaGH5-ER1YZEQCQcR/0566?stream=1 HTTP/1.1
Host: 908356674.tapecontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Range: bytes=0-
Referer: https://streamtape.com/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: openresty
Date: Mon, 21 Nov 2022 04:29:04 GMT
Content-Type: video/mp4
Content-Length: 44313670
Last-Modified: Wed, 31 Aug 2022 02:39:30 GMT
Connection: keep-alive
ETag: "630ec9e2-2a42c46"
Access-Control-Allow-Origin: *
Allow: OPTIONS, GET, HEAD, POST
Access-Control-Allow-Headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
Access-Control-Expose-Headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
Content-Range: bytes 0-44313669/44313670
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://hgamegallery.com
Connection: keep-alive
Referer: http://hgamegallery.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:29:10 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 21 Nov 2022 05:29:10 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2