enit.in/SRKHqAob
172.67.133.181301 Moved Permanently 0 B IP 172.67.133.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SRKHqAob HTTP/1.1
Host: enit.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 18:15:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 19:15:04 GMT
Location: https://enit.in/SRKHqAob
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJivED4diD%2FjN3fF2NIN7OanpBEnzGwL2wg8j1e9%2F75JKsQaeB8NLEXOw9YjvBeQ130ID3c5Jf9TO8KI6EEyt4WoC75wOLrlqlmAuGdqNpUdPvbh0qcJd%2Fay"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794da11cea36b51b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4222
Expires: Sun, 05 Feb 2023 19:25:26 GMT
Date: Sun, 05 Feb 2023 18:15:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7795
Expires: Sun, 05 Feb 2023 20:24:59 GMT
Date: Sun, 05 Feb 2023 18:15:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 17:36:21 GMT
content-type: application/json
age: 2323
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15395
Expires: Sun, 05 Feb 2023 22:31:39 GMT
Date: Sun, 05 Feb 2023 18:15:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: M6j7E36Xc8O+pabSKZgliLD3fVqfxtbK/IT+XOI4tTWF+SZ9ws4oANStQzE67chTLUzpUv5sp2w=
x-amz-request-id: NN53YZX9WNXWW4Q6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 17:53:22 GMT
age: 1302
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8e94906c627361d2cfe52ce06557f09b
1f953c2186b8dcfd6d8cbb59ec6de0a51ad4fdf0
5be3d2d6bd71a7645ea90dd156b6a80bc6c54b6866c78243cb2252c7e611b603
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5BE3D2D6BD71A7645EA90DD156B6A80BC6C54B6866C78243CB2252C7E611B603"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16416
Expires: Sun, 05 Feb 2023 22:48:40 GMT
Date: Sun, 05 Feb 2023 18:15:04 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 18:15:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 17:49:07 GMT
age: 1558
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3357
Expires: Sun, 05 Feb 2023 19:11:02 GMT
Date: Sun, 05 Feb 2023 18:15:05 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8e94906c627361d2cfe52ce06557f09b
1f953c2186b8dcfd6d8cbb59ec6de0a51ad4fdf0
5be3d2d6bd71a7645ea90dd156b6a80bc6c54b6866c78243cb2252c7e611b603
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5BE3D2D6BD71A7645EA90DD156B6A80BC6C54B6866C78243CB2252C7E611B603"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16415
Expires: Sun, 05 Feb 2023 22:48:40 GMT
Date: Sun, 05 Feb 2023 18:15:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bea1010575854a85c162eeab8e1d6469
2dc4fbafe9cfd1fea35c1acc1f6733b14813958e
5a51fedaa399d33ee2c5832e3d6863e5299ac416504b83001f32ee678a14d10c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5089
Cache-Control: max-age=105756
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:05 GMT
Etag: "63ded864-117"
Expires: Mon, 06 Feb 2023 23:37:41 GMT
Last-Modified: Sat, 04 Feb 2023 22:12:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
i.imgur.com/Zm57T8a.png
151.101.244.193200 OK 6.7 kB IP 151.101.244.193:0
File type PNG image data, 209 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 77cc82df02e99141dbafcdac433b3b6a
47e0af5e3390578f5b49dcb41760ff924455db7a
906ee764e0c4fa542fa06304d3e88b4ac165f080f93fffe89a6c543481c6764d
GET /Zm57T8a.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 14 Jan 2018 15:19:31 GMT
etag: "77cc82df02e99141dbafcdac433b3b6a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 05 Feb 2023 18:15:05 GMT
age: 8332324
x-served-by: cache-iad-kiad7000040-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 42813, 5
x-timer: S1675620906.683913,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6699
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bea1010575854a85c162eeab8e1d6469
2dc4fbafe9cfd1fea35c1acc1f6733b14813958e
5a51fedaa399d33ee2c5832e3d6863e5299ac416504b83001f32ee678a14d10c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5089
Cache-Control: max-age=105756
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:05 GMT
Etag: "63ded864-117"
Expires: Mon, 06 Feb 2023 23:37:41 GMT
Last-Modified: Sat, 04 Feb 2023 22:12:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 40d25efa71d5012c3616508e8657556f
a729041c1eb57ef9ae6e1702725cd132d65e2a96
05f7d87a4e4b0cedf752a937b49e6e3c5d25d7590383b09fe7929380da2b77d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05F7D87A4E4B0CEDF752A937B49E6E3C5D25D7590383B09FE7929380DA2B77D1"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2957
Expires: Sun, 05 Feb 2023 19:04:22 GMT
Date: Sun, 05 Feb 2023 18:15:05 GMT
Connection: keep-alive
push.services.mozilla.com/
35.164.121.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.121.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sdHzFCZlvV1rSPZ+JayjHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VTNjhPqjnDHsRTG4QRe+Iv1AJqc=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 19d644dfb262dae8fc4c088cf4d750c7
37219914164337d76de342b6d0983c10f2d8eb6f
cf85705229bd4fa9cce0f6aa4c2009ccb522f2e6dbd88588f509be792c83497b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF85705229BD4FA9CCE0F6AA4C2009CCB522F2E6DBD88588F509BE792C83497B"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7231
Expires: Sun, 05 Feb 2023 20:15:36 GMT
Date: Sun, 05 Feb 2023 18:15:05 GMT
Connection: keep-alive
system-notify.app/f/sdk.js?z=737225
157.90.33.68200 OK 12 kB URL HTTP/2 system-notify.app/f/sdk.js?z=737225
IP 157.90.33.68:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (45514), with no line terminators
Hash 5907efab76d69d9429dc1a1a09eb0c94
180984e88e32cd5559986056ec1d5f3f1eadfb23
2a6713745520d22b8609d91f078ec6ffe4b1094a341118da71137932f2c4aad6
GET /f/sdk.js?z=737225 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 18:15:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 11649
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
js.hcaptcha.com/1/api.js
104.16.169.131200 OK 81 kB IP 104.16.169.131:0
File type Unicode text, UTF-8 text, with very long lines (57362)
Hash c54284bf45065d3a28c9cd439aa02588
55db99cef53b24723aed7544149e96358d19eec8
1c0d7bbb1964b860cc336c9681c485ca7870bd169a6a9b5a556ef8d540f80bdb
GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:05 GMT
content-type: application/javascript
cf-ray: 794da1249c410b45-OSL
age: 0
cache-control: max-age=120
etag: W/"777d334016fd859eff9671706a59e51c"
last-modified: Thu, 02 Feb 2023 17:18:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 5sDIeAm01Jei3_iGPYVhgm17YO1La2Mr1xjz52uIIogkQx3QDAuZLg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b5fbf79a8410078320eae9fbc88f74ee
0a830fc0980b33a6642b4b67ba3840f5a5984256
9eaa2a80a5b8fe164152d54c926cc1828e4d05aa7c91a7f74236c049908f4361
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 18:15:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 07:28:23 GMT
Expires: Fri, 10 Feb 2023 07:28:22 GMT
Etag: "0a830fc0980b33a6642b4b67ba3840f5a5984256"
Cache-Control: max-age=392595,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794da126ea470b61-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 016488084287f377b55b2b61b20326bf
a3d428b77c22053d8befb29122c8e0bb5c34427e
5d2f7a1a5c282cba5e91b179515d4aef19ce9f9519f140ac5a898f4fc6f77e82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D2F7A1A5C282CBA5E91B179515D4AEF19CE9F9519F140AC5A898F4FC6F77E82"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14573
Expires: Sun, 05 Feb 2023 22:17:59 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b5fbf79a8410078320eae9fbc88f74ee
0a830fc0980b33a6642b4b67ba3840f5a5984256
9eaa2a80a5b8fe164152d54c926cc1828e4d05aa7c91a7f74236c049908f4361
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 18:15:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 07:28:23 GMT
Expires: Fri, 10 Feb 2023 07:28:22 GMT
Etag: "0a830fc0980b33a6642b4b67ba3840f5a5984256"
Cache-Control: max-age=392595,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794da126ef11b523-OSL
taghaugh.com/5/5491932
139.45.197.237200 OK 24 kB IP 139.45.197.237:0
File type ASCII text, with very long lines (64198), with no line terminators
Hash e36b3f425a7f70dc2d3c0a8e8c49acf0
112c1723a937263d265e52a4aa663383022d1508
37424ab4026dc12baadf9f580f0b5a56f65f049f1b0b632e1ecba4300cc7b211
GET /5/5491932 HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 18:15:05 GMT
content-type: application/javascript
x-trace-id: 0f253ff4fe2a5a183a901b7f825c18fd
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=03b1ba506ff34095bb022a7cdc2c85c3; expires=Mon, 05 Feb 2024 18:15:05 GMT; path=/; secure; SameSite=None
oaidts=1675620905; expires=Mon, 05 Feb 2024 18:15:05 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
uidsync.net/sync?user_id=S96ICsQdY2s6PqjvYrcb8G
157.90.33.121200 OK 62 B URL HTTP/2 uidsync.net/sync?user_id=S96ICsQdY2s6PqjvYrcb8G
IP 157.90.33.121:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash cd47d9545f1daae7bec4c120b1ee910d
c848d0d7005b284be4a794372fb4b88b368ab5ee
042394344e4cc54dda99fbf0c073936e6dd001b0df08258d2c2151c5da540d76
GET /sync?user_id=S96ICsQdY2s6PqjvYrcb8G HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enit.in/
Content-Type: application/json
Origin: https://enit.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 18:15:06 GMT
content-type: application/json; charset=utf-8
content-length: 62
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
set-cookie: rauid=S96ICsQdY2s6PqjvYrcb8G; expires=Mon, 05 Feb 2024 18:15:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
academyblocked.com/34/aa/84/34aa847f855cc91a3510c99f05af9a65.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 academyblocked.com/34/aa/84/34aa847f855cc91a3510c99f05af9a65.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37130), with no line terminators
Hash f551175765ef7e30089a2fdc0fdde78d
47afa3aee440ff7b95f47e33929f4f8ac8e617ab
49ad8036182e387eb3bf3f177282d60c26ff7cf6b9eab12113966c503a8638ba
GET /34/aa/84/34aa847f855cc91a3510c99f05af9a65.js HTTP/1.1
Host: academyblocked.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 18:15:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 374a0ede14980ce83206471d5558fd24
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bfea74a6190e45e6b339a9ed62e59fd1
52a5787e4375d9012a8653c14cd5c66d68909ffb
f1251329302001bd0d2de99dfe1100887ff6a7b69de4ad2b9a2a718efe6c91d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F1251329302001BD0D2DE99DFE1100887FF6A7B69DE4AD2B9A2A718EFE6C91D1"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16417
Expires: Sun, 05 Feb 2023 22:48:43 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bc3cdd90d0ea01ad8a789b3302c2dc07
7a9c5489f625c470f99c4313b46cac87c986db1f
1cddee6d073a2f7c726ce28acd4f02efd541847e901ad084f845ef26a6b4171d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6f5ab3bdbb5ebcebf9a163e0c85ab467
43f1c3de55e528c5be75895eb08b64840a0c8b95
d7c6e6ba9986867972fbc47f35dc823e3c78db46acf5292b6933e0f5760e47be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7C6E6BA9986867972FBC47F35DC823E3C78DB46ACF5292B6933E0F5760E47BE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16578
Expires: Sun, 05 Feb 2023 22:51:24 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
i.ytimg.com/vi/XixSUf8-F0k/hqdefault.jpg
142.250.74.86200 OK 12 kB URL HTTP/2 i.ytimg.com/vi/XixSUf8-F0k/hqdefault.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 1622f1bf3a222cdbb00402d2615b8a25
4849e88d0bbb946a2564561730cc604bd23d0860
ac2f1bb2790397162b648d07d637107d780af8d99419736653c09c4f4a91e4e1
GET /vi/XixSUf8-F0k/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 11719
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 18:07:32 GMT
expires: Sun, 05 Feb 2023 20:07:32 GMT
cache-control: public, max-age=7200
etag: "1667846379"
content-type: image/jpeg
age: 454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M8H9XNQ
172.217.21.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M8H9XNQ
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash ee37220523661f998fd2e5b349c468fc
7ddc8737302d3db65918c4b868b8ef5fab41972d
43def20044029781c91747d1fff1ec8d526f5db52cbb910eac263cd43c2c8d5c
GET /gtm.js?id=GTM-M8H9XNQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 18:15:06 GMT
expires: Sun, 05 Feb 2023 18:15:06 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46291
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bc3cdd90d0ea01ad8a789b3302c2dc07
7a9c5489f625c470f99c4313b46cac87c986db1f
1cddee6d073a2f7c726ce28acd4f02efd541847e901ad084f845ef26a6b4171d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js?userId=03b1ba506ff34095bb022a7cdc2c85c3
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=03b1ba506ff34095bb022a7cdc2c85c3
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 06fcd5f5ceaf21b956c3e326ac9b3883
e915e3802574f7f3591a5495ddbbb70d9d71b0a9
afce429da70fce96b5994f2792cb873c8fe9a657a26b5ea39c75c8f5404900f9
GET /gid.js?userId=03b1ba506ff34095bb022a7cdc2c85c3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 18:15:06 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://enit.in
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=03b1ba506ff34095bb022a7cdc2c85c3; expires=Mon, 05 Feb 2024 18:15:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161425
Date: Sun, 05 Feb 2023 18:15:06 GMT
Etag: "63dfaf99-1d7"
Expires: Tue, 07 Feb 2023 15:05:31 GMT
Last-Modified: Sun, 05 Feb 2023 13:31:05 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: meOJIB2R5uIUwJmNcDkSLWIUJ-kuw_0bHHzdDKGepQ7HcLd98kywMw==
Age: 5666
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 3909d05cd23105ef8a815ababee177dc
1abacf73a46c66de253cc9ea66b07904f196054d
5a278dcdf436f8a1877df04278d2745ac86aeae05f6df16d806529567ede1937
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
set-cookie: uid_id2=25eea4be-d3f7-48e0-a045-6dd940fb2072:3:1; expires=Wed, 02 Feb 2033 18:15:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bfea74a6190e45e6b339a9ed62e59fd1
52a5787e4375d9012a8653c14cd5c66d68909ffb
f1251329302001bd0d2de99dfe1100887ff6a7b69de4ad2b9a2a718efe6c91d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F1251329302001BD0D2DE99DFE1100887FF6A7B69DE4AD2B9A2A718EFE6C91D1"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16417
Expires: Sun, 05 Feb 2023 22:48:43 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39302)
Hash 7a948f2ef1cd6fe8d0b0191dda6d3c2f
4a20adcc9af4f774d7af798d0ac1c768d05d76d6
a966287584c5d304d5e94b697fdf9d45f814664eab893f68a0d270149de3d0d5
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27284
date: Sun, 05 Feb 2023 18:15:06 GMT
expires: Sun, 05 Feb 2023 18:15:06 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1473 / 130 of 1000 / last-modified: 1675465842"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
Hash 39316ffaa6ce26f96019c0831ddb22c1
041642cc9e16983137382480162e12f19df797de
4d105ae7145124d3e5974a68e84fef6762de94932d874a1f3f38eeb1a4099dea
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 17:44:08 GMT
expires: Sun, 05 Feb 2023 19:44:08 GMT
cache-control: public, max-age=7200
age: 1858
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 98089acb98ec0b3bf3e4b751487d1796
fe28a756381710ce40bf337358f66fb5f4acbeeb
41d62a039809f0a2d6b6b4862fa30e7cfcb188ef00c19cc41ddec01d45a27c11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41D62A039809F0A2D6B6B4862FA30E7CFCB188EF00C19CC41DDEC01D45A27C11"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11814
Expires: Sun, 05 Feb 2023 21:32:00 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9875
Expires: Sun, 05 Feb 2023 20:59:41 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9875
Expires: Sun, 05 Feb 2023 20:59:41 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9875
Expires: Sun, 05 Feb 2023 20:59:41 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9875
Expires: Sun, 05 Feb 2023 20:59:41 GMT
Date: Sun, 05 Feb 2023 18:15:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:53:51 GMT
age: 12075
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 12:31:54 GMT
age: 20592
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 12:03:14 GMT
age: 22312
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEoFHOKIAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:45 GMT
age: 72201
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 52498
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 72248
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s4.histats.com/stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1675620947847&@k0&@l1&@mClicksfly%20Dynamic%20Link&@n0User=447748|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-75229350&@b3:1675620948&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FSRKHqAob%23&@w
149.56.240.129200 OK 64 B URL HTTP/1.1 s4.histats.com/stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1675620947847&@k0&@l1&@mClicksfly%20Dynamic%20Link&@n0User=447748|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-75229350&@b3:1675620948&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FSRKHqAob%23&@w
IP 149.56.240.129:0
File type ASCII text, with no line terminators
Hash 6d58ffbe82ac6dd574ce5193a31c2c02
0ae4c3c56b295c41761aee167ec90eabc9b5e0db
0b9a3b1503e60ca6a45b181d2a9df0dd0c4b1a4ecd74b18d17f2bed8cdb1da25
GET /stats/0.php?3963887&@f16&@g1&@h1&@i1&@j1675620947847&@k0&@l1&@mClicksfly%20Dynamic%20Link&@n0User=447748|Plan=High&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-75229350&@b3:1675620948&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fenit.in%2FSRKHqAob%23&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 18:15:07 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 64
Connection: close
adservice.google.com/adsid/integrator.js?domain=enit.in
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=enit.in
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=enit.in HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 18:15:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=enit.in
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=enit.in
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=enit.in HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 18:15:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.7 kB URL HTTP/2 2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sun, 05 Feb 2023 18:15:07 GMT
expires: Mon, 05 Feb 2024 18:15:07 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&gjid=2108709813&_gid=1457881020.1675620948&_u=YADAAEAAAAAAACAAI~&z=67099593
64.233.161.156200 OK 744 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&gjid=2108709813&_gid=1457881020.1675620948&_u=YADAAEAAAAAAACAAI~&z=67099593
IP 64.233.161.156:0
Hash 9eb3244401205952fa29e7d6f5d35097
2c22c9f117c6db4224b12ea4fcf2ceab7757688f
481253935d51187439ef709621113a2b1c3ca677bf81875853ce7dc42891c5ab
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&gjid=2108709813&_gid=1457881020.1675620948&_u=YADAAEAAAAAAACAAI~&z=67099593 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://enit.in
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 18:15:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
142.250.74.2200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
IP 142.250.74.2:0
File type JSON data\012- , ASCII text, with very long lines (14653), with no line terminators
Hash 9d6a1dc265446a6416dd2507922aca25
760ba15f3b12f9a29e83a47125c535c0971e19bc
7321fd210d8b70f79e5d2c0627a77743371f9794e9e2ce4d6c0edad1c2125cfb
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 05 Feb 2023 18:15:07 GMT
server: cafe
content-length: 11060
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 79e65fc8bd6082f7b42e9235efec43f9
f9a2b2c14c1fa6aa4d832c77066452c72b209274
0266d380456e97ee19ae84c54858fc37d227d79292fb731015a874b3d954eb5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0266D380456E97EE19AE84C54858FC37D227D79292FB731015A874B3D954EB5E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10153
Expires: Sun, 05 Feb 2023 21:04:20 GMT
Date: Sun, 05 Feb 2023 18:15:07 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-PMDXVPR38M>m=45je3210&_p=1455487066&cid=738854168.1675620948&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675620948&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FSRKHqAob&dt=Clicksfly%20Dynamic%20Link&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-PMDXVPR38M>m=45je3210&_p=1455487066&cid=738854168.1675620948&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675620948&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FSRKHqAob&dt=Clicksfly%20Dynamic%20Link&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-PMDXVPR38M>m=45je3210&_p=1455487066&cid=738854168.1675620948&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675620948&sct=1&seg=0&dl=https%3A%2F%2Fenit.in%2FSRKHqAob&dt=Clicksfly%20Dynamic%20Link&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://enit.in
date: Sun, 05 Feb 2023 18:15:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 711bfa565919548ccadd9e9e1ac41792
4ff0e50ab07d187f3e71e30924990461c77f8f04
92d179de98d6fd14807963bae6dae8852197f9fd7e498c3abd98143ff209ca28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&_u=YADAAEAAAAAAACAAI~&z=1656612250
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&_u=YADAAEAAAAAAACAAI~&z=1656612250
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&_u=YADAAEAAAAAAACAAI~&z=1656612250 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 18:15:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
216.58.211.1200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 05 Feb 2023 18:15:07 GMT
expires: Sun, 05 Feb 2023 18:15:07 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&_u=YADAAEAAAAAAACAAI~&z=1656612250
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&_u=YADAAEAAAAAAACAAI~&z=1656612250
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-110155808-1&cid=738854168.1675620948&jid=1402368332&_u=YADAAEAAAAAAACAAI~&z=1656612250 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 18:15:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Sat, 04 Feb 2023 19:23:41 GMT
expires: Sat, 18 Feb 2023 19:23:41 GMT
cache-control: public, max-age=1209600
age: 82286
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.211.1200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.211.1:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:40:39 GMT
expires: Fri, 02 Feb 2024 00:40:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 322468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash c39d04d7a4a22dfd44bf3c7828a6671d
cf2b24a08f0747585ae552daf42456fb7b31eb92
c11ff88d2d97aab9a0279117d04f10814244c68d1916c5dd7d2d79aa86c3286b
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 05 Feb 2023 18:15:07 GMT
date: Sun, 05 Feb 2023 18:15:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-tz8S7HJ3h0D_2CSTPftiqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
withenvisagehurt.com/sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=25eea4be-d3f7-48e0-a045-6dd940fb2072%3A3%3A1
192.243.59.12200 OK 3.7 kB URL HTTP/1.1 withenvisagehurt.com/sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=25eea4be-d3f7-48e0-a045-6dd940fb2072%3A3%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6287), with no line terminators
Hash 6898448c04a23ed709bbf133d631cf36
9a46c95f2818fdfdf2e41868dfb746ab62b32cf0
a04551f34a776cb762332ac29e334cf08a8ce14329038296b22e06260b33962e
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=34aa847f855cc91a3510c99f05af9a65&uuid=25eea4be-d3f7-48e0-a045-6dd940fb2072%3A3%3A1 HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 18:15:07 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://enit.in
Access-Control-Allow-Origin: https://enit.in
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15467565; expires=Mon, 06 Feb 2023 18:15:07 GMT; secure; SameSite=None
uid_id2=25eea4be-d3f7-48e0-a045-6dd940fb2072:3:1; expires=Sun, 12 Feb 2023 18:15:07 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 18:15:07 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 18:15:07 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 Feb 2023 18:15:07 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 Feb 2023 18:15:07 GMT; secure; SameSite=None
slec34aa847f855cc91a3510c99f05af9a65=[3986545]; expires=Sun, 05 Feb 2023 18:15:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e4ba69007f7e45e90475c3fb7fd5ce7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/xgckIALK_ts
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xgckIALK_ts
IP 142.250.74.131:0
Hash bfaf554d1d3deae4fd186dbce4296763
c9c333200c72ce31b7abac2f07bf91962b03b834
e1c1fe36f1cb40182a27dd1b9475daf819e7da929cdf0f257495c3783f557f05
POST /s/gts1p5/xgckIALK_ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 32f2303686dd97bd505c717191db295e
ec7f36c2f8416458cac98eee989c51c7f880c747
8f093240519e2239d7c63c9236cb862fe2483d9f641c2beb99287b71d69c789e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F093240519E2239D7C63C9236CB862FE2483D9F641C2BEB99287B71D69C789E"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18505
Expires: Sun, 05 Feb 2023 23:23:33 GMT
Date: Sun, 05 Feb 2023 18:15:08 GMT
Connection: keep-alive
withenvisagehurt.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTjannBQRBIU%2BeFB0J9Uz3TvTRlhMYiQYk5hEcq6uqp4tp6arreqenl0UogHJcbz549L7TZJFjWL%2BAEFnvYQ5iJOILOh68CoeDHiWmR1cfId679X3Dt%2F3vffhdrlPKEq2d%2BkNs6W0ZieiBvWfu6YyYSrnX7jqB7RBT%2FrXVLYWnvSH88cOXgpo1KDP%2B69J3jMnmjSgNKCBf1ZZmZrhiQUKld%2BNg0ZMG2GzEUQhhvb%2FvSs9OOZBDPbJ41Bidmzj%2Fj0oPkHW%2F%2BaMdL3C5C%2B%2B2i81K4zFQOy8lfUyU2XoH5ap9ZBmO8tpGDcj5OMjMNnOUgHM4NZcARI1I94vAZJsZ0kTyeD2AdNEQ2ZIxHFUgwmknkCxCbi5ASV%2BIgAXuHARWf%2FOBWMrtnmAsjk6Iyv%2FPIKqZmTltyeQ9b8%2BpdXQv2J0WSiTOQzTGmo4gepOkJe7KLY8qGoXvPgAShBk%2FRpK7D3bjKRkYSJXRSttr4YdSVcZDaPVNSHikKZJk7abC2uUmkClE2g5AnNHUToPpfJQph7K3ENf7PksilNK22mStlqdkHPeanEeddZEJFphJ6Uo%2BZz7CEU%2BAtcjcHsdub2OnhrBlt%2FBbdRwwoMrCAaiRiUJKkdQMYJKEVQFQTWobwvtmq6%2BI7Qrk2CZm8vcqsem6G6z26boyoxs5%2FvksYVhf66soif3%2FFbIWCdsp50o4jwOWCsKKI%2FjlEYsjdlaBKdqKHcEzHnYmm%2FvzPfI1YyQv1aRsF04vQuungYrnwGrxu0mBdsYhx2KrewrrhXvuVRvNrjpQ5gaebGCYtPb1vvkqQWRlx%2B%2BA8mn678%2BfO%2BztTen4LZGbmu8rX4g6Oqb48umIrcum8qRexfzQvXVFptv9UrBCnnsi9flZmWsOHfGjT5%2Fhc%2BBeXn3qnTFeZYJlXUd%2BfKUEkLas8ZySb49567J5FLpNk6VNivz85dOnz3Xz610TplsAjbX9v674GpGjnvZ4mL9H7tQdgJb1uiXU7IMKLMLnl%2BHy6frPz847R49%2BQecIbD6cCbJPVRlPbbN5PBTKwItD3uW1HByun7%2Fk3l8ikT%2BZ8i2u4mu9cCKG4s7HdgaA12D6RFceXRc5Ha6%2FqC1CCTaGyfaercSbfVHB%2BY6tefLKKWppE2ZpHGSthkVcRrGCYsD2U4iFqBwM%2F773y%2F8CwAA%2F%2F8BAAD%2F%2F6tTpR6JBAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 withenvisagehurt.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTjannBQRBIU%2BeFB0J9Uz3TvTRlhMYiQYk5hEcq6uqp4tp6arreqenl0UogHJcbz549L7TZJFjWL%2BAEFnvYQ5iJOILOh68CoeDHiWmR1cfId679X3Dt%2F3vffhdrlPKEq2d%2BkNs6W0ZieiBvWfu6YyYSrnX7jqB7RBT%2FrXVLYWnvSH88cOXgpo1KDP%2B69J3jMnmjSgNKCBf1ZZmZrhiQUKld%2BNg0ZMG2GzEUQhhvb%2FvSs9OOZBDPbJ41Bidmzj%2Fj0oPkHW%2F%2BaMdL3C5C%2B%2B2i81K4zFQOy8lfUyU2XoH5ap9ZBmO8tpGDcj5OMjMNnOUgHM4NZcARI1I94vAZJsZ0kTyeD2AdNEQ2ZIxHFUgwmknkCxCbi5ASV%2BIgAXuHARWf%2FOBWMrtnmAsjk6Iyv%2FPIKqZmTltyeQ9b8%2BpdXQv2J0WSiTOQzTGmo4gepOkJe7KLY8qGoXvPgAShBk%2FRpK7D3bjKRkYSJXRSttr4YdSVcZDaPVNSHikKZJk7abC2uUmkClE2g5AnNHUToPpfJQph7K3ENf7PksilNK22mStlqdkHPeanEeddZEJFphJ6Uo%2BZz7CEU%2BAtcjcHsdub2OnhrBlt%2FBbdRwwoMrCAaiRiUJKkdQMYJKEVQFQTWobwvtmq6%2BI7Qrk2CZm8vcqsem6G6z26boyoxs5%2FvksYVhf66soif3%2FFbIWCdsp50o4jwOWCsKKI%2FjlEYsjdlaBKdqKHcEzHnYmm%2FvzPfI1YyQv1aRsF04vQuungYrnwGrxu0mBdsYhx2KrewrrhXvuVRvNrjpQ5gaebGCYtPb1vvkqQWRlx%2B%2BA8mn678%2BfO%2BztTen4LZGbmu8rX4g6Oqb48umIrcum8qRexfzQvXVFptv9UrBCnnsi9flZmWsOHfGjT5%2Fhc%2BBeXn3qnTFeZYJlXUd%2BfKUEkLas8ZySb49567J5FLpNk6VNivz85dOnz3Xz610TplsAjbX9v674GpGjnvZ4mL9H7tQdgJb1uiXU7IMKLMLnl%2BHy6frPz847R49%2BQecIbD6cCbJPVRlPbbN5PBTKwItD3uW1HByun7%2Fk3l8ikT%2BZ8i2u4mu9cCKG4s7HdgaA12D6RFceXRc5Ha6%2FqC1CCTaGyfaercSbfVHB%2BY6tefLKKWppE2ZpHGSthkVcRrGCYsD2U4iFqBwM%2F773y%2F8CwAA%2F%2F8BAAD%2F%2F6tTpR6JBAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTjannBQRBIU%2BeFB0J9Uz3TvTRlhMYiQYk5hEcq6uqp4tp6arreqenl0UogHJcbz549L7TZJFjWL%2BAEFnvYQ5iJOILOh68CoeDHiWmR1cfId679X3Dt%2F3vffhdrlPKEq2d%2BkNs6W0ZieiBvWfu6YyYSrnX7jqB7RBT%2FrXVLYWnvSH88cOXgpo1KDP%2B69J3jMnmjSgNKCBf1ZZmZrhiQUKld%2BNg0ZMG2GzEUQhhvb%2FvSs9OOZBDPbJ41Bidmzj%2Fj0oPkHW%2F%2BaMdL3C5C%2B%2B2i81K4zFQOy8lfUyU2XoH5ap9ZBmO8tpGDcj5OMjMNnOUgHM4NZcARI1I94vAZJsZ0kTyeD2AdNEQ2ZIxHFUgwmknkCxCbi5ASV%2BIgAXuHARWf%2FOBWMrtnmAsjk6Iyv%2FPIKqZmTltyeQ9b8%2BpdXQv2J0WSiTOQzTGmo4gepOkJe7KLY8qGoXvPgAShBk%2FRpK7D3bjKRkYSJXRSttr4YdSVcZDaPVNSHikKZJk7abC2uUmkClE2g5AnNHUToPpfJQph7K3ENf7PksilNK22mStlqdkHPeanEeddZEJFphJ6Uo%2BZz7CEU%2BAtcjcHsdub2OnhrBlt%2FBbdRwwoMrCAaiRiUJKkdQMYJKEVQFQTWobwvtmq6%2BI7Qrk2CZm8vcqsem6G6z26boyoxs5%2FvksYVhf66soif3%2FFbIWCdsp50o4jwOWCsKKI%2FjlEYsjdlaBKdqKHcEzHnYmm%2FvzPfI1YyQv1aRsF04vQuungYrnwGrxu0mBdsYhx2KrewrrhXvuVRvNrjpQ5gaebGCYtPb1vvkqQWRlx%2B%2BA8mn678%2BfO%2BztTen4LZGbmu8rX4g6Oqb48umIrcum8qRexfzQvXVFptv9UrBCnnsi9flZmWsOHfGjT5%2Fhc%2BBeXn3qnTFeZYJlXUd%2BfKUEkLas8ZySb49567J5FLpNk6VNivz85dOnz3Xz610TplsAjbX9v674GpGjnvZ4mL9H7tQdgJb1uiXU7IMKLMLnl%2BHy6frPz847R49%2BQecIbD6cCbJPVRlPbbN5PBTKwItD3uW1HByun7%2Fk3l8ikT%2BZ8i2u4mu9cCKG4s7HdgaA12D6RFceXRc5Ha6%2FqC1CCTaGyfaercSbfVHB%2BY6tefLKKWppE2ZpHGSthkVcRrGCYsD2U4iFqBwM%2F773y%2F8CwAA%2F%2F8BAAD%2F%2F6tTpR6JBAAA HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=25eea4be-d3f7-48e0-a045-6dd940fb2072:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 18:15:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb671197ca3bfbface75234c54a914af
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a2b34a5ab39090966561af64d7a5062
61f66d0325867f7d6218de5825e10a2908ce6cbe
7e3806c006494bcdd4e242c64865357f743a5eaac7e366fade7b98251b5c7838
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E3806C006494BCDD4E242C64865357F743A5EAAC7E366FADE7B98251B5C7838"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6073
Expires: Sun, 05 Feb 2023 19:56:21 GMT
Date: Sun, 05 Feb 2023 18:15:08 GMT
Connection: keep-alive
stats.vlitag.com/abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound
104.22.58.199200 OK 0 B URL HTTP/2 stats.vlitag.com/abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound
IP 104.22.58.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abd/?id=20d313df53dcd38d64b77cc80046d519&detect=notfound HTTP/1.1
Host: stats.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:08 GMT
content-type: image/jpeg
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 794da133bbd7b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Tp1aqKN7Sd4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Tp1aqKN7Sd4
IP 142.250.74.131:0
Hash c9017e844c08053c8cff26b14dcf9fb5
3952ee47656cd342c6b21367852f661163ae3049
9394f2e4c19792c9acb5d7119ae72953572d82e0e391cebb735c449a2c8b12bf
POST /s/gts1p5/Tp1aqKN7Sd4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html
45.133.44.4200 OK 932 B URL HTTP/2 cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 9b8b116da8b8f7b84eef8f2502d992c7
8270d092ca3026f76329c1e944ebbee616b27889
f13385eb2467da6a612b997d4aa4da1460ce441e3de232746852dd093d39e59d
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:08 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:28 GMT
etag: W/"6275e5b8-4b9"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 05 Feb 2023 19:15:08 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssls7Pi_vF9FNjITN8gWDvCbdfrH3hryIJo9hKKVduo901uB5YDUJiKPKoO_O409rhWuT5yV3EOl7EqEE8bboVd66U0QzqYDMdTC19UV6Kw1A1ZBUxUYhd0ZFr6muGP93x8kT8xoPV6R8CVj9n-oUGaEbnwR2FIKEQP5J0yJyg6X9a1rhGb2I8_KQ5K1LwbGm_Gb7H5U3_oVsGXq_AIt7Qfm9QNcUDkgOObWIJTHuwUH9qrGQdExiHdDss_HtqHwJ05nIhqd8EC_6ce3j8LN-xqL34KqgpvzGj_4AdKop3mHxt639lLpxaDBk4dX6mmBYjoSpjcVKSoCrDH_Ustifsv6lxKQURXyUNBWvFGP-ijrSiZnbSYzJxyJgV5nWRFkdyrK9nLFwMA0GS3_LCr21zEWCUJRlrbybAZkFSrkjQNx-XryMS8bKziFCo0b12OThQa29u8oFzFMn2ZCaIQ1EWyjW7v_3pfFJwKef3ByHdswCP5AU53e1MOCiOFV-OVNPcBE6foX5yv4zHd4R2RJApilM0CN3R3txYOfmAJdq08uCVWPjYqcAmQtq7KO_pCvuBflFt8vqec9BQRMkPWGc7GGXSBcaQdowLIimAvJBNa-Joxu6J6PD58RDxq_jTi-RHQgzypp8wrmsEDxVrGERH0q-miw90fsOp0enM1wG0cYkdmB10QAILdpCx1ff_CTtUTARBJC_R4Lg0Hh-NKiBif_bDFTBhKG7jM_XtEtjEJ-kLBc1hvKn0NjDE0dhvkH-NAGmwL5B7Wzwpm9-xD7KTzd_5Q7IS6g0isPELRMEnkvxckJzRgN1z4kXxZ_SB5BcoiTH3StXN4HQXS_RoZUVR6KQzZxeWEHcRShJvM6MVBqOzeYpffqd1RLwnl_k31nJJ3iShGJgdHqmpgwkhCDFx-DDtLkYD8I3HKqQ_YBQ52kRBEcscIHVTOcGO1VO5VBO2Wyidvdhso4XVbR6gm8RWdhD8gvoRCjOfZffi7yG4PcAFnouXPRfXYCar0WyEhsvJRMcDP0RmL9gNewWoG5gUDw15OnKtbtIJo4v9zOecvhyjAcWp0-E4kDKXGLk51FWC1-48Y6JlmQRmcyrkoIV7orQscaHKQxhg9E5M&sai=AMfl-YQXq3DhQ2Ayd1g8FPrurVl8RKqqwvUAtasZLiaC4DDR6m8rIUK6M2Qqx4uU4arrBK9yOk9E1ginDAz9WeaUhJfTjWtumMo-f0c0eEHaQeiEV4YtlIMndRkfEbx41nItok8WtQeLsmY8E3PXzvdaCUBMBcfNaTC6ejXTwXCe58hprb_V9PAjv6Pa3bt8IRMljlm3dfikQhGS9sXlHPORnaThn2gOX08q0Otchs1uWcmgOuYfuV_jQTvxTT4tgNH8sJ0-3jUDwETEe-Tyyq54VqYXXF1YLRv3NRkVWphdvpqzyA&sig=Cg0ArKJSzEhL01v6L4WsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230201.39947&arae=0&ftch=1&adurl=
142.250.74.130200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssls7Pi_vF9FNjITN8gWDvCbdfrH3hryIJo9hKKVduo901uB5YDUJiKPKoO_O409rhWuT5yV3EOl7EqEE8bboVd66U0QzqYDMdTC19UV6Kw1A1ZBUxUYhd0ZFr6muGP93x8kT8xoPV6R8CVj9n-oUGaEbnwR2FIKEQP5J0yJyg6X9a1rhGb2I8_KQ5K1LwbGm_Gb7H5U3_oVsGXq_AIt7Qfm9QNcUDkgOObWIJTHuwUH9qrGQdExiHdDss_HtqHwJ05nIhqd8EC_6ce3j8LN-xqL34KqgpvzGj_4AdKop3mHxt639lLpxaDBk4dX6mmBYjoSpjcVKSoCrDH_Ustifsv6lxKQURXyUNBWvFGP-ijrSiZnbSYzJxyJgV5nWRFkdyrK9nLFwMA0GS3_LCr21zEWCUJRlrbybAZkFSrkjQNx-XryMS8bKziFCo0b12OThQa29u8oFzFMn2ZCaIQ1EWyjW7v_3pfFJwKef3ByHdswCP5AU53e1MOCiOFV-OVNPcBE6foX5yv4zHd4R2RJApilM0CN3R3txYOfmAJdq08uCVWPjYqcAmQtq7KO_pCvuBflFt8vqec9BQRMkPWGc7GGXSBcaQdowLIimAvJBNa-Joxu6J6PD58RDxq_jTi-RHQgzypp8wrmsEDxVrGERH0q-miw90fsOp0enM1wG0cYkdmB10QAILdpCx1ff_CTtUTARBJC_R4Lg0Hh-NKiBif_bDFTBhKG7jM_XtEtjEJ-kLBc1hvKn0NjDE0dhvkH-NAGmwL5B7Wzwpm9-xD7KTzd_5Q7IS6g0isPELRMEnkvxckJzRgN1z4kXxZ_SB5BcoiTH3StXN4HQXS_RoZUVR6KQzZxeWEHcRShJvM6MVBqOzeYpffqd1RLwnl_k31nJJ3iShGJgdHqmpgwkhCDFx-DDtLkYD8I3HKqQ_YBQ52kRBEcscIHVTOcGO1VO5VBO2Wyidvdhso4XVbR6gm8RWdhD8gvoRCjOfZffi7yG4PcAFnouXPRfXYCar0WyEhsvJRMcDP0RmL9gNewWoG5gUDw15OnKtbtIJo4v9zOecvhyjAcWp0-E4kDKXGLk51FWC1-48Y6JlmQRmcyrkoIV7orQscaHKQxhg9E5M&sai=AMfl-YQXq3DhQ2Ayd1g8FPrurVl8RKqqwvUAtasZLiaC4DDR6m8rIUK6M2Qqx4uU4arrBK9yOk9E1ginDAz9WeaUhJfTjWtumMo-f0c0eEHaQeiEV4YtlIMndRkfEbx41nItok8WtQeLsmY8E3PXzvdaCUBMBcfNaTC6ejXTwXCe58hprb_V9PAjv6Pa3bt8IRMljlm3dfikQhGS9sXlHPORnaThn2gOX08q0Otchs1uWcmgOuYfuV_jQTvxTT4tgNH8sJ0-3jUDwETEe-Tyyq54VqYXXF1YLRv3NRkVWphdvpqzyA&sig=Cg0ArKJSzEhL01v6L4WsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230201.39947&arae=0&ftch=1&adurl=
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssls7Pi_vF9FNjITN8gWDvCbdfrH3hryIJo9hKKVduo901uB5YDUJiKPKoO_O409rhWuT5yV3EOl7EqEE8bboVd66U0QzqYDMdTC19UV6Kw1A1ZBUxUYhd0ZFr6muGP93x8kT8xoPV6R8CVj9n-oUGaEbnwR2FIKEQP5J0yJyg6X9a1rhGb2I8_KQ5K1LwbGm_Gb7H5U3_oVsGXq_AIt7Qfm9QNcUDkgOObWIJTHuwUH9qrGQdExiHdDss_HtqHwJ05nIhqd8EC_6ce3j8LN-xqL34KqgpvzGj_4AdKop3mHxt639lLpxaDBk4dX6mmBYjoSpjcVKSoCrDH_Ustifsv6lxKQURXyUNBWvFGP-ijrSiZnbSYzJxyJgV5nWRFkdyrK9nLFwMA0GS3_LCr21zEWCUJRlrbybAZkFSrkjQNx-XryMS8bKziFCo0b12OThQa29u8oFzFMn2ZCaIQ1EWyjW7v_3pfFJwKef3ByHdswCP5AU53e1MOCiOFV-OVNPcBE6foX5yv4zHd4R2RJApilM0CN3R3txYOfmAJdq08uCVWPjYqcAmQtq7KO_pCvuBflFt8vqec9BQRMkPWGc7GGXSBcaQdowLIimAvJBNa-Joxu6J6PD58RDxq_jTi-RHQgzypp8wrmsEDxVrGERH0q-miw90fsOp0enM1wG0cYkdmB10QAILdpCx1ff_CTtUTARBJC_R4Lg0Hh-NKiBif_bDFTBhKG7jM_XtEtjEJ-kLBc1hvKn0NjDE0dhvkH-NAGmwL5B7Wzwpm9-xD7KTzd_5Q7IS6g0isPELRMEnkvxckJzRgN1z4kXxZ_SB5BcoiTH3StXN4HQXS_RoZUVR6KQzZxeWEHcRShJvM6MVBqOzeYpffqd1RLwnl_k31nJJ3iShGJgdHqmpgwkhCDFx-DDtLkYD8I3HKqQ_YBQ52kRBEcscIHVTOcGO1VO5VBO2Wyidvdhso4XVbR6gm8RWdhD8gvoRCjOfZffi7yG4PcAFnouXPRfXYCar0WyEhsvJRMcDP0RmL9gNewWoG5gUDw15OnKtbtIJo4v9zOecvhyjAcWp0-E4kDKXGLk51FWC1-48Y6JlmQRmcyrkoIV7orQscaHKQxhg9E5M&sai=AMfl-YQXq3DhQ2Ayd1g8FPrurVl8RKqqwvUAtasZLiaC4DDR6m8rIUK6M2Qqx4uU4arrBK9yOk9E1ginDAz9WeaUhJfTjWtumMo-f0c0eEHaQeiEV4YtlIMndRkfEbx41nItok8WtQeLsmY8E3PXzvdaCUBMBcfNaTC6ejXTwXCe58hprb_V9PAjv6Pa3bt8IRMljlm3dfikQhGS9sXlHPORnaThn2gOX08q0Otchs1uWcmgOuYfuV_jQTvxTT4tgNH8sJ0-3jUDwETEe-Tyyq54VqYXXF1YLRv3NRkVWphdvpqzyA&sig=Cg0ArKJSzEhL01v6L4WsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230201.39947&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 18:15:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 18:30:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Feb 2023 18:15:08 GMT
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/13932486254271512555
142.250.74.70200 OK 160 kB URL HTTP/2 s0.2mdn.net/simgad/13932486254271512555
IP 142.250.74.70:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x250, components 3\012- data
Size 160 kB (159545 bytes)
Hash cb1ec5505eeca2fdaa4a3768ef6cde90
185b9a89aa58acb593bb3bc4364b8cf378edcbdb
56391cc824c4b7691f8f3367f9f831ecbccc2e9ba1dc0569f1f65d8e99edc362
GET /simgad/13932486254271512555 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 159545
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 06:40:16 GMT
expires: Fri, 02 Feb 2024 06:40:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Jan 2023 14:15:47 GMT
content-type: image/jpeg
age: 300892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=25eea4be-d3f7-48e0-a045-6dd940fb2072&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=25eea4be-d3f7-48e0-a045-6dd940fb2072&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=25eea4be-d3f7-48e0-a045-6dd940fb2072&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=34aa847f855cc91a3510c99f05af9a65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 18:15:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1f98a9291e8a1b62a271f555bf5c13f2
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6eac904305f0af9ac8425ba6638af743
6cc700dcc996020985e64492e8d9df7c498d861b
97a04042d25ff5aba9e8e6b99828405fc609275c375530f777a4a5d57e4cede3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97A04042D25FF5ABA9E8E6B99828405FC609275C375530F777A4A5D57E4CEDE3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12516
Expires: Sun, 05 Feb 2023 21:43:44 GMT
Date: Sun, 05 Feb 2023 18:15:08 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6eac904305f0af9ac8425ba6638af743
6cc700dcc996020985e64492e8d9df7c498d861b
97a04042d25ff5aba9e8e6b99828405fc609275c375530f777a4a5d57e4cede3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97A04042D25FF5ABA9E8E6B99828405FC609275C375530F777A4A5D57E4CEDE3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12516
Expires: Sun, 05 Feb 2023 21:43:44 GMT
Date: Sun, 05 Feb 2023 18:15:08 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6eac904305f0af9ac8425ba6638af743
6cc700dcc996020985e64492e8d9df7c498d861b
97a04042d25ff5aba9e8e6b99828405fc609275c375530f777a4a5d57e4cede3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97A04042D25FF5ABA9E8E6B99828405FC609275C375530F777A4A5D57E4CEDE3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12516
Expires: Sun, 05 Feb 2023 21:43:44 GMT
Date: Sun, 05 Feb 2023 18:15:08 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/xgckIALK_ts
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xgckIALK_ts
IP 142.250.74.131:0
Hash bfaf554d1d3deae4fd186dbce4296763
c9c333200c72ce31b7abac2f07bf91962b03b834
e1c1fe36f1cb40182a27dd1b9475daf819e7da929cdf0f257495c3783f557f05
POST /s/gts1p5/xgckIALK_ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 185b62fe607d5d833cc1717b68f3f7b7
ab6b571fdfcd1d1cdb923c48f53df4ecd74d85c2
656d98d306ebfcdea0dff590c34a6ce1496faa95ba05fb86f72a5e57e295f61b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssls7Pi_vF9FNjITN8gWDvCbdfrH3hryIJo9hKKVduo901uB5YDUJiKPKoO_O409rhWuT5yV3EOl7EqEE8bboVd66U0QzqYDMdTC19UV6Kw1A1ZBUxUYhd0ZFr6muGP93x8kT8xoPV6R8CVj9n-oUGaEbnwR2FIKEQP5J0yJyg6X9a1rhGb2I8_KQ5K1LwbGm_Gb7H5U3_oVsGXq_AIt7Qfm9QNcUDkgOObWIJTHuwUH9qrGQdExiHdDss_HtqHwJ05nIhqd8EC_6ce3j8LN-xqL34KqgpvzGj_4AdKop3mHxt639lLpxaDBk4dX6mmBYjoSpjcVKSoCrDH_Ustifsv6lxKQURXyUNBWvFGP-ijrSiZnbSYzJxyJgV5nWRFkdyrK9nLFwMA0GS3_LCr21zEWCUJRlrbybAZkFSrkjQNx-XryMS8bKziFCo0b12OThQa29u8oFzFMn2ZCaIQ1EWyjW7v_3pfFJwKef3ByHdswCP5AU53e1MOCiOFV-OVNPcBE6foX5yv4zHd4R2RJApilM0CN3R3txYOfmAJdq08uCVWPjYqcAmQtq7KO_pCvuBflFt8vqec9BQRMkPWGc7GGXSBcaQdowLIimAvJBNa-Joxu6J6PD58RDxq_jTi-RHQgzypp8wrmsEDxVrGERH0q-miw90fsOp0enM1wG0cYkdmB10QAILdpCx1ff_CTtUTARBJC_R4Lg0Hh-NKiBif_bDFTBhKG7jM_XtEtjEJ-kLBc1hvKn0NjDE0dhvkH-NAGmwL5B7Wzwpm9-xD7KTzd_5Q7IS6g0isPELRMEnkvxckJzRgN1z4kXxZ_SB5BcoiTH3StXN4HQXS_RoZUVR6KQzZxeWEHcRShJvM6MVBqOzeYpffqd1RLwnl_k31nJJ3iShGJgdHqmpgwkhCDFx-DDtLkYD8I3HKqQ_YBQ52kRBEcscIHVTOcGO1VO5VBO2Wyidvdhso4XVbR6gm8RWdhD8gvoRCjOfZffi7yG4PcAFnouXPRfXYCar0WyEhsvJRMcDP0RmL9gNewWoG5gUDw15OnKtbtIJo4v9zOecvhyjAcWp0-E4kDKXGLk51FWC1-48Y6JlmQRmcyrkoIV7orQscaHKQxhg9E5M&sai=AMfl-YQXq3DhQ2Ayd1g8FPrurVl8RKqqwvUAtasZLiaC4DDR6m8rIUK6M2Qqx4uU4arrBK9yOk9E1ginDAz9WeaUhJfTjWtumMo-f0c0eEHaQeiEV4YtlIMndRkfEbx41nItok8WtQeLsmY8E3PXzvdaCUBMBcfNaTC6ejXTwXCe58hprb_V9PAjv6Pa3bt8IRMljlm3dfikQhGS9sXlHPORnaThn2gOX08q0Otchs1uWcmgOuYfuV_jQTvxTT4tgNH8sJ0-3jUDwETEe-Tyyq54VqYXXF1YLRv3NRkVWphdvpqzyA&sig=Cg0ArKJSzEhL01v6L4WsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=414&vt=11&dtpt=413&dett=2&cstd=0&cisv=r20230201.39947&arae=0&ftch=1&adurl=
142.250.74.130200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssls7Pi_vF9FNjITN8gWDvCbdfrH3hryIJo9hKKVduo901uB5YDUJiKPKoO_O409rhWuT5yV3EOl7EqEE8bboVd66U0QzqYDMdTC19UV6Kw1A1ZBUxUYhd0ZFr6muGP93x8kT8xoPV6R8CVj9n-oUGaEbnwR2FIKEQP5J0yJyg6X9a1rhGb2I8_KQ5K1LwbGm_Gb7H5U3_oVsGXq_AIt7Qfm9QNcUDkgOObWIJTHuwUH9qrGQdExiHdDss_HtqHwJ05nIhqd8EC_6ce3j8LN-xqL34KqgpvzGj_4AdKop3mHxt639lLpxaDBk4dX6mmBYjoSpjcVKSoCrDH_Ustifsv6lxKQURXyUNBWvFGP-ijrSiZnbSYzJxyJgV5nWRFkdyrK9nLFwMA0GS3_LCr21zEWCUJRlrbybAZkFSrkjQNx-XryMS8bKziFCo0b12OThQa29u8oFzFMn2ZCaIQ1EWyjW7v_3pfFJwKef3ByHdswCP5AU53e1MOCiOFV-OVNPcBE6foX5yv4zHd4R2RJApilM0CN3R3txYOfmAJdq08uCVWPjYqcAmQtq7KO_pCvuBflFt8vqec9BQRMkPWGc7GGXSBcaQdowLIimAvJBNa-Joxu6J6PD58RDxq_jTi-RHQgzypp8wrmsEDxVrGERH0q-miw90fsOp0enM1wG0cYkdmB10QAILdpCx1ff_CTtUTARBJC_R4Lg0Hh-NKiBif_bDFTBhKG7jM_XtEtjEJ-kLBc1hvKn0NjDE0dhvkH-NAGmwL5B7Wzwpm9-xD7KTzd_5Q7IS6g0isPELRMEnkvxckJzRgN1z4kXxZ_SB5BcoiTH3StXN4HQXS_RoZUVR6KQzZxeWEHcRShJvM6MVBqOzeYpffqd1RLwnl_k31nJJ3iShGJgdHqmpgwkhCDFx-DDtLkYD8I3HKqQ_YBQ52kRBEcscIHVTOcGO1VO5VBO2Wyidvdhso4XVbR6gm8RWdhD8gvoRCjOfZffi7yG4PcAFnouXPRfXYCar0WyEhsvJRMcDP0RmL9gNewWoG5gUDw15OnKtbtIJo4v9zOecvhyjAcWp0-E4kDKXGLk51FWC1-48Y6JlmQRmcyrkoIV7orQscaHKQxhg9E5M&sai=AMfl-YQXq3DhQ2Ayd1g8FPrurVl8RKqqwvUAtasZLiaC4DDR6m8rIUK6M2Qqx4uU4arrBK9yOk9E1ginDAz9WeaUhJfTjWtumMo-f0c0eEHaQeiEV4YtlIMndRkfEbx41nItok8WtQeLsmY8E3PXzvdaCUBMBcfNaTC6ejXTwXCe58hprb_V9PAjv6Pa3bt8IRMljlm3dfikQhGS9sXlHPORnaThn2gOX08q0Otchs1uWcmgOuYfuV_jQTvxTT4tgNH8sJ0-3jUDwETEe-Tyyq54VqYXXF1YLRv3NRkVWphdvpqzyA&sig=Cg0ArKJSzEhL01v6L4WsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=414&vt=11&dtpt=413&dett=2&cstd=0&cisv=r20230201.39947&arae=0&ftch=1&adurl=
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssls7Pi_vF9FNjITN8gWDvCbdfrH3hryIJo9hKKVduo901uB5YDUJiKPKoO_O409rhWuT5yV3EOl7EqEE8bboVd66U0QzqYDMdTC19UV6Kw1A1ZBUxUYhd0ZFr6muGP93x8kT8xoPV6R8CVj9n-oUGaEbnwR2FIKEQP5J0yJyg6X9a1rhGb2I8_KQ5K1LwbGm_Gb7H5U3_oVsGXq_AIt7Qfm9QNcUDkgOObWIJTHuwUH9qrGQdExiHdDss_HtqHwJ05nIhqd8EC_6ce3j8LN-xqL34KqgpvzGj_4AdKop3mHxt639lLpxaDBk4dX6mmBYjoSpjcVKSoCrDH_Ustifsv6lxKQURXyUNBWvFGP-ijrSiZnbSYzJxyJgV5nWRFkdyrK9nLFwMA0GS3_LCr21zEWCUJRlrbybAZkFSrkjQNx-XryMS8bKziFCo0b12OThQa29u8oFzFMn2ZCaIQ1EWyjW7v_3pfFJwKef3ByHdswCP5AU53e1MOCiOFV-OVNPcBE6foX5yv4zHd4R2RJApilM0CN3R3txYOfmAJdq08uCVWPjYqcAmQtq7KO_pCvuBflFt8vqec9BQRMkPWGc7GGXSBcaQdowLIimAvJBNa-Joxu6J6PD58RDxq_jTi-RHQgzypp8wrmsEDxVrGERH0q-miw90fsOp0enM1wG0cYkdmB10QAILdpCx1ff_CTtUTARBJC_R4Lg0Hh-NKiBif_bDFTBhKG7jM_XtEtjEJ-kLBc1hvKn0NjDE0dhvkH-NAGmwL5B7Wzwpm9-xD7KTzd_5Q7IS6g0isPELRMEnkvxckJzRgN1z4kXxZ_SB5BcoiTH3StXN4HQXS_RoZUVR6KQzZxeWEHcRShJvM6MVBqOzeYpffqd1RLwnl_k31nJJ3iShGJgdHqmpgwkhCDFx-DDtLkYD8I3HKqQ_YBQ52kRBEcscIHVTOcGO1VO5VBO2Wyidvdhso4XVbR6gm8RWdhD8gvoRCjOfZffi7yG4PcAFnouXPRfXYCar0WyEhsvJRMcDP0RmL9gNewWoG5gUDw15OnKtbtIJo4v9zOecvhyjAcWp0-E4kDKXGLk51FWC1-48Y6JlmQRmcyrkoIV7orQscaHKQxhg9E5M&sai=AMfl-YQXq3DhQ2Ayd1g8FPrurVl8RKqqwvUAtasZLiaC4DDR6m8rIUK6M2Qqx4uU4arrBK9yOk9E1ginDAz9WeaUhJfTjWtumMo-f0c0eEHaQeiEV4YtlIMndRkfEbx41nItok8WtQeLsmY8E3PXzvdaCUBMBcfNaTC6ejXTwXCe58hprb_V9PAjv6Pa3bt8IRMljlm3dfikQhGS9sXlHPORnaThn2gOX08q0Otchs1uWcmgOuYfuV_jQTvxTT4tgNH8sJ0-3jUDwETEe-Tyyq54VqYXXF1YLRv3NRkVWphdvpqzyA&sig=Cg0ArKJSzEhL01v6L4WsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=414&vt=11&dtpt=413&dett=2&cstd=0&cisv=r20230201.39947&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 18:15:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 18:30:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Feb 2023 18:15:08 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
Hash fffdae9fd7c3f9864a26b9825cf294d2
c0f6efed29320faaf1d63f01f3ba37bf52de689f
349a4244851e1e2ab1da8db8a1bfa1a922ba93d911c32a2ad4ba4da08012956c
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 18:15:08 GMT
date: Sun, 05 Feb 2023 18:15:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dee62a2a013d4ee8d946cfdb1f4be459
17d8d9f9e538b311321383f7a26f258730f6fe52
e25753484ff7daa3fe858dcf3173286fe242afd6fd13732f8fc38b7b7940a7ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E25753484FF7DAA3FE858DCF3173286FE242AFD6FD13732F8FC38B7B7940A7CA"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13176
Expires: Sun, 05 Feb 2023 21:54:44 GMT
Date: Sun, 05 Feb 2023 18:15:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png
172.64.166.9200 OK 4.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png
IP 172.64.166.9:0
File type PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Hash 23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395
GET /sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:08 GMT
content-type: image/png
content-length: 4022
last-modified: Wed, 17 Feb 2021 11:46:53 GMT
etag: "602d022d-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7100437
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Bjg%2FkJozTNuLBc3s%2BmpgfPyvEnjJgkxKYHk%2FaYv7CQVZBb4WVtsSk0Ov7nT%2F0cLMD0iZPmu83a%2FyUxhctXYALc6RNn%2BvNRAOTWiIbiDrDcienh5HYTIBMNbQV%2F6zR1JSR%2FfyF91%2F0MA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794da1368b7c753d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/0d/01/87/0d01878cf56694d07561db5af753a1bf/1675335150.png
45.133.44.10200 OK 5.2 kB URL HTTP/2 cdn.cloudimagesb.com/si/0d/01/87/0d01878cf56694d07561db5af753a1bf/1675335150.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash cad4a522f8b593826d15ecb99fd1927e
5fc038fb15b5be5c23598ebfb21446a0a802da81
4adfaf89c9f857fa0877236d73749fc9872523a091a589932fa6662a51b7142b
GET /si/0d/01/87/0d01878cf56694d07561db5af753a1bf/1675335150.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:08 GMT
content-type: image/png
content-length: 5173
server: nginx/1.17.6
last-modified: Thu, 02 Feb 2023 10:52:38 GMT
etag: "63db95f6-1435"
expires: Tue, 07 Feb 2023 18:15:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/adj/N69702.3424460DV360DISPLAY/B28918291.353892404;dc_ver=94.277;sz=300x600;u_sd=1;dc_adk=3047537731;ord=lzxsf3;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC18YvK_LfY5v4JteCiQaslLTgDIeG8Otti_Dk5ewQ7_nL4LAwEAEgp461SGDDhICAmBjIAQmpAt5wzfFwHLI-qAMBqgTdAU_QrgPrSfshPHiNFO9025jOxOzVIND8K3puuH-QsvRhHAQQLzbw10qn1b0LoRZtGnCr6IQj3Uai4BmvR9E7IQaotNVk4K8lTloBXZjtRhsUEjZKKml5OP1l0umf4O8mhkbfzartRU3aTf_g_iAbKjOCQkToD05LPw58oEmjLgkfYrSBONvxu9R9veS1DrvoSuomzDpuORcz7x3EdB4uh1T1ND6AmcRtH1CFz3rr1MeJsftRliNILsnT38aNDno8b1BlHaE2BbF4NEV0sMXJEa3AHKEoS31_-r8m-Pv6wATnwo-VpATgBAOQBgGgBk2AB4mOo5wBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOcqZASyBOl2tXhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdbpv_84xzb0u_OOBctSYGmSBpyUkQkEG9b08Ntc3M3q0QyryfoA7HKMMfW2XbjhK9C2bBP6AnrtfcbpX0k96urqk81GeZ98YAQ%26sig%3DAOD64_0TgK5BSClVapSXxhibMVOMxkHAZw%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-AaPhr-SqMZKtBYlnIsKOAagru-eG1Jtu_Wmj-jakfcZb2sKq8e8edC7xY8Sl0tnRHE9quOrFgXc2yY2Go6l82aZlZTawGeJ7yN0hz-PPtGZQFUt1huciVFK-i4eCmgOF6ZTq45EBDa9H2IcUHeEs-Gan9U_DuwDQgi7G_FxnKMKs7CF3A%26cry%3D1%26dbm_d%3DAKAmf-CU3wP9jE2xxOcL9BMmuYW3w7dAboPj8WsZiSwdVqyyfIryrAua0k9Rd4295MhALADtdPeyRF8D91wSoKGVySH0CnV4OXkutMch0HChREcYsyV6lEveJ20HcaknG6khO-dubkLzld8R6pYA9BLi4NWMevs593vrr-7S2rbrS98pV_Z9YcppQl2YiQ_dMzsG4l20AyY-DeshhWK6MRwx8vPFTp2fMbSlIBUb-6eBhxPxU8H_D9P9pYexSuri_E_jttHe-Rec81RU7iW702bszE_BncIxLISaYSc-uO4VkQSBdWpi62XuRRYcKGRf8O9sc9SIfwFVK16fmLmLhxpgpQvjUWX3B2FJ2N_B8npX3gjyoK_Ll2rY8RHPi0DsijrlBHyROMZW2jbsHwFeat3U7LVJbhsBO82Lm1FkjnXVErClhWSn-Esu9pbbkemmy4Lk5-1_4aVP6OYR7QlygqzWIeEX2BERhW6z0FhZvXGtP9IanU65rrf2vqLH08c7HkNLQ9UjFnkc0-YEnsMXJXMuViFoGWGp65rPITapcuHlOjJkZOtwGJI%26adurl%3D;dc_rfl=1,https%3A%2F%2Fenit.in%2F$0;xdt=1;crlt=sK!OnPUbBN;stc=1;sttr=62;prcl=s
142.250.74.166200 OK 29 kB URL HTTP/2 ad.doubleclick.net/ddm/adj/N69702.3424460DV360DISPLAY/B28918291.353892404;dc_ver=94.277;sz=300x600;u_sd=1;dc_adk=3047537731;ord=lzxsf3;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC18YvK_LfY5v4JteCiQaslLTgDIeG8Otti_Dk5ewQ7_nL4LAwEAEgp461SGDDhICAmBjIAQmpAt5wzfFwHLI-qAMBqgTdAU_QrgPrSfshPHiNFO9025jOxOzVIND8K3puuH-QsvRhHAQQLzbw10qn1b0LoRZtGnCr6IQj3Uai4BmvR9E7IQaotNVk4K8lTloBXZjtRhsUEjZKKml5OP1l0umf4O8mhkbfzartRU3aTf_g_iAbKjOCQkToD05LPw58oEmjLgkfYrSBONvxu9R9veS1DrvoSuomzDpuORcz7x3EdB4uh1T1ND6AmcRtH1CFz3rr1MeJsftRliNILsnT38aNDno8b1BlHaE2BbF4NEV0sMXJEa3AHKEoS31_-r8m-Pv6wATnwo-VpATgBAOQBgGgBk2AB4mOo5wBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOcqZASyBOl2tXhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdbpv_84xzb0u_OOBctSYGmSBpyUkQkEG9b08Ntc3M3q0QyryfoA7HKMMfW2XbjhK9C2bBP6AnrtfcbpX0k96urqk81GeZ98YAQ%26sig%3DAOD64_0TgK5BSClVapSXxhibMVOMxkHAZw%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-AaPhr-SqMZKtBYlnIsKOAagru-eG1Jtu_Wmj-jakfcZb2sKq8e8edC7xY8Sl0tnRHE9quOrFgXc2yY2Go6l82aZlZTawGeJ7yN0hz-PPtGZQFUt1huciVFK-i4eCmgOF6ZTq45EBDa9H2IcUHeEs-Gan9U_DuwDQgi7G_FxnKMKs7CF3A%26cry%3D1%26dbm_d%3DAKAmf-CU3wP9jE2xxOcL9BMmuYW3w7dAboPj8WsZiSwdVqyyfIryrAua0k9Rd4295MhALADtdPeyRF8D91wSoKGVySH0CnV4OXkutMch0HChREcYsyV6lEveJ20HcaknG6khO-dubkLzld8R6pYA9BLi4NWMevs593vrr-7S2rbrS98pV_Z9YcppQl2YiQ_dMzsG4l20AyY-DeshhWK6MRwx8vPFTp2fMbSlIBUb-6eBhxPxU8H_D9P9pYexSuri_E_jttHe-Rec81RU7iW702bszE_BncIxLISaYSc-uO4VkQSBdWpi62XuRRYcKGRf8O9sc9SIfwFVK16fmLmLhxpgpQvjUWX3B2FJ2N_B8npX3gjyoK_Ll2rY8RHPi0DsijrlBHyROMZW2jbsHwFeat3U7LVJbhsBO82Lm1FkjnXVErClhWSn-Esu9pbbkemmy4Lk5-1_4aVP6OYR7QlygqzWIeEX2BERhW6z0FhZvXGtP9IanU65rrf2vqLH08c7HkNLQ9UjFnkc0-YEnsMXJXMuViFoGWGp65rPITapcuHlOjJkZOtwGJI%26adurl%3D;dc_rfl=1,https%3A%2F%2Fenit.in%2F$0;xdt=1;crlt=sK!OnPUbBN;stc=1;sttr=62;prcl=s
IP 142.250.74.166:0
File type ASCII text, with very long lines (61902), with no line terminators
Hash 37d6e8933cae74d72f74348a8ff064e1
157d62c90046ba5ff1d5c6d1bf6165df7901a94d
1d8a9d07b8b35f7d9746450f9d55f58f5e8a37394ce31c91cab9a1cef67633d8
GET /ddm/adj/N69702.3424460DV360DISPLAY/B28918291.353892404;dc_ver=94.277;sz=300x600;u_sd=1;dc_adk=3047537731;ord=lzxsf3;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC18YvK_LfY5v4JteCiQaslLTgDIeG8Otti_Dk5ewQ7_nL4LAwEAEgp461SGDDhICAmBjIAQmpAt5wzfFwHLI-qAMBqgTdAU_QrgPrSfshPHiNFO9025jOxOzVIND8K3puuH-QsvRhHAQQLzbw10qn1b0LoRZtGnCr6IQj3Uai4BmvR9E7IQaotNVk4K8lTloBXZjtRhsUEjZKKml5OP1l0umf4O8mhkbfzartRU3aTf_g_iAbKjOCQkToD05LPw58oEmjLgkfYrSBONvxu9R9veS1DrvoSuomzDpuORcz7x3EdB4uh1T1ND6AmcRtH1CFz3rr1MeJsftRliNILsnT38aNDno8b1BlHaE2BbF4NEV0sMXJEa3AHKEoS31_-r8m-Pv6wATnwo-VpATgBAOQBgGgBk2AB4mOo5wBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOcqZASyBOl2tXhA9ATANgTCogUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymdbpv_84xzb0u_OOBctSYGmSBpyUkQkEG9b08Ntc3M3q0QyryfoA7HKMMfW2XbjhK9C2bBP6AnrtfcbpX0k96urqk81GeZ98YAQ%26sig%3DAOD64_0TgK5BSClVapSXxhibMVOMxkHAZw%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-AaPhr-SqMZKtBYlnIsKOAagru-eG1Jtu_Wmj-jakfcZb2sKq8e8edC7xY8Sl0tnRHE9quOrFgXc2yY2Go6l82aZlZTawGeJ7yN0hz-PPtGZQFUt1huciVFK-i4eCmgOF6ZTq45EBDa9H2IcUHeEs-Gan9U_DuwDQgi7G_FxnKMKs7CF3A%26cry%3D1%26dbm_d%3DAKAmf-CU3wP9jE2xxOcL9BMmuYW3w7dAboPj8WsZiSwdVqyyfIryrAua0k9Rd4295MhALADtdPeyRF8D91wSoKGVySH0CnV4OXkutMch0HChREcYsyV6lEveJ20HcaknG6khO-dubkLzld8R6pYA9BLi4NWMevs593vrr-7S2rbrS98pV_Z9YcppQl2YiQ_dMzsG4l20AyY-DeshhWK6MRwx8vPFTp2fMbSlIBUb-6eBhxPxU8H_D9P9pYexSuri_E_jttHe-Rec81RU7iW702bszE_BncIxLISaYSc-uO4VkQSBdWpi62XuRRYcKGRf8O9sc9SIfwFVK16fmLmLhxpgpQvjUWX3B2FJ2N_B8npX3gjyoK_Ll2rY8RHPi0DsijrlBHyROMZW2jbsHwFeat3U7LVJbhsBO82Lm1FkjnXVErClhWSn-Esu9pbbkemmy4Lk5-1_4aVP6OYR7QlygqzWIeEX2BERhW6z0FhZvXGtP9IanU65rrf2vqLH08c7HkNLQ9UjFnkc0-YEnsMXJXMuViFoGWGp65rPITapcuHlOjJkZOtwGJI%26adurl%3D;dc_rfl=1,https%3A%2F%2Fenit.in%2F$0;xdt=1;crlt=sK!OnPUbBN;stc=1;sttr=62;prcl=s HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 18:15:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 29201
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 18:30:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
j.adlooxtracking.com/ads/js/tfav_adl_512.js
104.22.65.146200 OK 82 kB URL HTTP/2 j.adlooxtracking.com/ads/js/tfav_adl_512.js
IP 104.22.65.146:0
Hash ad9dab37822cbb8546009c831cb4b7fd
c60c7aff8eb321fb0e59cf804dbdbaa21e2ff649
7b651d2390eb7370bf479dd9251d6f95769deba8a3e64b1b7db0bda8e2d2127f
GET /ads/js/tfav_adl_512.js HTTP/1.1
Host: j.adlooxtracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 12 Dec 2022 10:30:16 GMT
vary: Accept-Encoding
etag: W/"639702b8-100a9"
cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 1990
server: cloudflare
cf-ray: 794da134dc3d0d32-ARN
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://enit.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 12:46:12 GMT
expires: Mon, 05 Feb 2024 12:46:12 GMT
cache-control: public, max-age=31536000
age: 19736
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js
172.64.166.9200 OK 189 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js
IP 172.64.166.9:0
Hash e92fccb89580145c885f0359badbd628
bed02f01f78b1f585462796e01527a268ac7f24c
f9fdf22943d31068189a6e1329d6bc9bf9ebc39b5ce4ccbd1d3a2f99f82a0597
GET /sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:08 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:46:52 GMT
etag: W/"602d022c-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2352568
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m89RF7w%2BY39ucf3zH01ICLEhLkCnGkbyszYLr5p%2FaTwkAw6peahYtl8M2fbpX%2FVUM0FA6F88OaZZIDdoh%2BQSOr3910yW8lS9IZm9ZP56RyxV870Kd2OdwSzTQxWa0ohrWRYocyUdAbyq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794da135fd6c23d6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://enit.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:13:04 GMT
expires: Fri, 02 Feb 2024 03:13:04 GMT
cache-control: public, max-age=31536000
age: 313324
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9ba49f1fc7f2f554049e6761ba03e37b
687a48ce650668c484bfda4b50fd202977bb85de
256310e4ec423d30bb346e06ff441daf493641a12ad9e208a2cdf90a0fcbf6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4165
Cache-Control: max-age=133286
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 18:15:08 GMT
Etag: "63df478d-1d7"
Expires: Tue, 07 Feb 2023 07:16:34 GMT
Last-Modified: Sun, 05 Feb 2023 06:07:09 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
withenvisagehurt.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTjannBQRBIU%2BeFB0J9XT3TszRlhMYiQYk5hEcq6uqp4tp6arreqenl0UogHJcbz549L7TZJFjWL%2BAEFnvYQ5iJOILOh68CoeDHiWmR1cfId679X3Dt%2F3vffhdrlPKEq2d%2BkNs6W0ZifiBvWfu6YyYSrnX7jqB7RBT%2FrXVLYWnfSH88cOXgpo3KDP%2B69J3jMnmjSgNKCBf1ZZmZrhiQUKld%2FtBI0ObUTNRhBHGNr%2F96704JgHMdgnj0OJ2bGN%2B%2Feg%2BARZ%2F5sz0vUKk7%2F4ar%2FUrDAWA7HzVtbLTJWhf1im1kOa7SynYdyMkI%2BPwGQ7SwUwg1tzBUjUjHi%2FBEiynSVNJIPbB0wTDZkhEcdRDSaQegLFJuDmBpT4iQBc4MJFZP07F4yt2OYByubojKz88wiqmpGV355A1v%2F6lFZD%2F4rRZaFM5jBMa6jhBKo7QV7uotjyoKpd8OIDKEGQ9WsosfdsM5aSRYlcFWHaWo3akq4yGsWra0J0IpomTdpqLqxRagKVTqDlCMwdRek8lMpDmXoocw99seezuJNS2kqTNAzbEec8DDmP22siFmHUTilKPuc%2BQpGPwPUI3F5Hbq%2Bjp0aw5XdwGzWc8OAKgoGoUUmCyhFUjKBSBFVBUA3q20K7pqvvCO3KJFjm5jKH9dgU3W122xRdmZHtfJ88tjDsz5VV9OSeH0aMtaNW2o5jzjsBC%2BOA8k4npTFLO2wthlM1lDsC5jxszbd35nvkakbIX6tI2C6c3gVXT4OVz4BV41aTgm2MozbFVvYV14r3XKo3G9z0IUyNvFhBselt633y1ILIyw%2FfgeTT9V8fvvfZ2ptTcFsjtzXeVj8QdPXN8WVTkVuXTeXIvYt5ofpqi823eqVghTz2xetyszJWnDvjRp%2B%2FwufAvLx7VbriPMuEyrqOfHlKCSHtWWO5JN%2Bec9dkcql0G6dKm5X5%2BUunz57r51Y6p0w2AZtre%2F9dcDUjx71scbH%2Bj10oO4Eta%2FTLKVkGlNkFz6%2FD5dP1nx%2Bcdo%2Be%2FAPOEFh9OJPkHqqyHttmcvipFYGWhz1Lajg5Xb%2F%2FyTw%2BRSL%2FM2Tb3UTXemDFjcWdDmyNga7B9AiuPDoucjtdfxAuAon2xom23q1EW%2F3RgblO7flxEMl20m5xIRLJRdBqhu2Q0qYQUasjgw4KN%2BO%2F%2F%2F3CvwAAAP%2F%2FAQAA%2F%2F%2B%2FWyv4iQQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 withenvisagehurt.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTjannBQRBIU%2BeFB0J9XT3TszRlhMYiQYk5hEcq6uqp4tp6arreqenl0UogHJcbz549L7TZJFjWL%2BAEFnvYQ5iJOILOh68CoeDHiWmR1cfId679X3Dt%2F3vffhdrlPKEq2d%2BkNs6W0ZifiBvWfu6YyYSrnX7jqB7RBT%2FrXVLYWnfSH88cOXgpo3KDP%2B69J3jMnmjSgNKCBf1ZZmZrhiQUKld%2FtBI0ObUTNRhBHGNr%2F96704JgHMdgnj0OJ2bGN%2B%2Feg%2BARZ%2F5sz0vUKk7%2F4ar%2FUrDAWA7HzVtbLTJWhf1im1kOa7SynYdyMkI%2BPwGQ7SwUwg1tzBUjUjHi%2FBEiynSVNJIPbB0wTDZkhEcdRDSaQegLFJuDmBpT4iQBc4MJFZP07F4yt2OYByubojKz88wiqmpGV355A1v%2F6lFZD%2F4rRZaFM5jBMa6jhBKo7QV7uotjyoKpd8OIDKEGQ9WsosfdsM5aSRYlcFWHaWo3akq4yGsWra0J0IpomTdpqLqxRagKVTqDlCMwdRek8lMpDmXoocw99seezuJNS2kqTNAzbEec8DDmP22siFmHUTilKPuc%2BQpGPwPUI3F5Hbq%2Bjp0aw5XdwGzWc8OAKgoGoUUmCyhFUjKBSBFVBUA3q20K7pqvvCO3KJFjm5jKH9dgU3W122xRdmZHtfJ88tjDsz5VV9OSeH0aMtaNW2o5jzjsBC%2BOA8k4npTFLO2wthlM1lDsC5jxszbd35nvkakbIX6tI2C6c3gVXT4OVz4BV41aTgm2MozbFVvYV14r3XKo3G9z0IUyNvFhBselt633y1ILIyw%2FfgeTT9V8fvvfZ2ptTcFsjtzXeVj8QdPXN8WVTkVuXTeXIvYt5ofpqi823eqVghTz2xetyszJWnDvjRp%2B%2FwufAvLx7VbriPMuEyrqOfHlKCSHtWWO5JN%2Bec9dkcql0G6dKm5X5%2BUunz57r51Y6p0w2AZtre%2F9dcDUjx71scbH%2Bj10oO4Eta%2FTLKVkGlNkFz6%2FD5dP1nx%2Bcdo%2Be%2FAPOEFh9OJPkHqqyHttmcvipFYGWhz1Lajg5Xb%2F%2FyTw%2BRSL%2FM2Tb3UTXemDFjcWdDmyNga7B9AiuPDoucjtdfxAuAon2xom23q1EW%2F3RgblO7flxEMl20m5xIRLJRdBqhu2Q0qYQUasjgw4KN%2BO%2F%2F%2F3CvwAAAP%2F%2FAQAA%2F%2F%2B%2FWyv4iQQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSuTjannBQRBIU%2BeFB0J9XT3TszRlhMYiQYk5hEcq6uqp4tp6arreqenl0UogHJcbz549L7TZJFjWL%2BAEFnvYQ5iJOILOh68CoeDHiWmR1cfId679X3Dt%2F3vffhdrlPKEq2d%2BkNs6W0ZifiBvWfu6YyYSrnX7jqB7RBT%2FrXVLYWnfSH88cOXgpo3KDP%2B69J3jMnmjSgNKCBf1ZZmZrhiQUKld%2FtBI0ObUTNRhBHGNr%2F96704JgHMdgnj0OJ2bGN%2B%2Feg%2BARZ%2F5sz0vUKk7%2F4ar%2FUrDAWA7HzVtbLTJWhf1im1kOa7SynYdyMkI%2BPwGQ7SwUwg1tzBUjUjHi%2FBEiynSVNJIPbB0wTDZkhEcdRDSaQegLFJuDmBpT4iQBc4MJFZP07F4yt2OYByubojKz88wiqmpGV355A1v%2F6lFZD%2F4rRZaFM5jBMa6jhBKo7QV7uotjyoKpd8OIDKEGQ9WsosfdsM5aSRYlcFWHaWo3akq4yGsWra0J0IpomTdpqLqxRagKVTqDlCMwdRek8lMpDmXoocw99seezuJNS2kqTNAzbEec8DDmP22siFmHUTilKPuc%2BQpGPwPUI3F5Hbq%2Bjp0aw5XdwGzWc8OAKgoGoUUmCyhFUjKBSBFVBUA3q20K7pqvvCO3KJFjm5jKH9dgU3W122xRdmZHtfJ88tjDsz5VV9OSeH0aMtaNW2o5jzjsBC%2BOA8k4npTFLO2wthlM1lDsC5jxszbd35nvkakbIX6tI2C6c3gVXT4OVz4BV41aTgm2MozbFVvYV14r3XKo3G9z0IUyNvFhBselt633y1ILIyw%2FfgeTT9V8fvvfZ2ptTcFsjtzXeVj8QdPXN8WVTkVuXTeXIvYt5ofpqi823eqVghTz2xetyszJWnDvjRp%2B%2FwufAvLx7VbriPMuEyrqOfHlKCSHtWWO5JN%2Bec9dkcql0G6dKm5X5%2BUunz57r51Y6p0w2AZtre%2F9dcDUjx71scbH%2Bj10oO4Eta%2FTLKVkGlNkFz6%2FD5dP1nx%2Bcdo%2Be%2FAPOEFh9OJPkHqqyHttmcvipFYGWhz1Lajg5Xb%2F%2FyTw%2BRSL%2FM2Tb3UTXemDFjcWdDmyNga7B9AiuPDoucjtdfxAuAon2xom23q1EW%2F3RgblO7flxEMl20m5xIRLJRdBqhu2Q0qYQUasjgw4KN%2BO%2F%2F%2F3CvwAAAP%2F%2FAQAA%2F%2F%2B%2FWyv4iQQAAA%3D%3D HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=25eea4be-d3f7-48e0-a045-6dd940fb2072:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 18:15:08 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 017c0702101da07ceea4091f4c4f3425
Strict-Transport-Security: max-age=0; includeSubdomains
sap.demdex.net/event?d_event=imp&d_src=674919&d_site=6562099&d_creative=183697038&d_placement=353892404&d_campaign=28918291
52.213.97.196302 Found 0 B URL HTTP/1.1 sap.demdex.net/event?d_event=imp&d_src=674919&d_site=6562099&d_creative=183697038&d_placement=353892404&d_campaign=28918291
IP 52.213.97.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?d_event=imp&d_src=674919&d_site=6562099&d_creative=183697038&d_placement=353892404&d_campaign=28918291 HTTP/1.1
Host: sap.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0eab94181.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://sap.demdex.net/firstevent?d_event=imp&d_src=674919&d_site=6562099&d_creative=183697038&d_placement=353892404&d_campaign=28918291
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=54654475150972198700625135869842805551; Max-Age=15552000; Expires=Fri, 04 Aug 2023 18:15:08 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: S3/pGVS3RcI=
Content-Length: 0
Connection: keep-alive
sap.demdex.net/firstevent?d_event=imp&d_src=674919&d_site=6562099&d_creative=183697038&d_placement=353892404&d_campaign=28918291
52.213.97.196200 OK 59 B URL HTTP/1.1 sap.demdex.net/firstevent?d_event=imp&d_src=674919&d_site=6562099&d_creative=183697038&d_placement=353892404&d_campaign=28918291
IP 52.213.97.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /firstevent?d_event=imp&d_src=674919&d_site=6562099&d_creative=183697038&d_placement=353892404&d_campaign=28918291 HTTP/1.1
Host: sap.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-09f6df340.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 9/53d967QBY=
Content-Length: 59
Connection: keep-alive
withenvisagehurt.com/pixel/sbs?c=1
192.243.59.12200 OK 0 B URL HTTP/1.1 withenvisagehurt.com/pixel/sbs?c=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Cookie: u_pl=15467565; uid_id2=25eea4be-d3f7-48e0-a045-6dd940fb2072:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 18:15:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 453aebc8cad29d87b033da659837ef40
f1289d5d93744351fba94534bc1f0e794142adb1
7097a4f0fc16bf300ccc4a1fe0dfc20b27206e959c6bc1f360f7233d6418ab27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7097A4F0FC16BF300CCC4A1FE0DFC20B27206E959C6BC1F360F7233D6418AB27"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2763
Expires: Sun, 05 Feb 2023 19:01:12 GMT
Date: Sun, 05 Feb 2023 18:15:09 GMT
Connection: keep-alive
data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D2%26scriptname%3Dadl_512%26tagid%3D1539%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D80%26custom2sec%3D3%26id10%3D%22%7D&adloox_io=1&client=sap_eu&campagne=512&banniere=0&visite_id=50118296125&seq=0&timezone=0&js=tfav_adl_512.js&date_regen=2022-12-12%2011%3A30%3A11&plat=2&tagid=1539&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1&id2=19166860773&id3=461165399&id4=1010134309&id5=https%3A%2F%2Fenit.in%2FSRKHqAob&id6=https%3A%2F%2Fenit.in%2FSRKHqAob&id7=ABAjH0iWzwKNNPkyfybwOd2At__7&id8=google.com&id9=pub-2726428685015992&id11=display&id12=%24ADLOOX_WEBSITE&id20=eed4384&p_d=0.545&d5=680&headless=webgl&d3=1280x1024&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=001000&resolution=1280x1024&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fenit.in%2F&nb_cpu=16&data=1675935239ttttttfffftfffftfffffffffffftffff&activetab=1
35.241.31.249204 No Content 0 B URL HTTP/2 data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D2%26scriptname%3Dadl_512%26tagid%3D1539%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D80%26custom2sec%3D3%26id10%3D%22%7D&adloox_io=1&client=sap_eu&campagne=512&banniere=0&visite_id=50118296125&seq=0&timezone=0&js=tfav_adl_512.js&date_regen=2022-12-12%2011%3A30%3A11&plat=2&tagid=1539&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1&id2=19166860773&id3=461165399&id4=1010134309&id5=https%3A%2F%2Fenit.in%2FSRKHqAob&id6=https%3A%2F%2Fenit.in%2FSRKHqAob&id7=ABAjH0iWzwKNNPkyfybwOd2At__7&id8=google.com&id9=pub-2726428685015992&id11=display&id12=%24ADLOOX_WEBSITE&id20=eed4384&p_d=0.545&d5=680&headless=webgl&d3=1280x1024&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=001000&resolution=1280x1024&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fenit.in%2F&nb_cpu=16&data=1675935239ttttttfffftfffftfffffffffffftffff&activetab=1
IP 35.241.31.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D2%26scriptname%3Dadl_512%26tagid%3D1539%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D80%26custom2sec%3D3%26id10%3D%22%7D&adloox_io=1&client=sap_eu&campagne=512&banniere=0&visite_id=50118296125&seq=0&timezone=0&js=tfav_adl_512.js&date_regen=2022-12-12%2011%3A30%3A11&plat=2&tagid=1539&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1&id2=19166860773&id3=461165399&id4=1010134309&id5=https%3A%2F%2Fenit.in%2FSRKHqAob&id6=https%3A%2F%2Fenit.in%2FSRKHqAob&id7=ABAjH0iWzwKNNPkyfybwOd2At__7&id8=google.com&id9=pub-2726428685015992&id11=display&id12=%24ADLOOX_WEBSITE&id20=eed4384&p_d=0.545&d5=680&headless=webgl&d3=1280x1024&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=001000&resolution=1280x1024&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fenit.in%2F&nb_cpu=16&data=1675935239ttttttfffftfffftfffffffffffftffff&activetab=1 HTTP/1.1
Host: data00.adlooxtracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 18:15:09 GMT
x-powered-by: PHP/7.4.33
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-route: ads-prod-674b87ddc5-glf4b
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
accept-ch-lifetime: 86400
access-control-allow-origin: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com
access-control-allow-headers: Content-Type, X-Requested-With
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 453aebc8cad29d87b033da659837ef40
f1289d5d93744351fba94534bc1f0e794142adb1
7097a4f0fc16bf300ccc4a1fe0dfc20b27206e959c6bc1f360f7233d6418ab27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7097A4F0FC16BF300CCC4A1FE0DFC20B27206E959C6BC1F360F7233D6418AB27"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2763
Expires: Sun, 05 Feb 2023 19:01:12 GMT
Date: Sun, 05 Feb 2023 18:15:09 GMT
Connection: keep-alive
data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D7%26scriptname%3Dadl_512%26tagid%3D1070%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D80%26custom2sec%3D3%22%7D&adloox_io=1&client=sap_eu&campagne=512&banniere=0&visite_id=99965767705&seq=0&timezone=0&js=tfav_adl_512.js&date_regen=2022-12-12%2011%3A30%3A11&plat=7&tagid=1070&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=12625071&id2=28918291&id3=353892404&id4=6562099&id5=183697038&id6=0&id11=display&id12=%24ADLOOX_WEBSITE&id20=eed4384&p_d=0.258&d5=1020&headless=webgl&d3=1280x1024&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=001000&resolution=1280x1024&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fenit.in%2F&nb_cpu=16&data=1675935239ttttttfffftfffftfffffffffffftffff&activetab=1
35.241.31.249200 OK 1.3 kB URL HTTP/2 data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D7%26scriptname%3Dadl_512%26tagid%3D1070%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D80%26custom2sec%3D3%22%7D&adloox_io=1&client=sap_eu&campagne=512&banniere=0&visite_id=99965767705&seq=0&timezone=0&js=tfav_adl_512.js&date_regen=2022-12-12%2011%3A30%3A11&plat=7&tagid=1070&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=12625071&id2=28918291&id3=353892404&id4=6562099&id5=183697038&id6=0&id11=display&id12=%24ADLOOX_WEBSITE&id20=eed4384&p_d=0.258&d5=1020&headless=webgl&d3=1280x1024&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=001000&resolution=1280x1024&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fenit.in%2F&nb_cpu=16&data=1675935239ttttttfffftfffftfffffffffffftffff&activetab=1
IP 35.241.31.249:0
Hash 9b346defdacc841ddefefe7dbfb5b794
59c4f3e0fca0e216cf139166013ef574859d7f89
dbd4d252d259c497d5f629ea1f8f554a08e3a72d3f4a5005d3327308120c3f75
GET /ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D7%26scriptname%3Dadl_512%26tagid%3D1070%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D80%26custom2sec%3D3%22%7D&adloox_io=1&client=sap_eu&campagne=512&banniere=0&visite_id=99965767705&seq=0&timezone=0&js=tfav_adl_512.js&date_regen=2022-12-12%2011%3A30%3A11&plat=7&tagid=1070&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=12625071&id2=28918291&id3=353892404&id4=6562099&id5=183697038&id6=0&id11=display&id12=%24ADLOOX_WEBSITE&id20=eed4384&p_d=0.258&d5=1020&headless=webgl&d3=1280x1024&d6=found-wabbit&d7=0&appname=Netscape&fai=frame%20without%20title&iframe=1&fake=001000&resolution=1280x1024&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2F2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&url_referrer=https%3A%2F%2Fenit.in%2F&nb_cpu=16&data=1675935239ttttttfffftfffftfffffffffffftffff&activetab=1 HTTP/1.1
Host: data00.adlooxtracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:09 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-route: ads-prod-674b87ddc5-5fzhs
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
accept-ch-lifetime: 86400
access-control-allow-origin: https://2b18f07837f727168e14e533d29f94a6.safeframe.googlesyndication.com
access-control-allow-headers: Content-Type, X-Requested-With
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
enit.in/SRKHqAob
172.67.133.181200 OK 0 B IP 172.67.133.181:0
GET /SRKHqAob HTTP/1.1
Host: enit.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: refSRKHqAob=NzVmMmYyMTI1OTgxYjc1YjQyYTY0YTcxMWY2NDNiZWMyMWQ0N2Y5MDY5MTY3NGZiYjRjOTcyMjRjM2M2YzNmOT4Hm8iuX0cM0mjJ9zQrOJ40H%2FTyg4eAFVA%2FJ7f07Ctm; expires=Sun, 05-Feb-2023 18:20:05 GMT; Max-Age=300; path=/; HttpOnly; secure
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5bNIBtaEDGeMFVf3mEF27UKZCbnXOQ4XVfZl3Xcz3Y8G%2FI19PCd%2FZCFjq9Rzs8citdmRKBnetap4VT6a%2Fq%2FWaRhDeo5TSS29PvwQjkQpTYnLHg9XBKeI%2FQ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794da11f9b30b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.203.23200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: dd186a946ac2b30c4ea174e51245249d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 Feb 2023 18:15:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xux8r7EM36NtQ8I11jTvHUb7KLAKWEBeU%2BV%2BIr13R4EmpN7VwxhVUq%2BMWRN1NKt8xJzucCcqUZ1vAiMYxbjred%2F0d4XWp8NZx6Wt%2FWmhRpGFl0Cu4qM6QB0vh12xAZfLOfHlgSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794da12a1e4124ab-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
taghaugh.com/?rb=Qguhm7Pg9TO2O5g62ssfBhKDOxk7xSqAQqC3PIPn9WMsylFS1SBE5m9Rs8Wv96GcgNmUu98JhPACGkxOtBkvi90YZeINL9FSz2QjD008PqmSDeKy72RA0SHFnykSWx2ZMhJF4-dHt2U5giIra6vBHrzRqqpZUZVM1QNMuUCEs9r1T-fbkA0kKdI94zoujLCkSsKLhgatdMYlyhpM3Py2nuI20aeMgBtj&request_ab2=0&zoneid=5491932&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FSRKHqAob%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=dda50d59-52e1-4bce-bbf0-0793ab01d982&userId=03b1ba506ff34095bb022a7cdc2c85c3&m=link
139.45.197.237200 OK 0 B URL HTTP/2 taghaugh.com/?rb=Qguhm7Pg9TO2O5g62ssfBhKDOxk7xSqAQqC3PIPn9WMsylFS1SBE5m9Rs8Wv96GcgNmUu98JhPACGkxOtBkvi90YZeINL9FSz2QjD008PqmSDeKy72RA0SHFnykSWx2ZMhJF4-dHt2U5giIra6vBHrzRqqpZUZVM1QNMuUCEs9r1T-fbkA0kKdI94zoujLCkSsKLhgatdMYlyhpM3Py2nuI20aeMgBtj&request_ab2=0&zoneid=5491932&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FSRKHqAob%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=dda50d59-52e1-4bce-bbf0-0793ab01d982&userId=03b1ba506ff34095bb022a7cdc2c85c3&m=link
IP 139.45.197.237:0
GET /?rb=Qguhm7Pg9TO2O5g62ssfBhKDOxk7xSqAQqC3PIPn9WMsylFS1SBE5m9Rs8Wv96GcgNmUu98JhPACGkxOtBkvi90YZeINL9FSz2QjD008PqmSDeKy72RA0SHFnykSWx2ZMhJF4-dHt2U5giIra6vBHrzRqqpZUZVM1QNMuUCEs9r1T-fbkA0kKdI94zoujLCkSsKLhgatdMYlyhpM3Py2nuI20aeMgBtj&request_ab2=0&zoneid=5491932&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fenit.in%2FSRKHqAob%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=dda50d59-52e1-4bce-bbf0-0793ab01d982&userId=03b1ba506ff34095bb022a7cdc2c85c3&m=link HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enit.in/
Origin: https://enit.in
Connection: keep-alive
Cookie: OAID=03b1ba506ff34095bb022a7cdc2c85c3; oaidts=1675620905
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 18:15:06 GMT
content-type: application/json
x-trace-id: 73fa18dc770989da21df70dad56bae0d
access-control-allow-origin: https://enit.in
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=03b1ba506ff34095bb022a7cdc2c85c3; expires=Mon, 05 Feb 2024 18:15:06 GMT; path=/; secure; SameSite=None
oaidts=1675620906; expires=Mon, 05 Feb 2024 18:15:06 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 12 Feb 2023 18:15:06 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css
IP 172.64.166.9:0
GET /sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:08 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:46:51 GMT
etag: W/"602d022b-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2012278
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWwniO%2BCEtOHUJwnZyYscI701%2FODDPJKJBlvUZOAdHcIhWGOtqenIv9sv3gf68K3QA40yQaxwr5UhmqTdtAMebw7Wg1cy6S0OlGbxjNZgrCf9rBXNS%2FKvdCrxwDQV9HOpAKC5sU5AZyZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794da135ed4323d6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css
IP 172.64.166.9:0
GET /sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://enit.in
Connection: keep-alive
Referer: https://enit.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 18:15:08 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 11:41:22 GMT
etag: W/"614c67e2-160c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 818343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl4IR9fijBB1vy8Ip1i5g6SbvtKZ0vAt7F52sqPRFZhLUaOG%2BAThsvw%2BuiQSr0upVJFvtt%2BaOj07G9TuUkUqnk3HcyK4z6OJvDq8Hf8ry4RSumf1YkxCbMNNz5NY8%2Ff7bCPS5T0VHHsE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794da135fd6723d6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2