gnula.nu/documental/ver-only-the-dead-2015-online/
185.178.208.130301 Moved Permanently 568 B URL HTTP/1.1 gnula.nu/documental/ver-only-the-dead-2015-online/
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
GET /documental/ver-only-the-dead-2015-online/ HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Sun, 18 Dec 2022 08:22:42 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://gnula.nu/documental/ver-only-the-dead-2015-online/
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8556
Expires: Sun, 18 Dec 2022 10:45:18 GMT
Date: Sun, 18 Dec 2022 08:22:42 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5463
Expires: Sun, 18 Dec 2022 09:53:45 GMT
Date: Sun, 18 Dec 2022 08:22:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 07:45:26 GMT
content-type: application/json
age: 2236
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5553
Expires: Sun, 18 Dec 2022 09:55:15 GMT
Date: Sun, 18 Dec 2022 08:22:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wirKbjw7NvV8qAlZuC6qv1j7OVneQZsiHcliPxqThefRny4w1HDrFt/XnhJEd5mvN/gjZSw/9Qw=
x-amz-request-id: WK0R8KQAXJWTA24H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 07:52:07 GMT
age: 1835
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:42 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8302eade5c0066f4a8afd48f15237c3a
e9a78f8280e4b0a328a5e7b324acf4e41c3ce0ee
7b7935c91fab49d15b03690280a3e90eca3d9b418a48e7554a16439c67ea670b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B7935C91FAB49D15B03690280A3E90ECA3D9B418A48E7554A16439C67EA670B"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4594
Expires: Sun, 18 Dec 2022 09:39:16 GMT
Date: Sun, 18 Dec 2022 08:22:42 GMT
Connection: keep-alive
gnula.nu/documental/ver-only-the-dead-2015-online/
185.178.208.130200 OK 31 kB URL HTTP/2 gnula.nu/documental/ver-only-the-dead-2015-online/
IP 185.178.208.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (49031)
Hash 2d115d64ddc046dc37293faf6f2e5b33
606716fa92e4db96ee35882707319bf2298a1f02
3088c7d46e5b212c94c08ccb28feb4cd60223095c160a2f3d2cbeea1b83eb74d
GET /documental/ver-only-the-dead-2015-online/ HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW; Domain=.gnula.nu; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:42 GMT
date: Sun, 18 Dec 2022 08:22:42 GMT
content-type: text/html; charset=UTF-8
content-length: 31359
link: <https://gnula.nu/wp-json/>; rel="https://api.w.org/", <https://gnula.nu/wp-json/wp/v2/posts/178423>; rel="alternate"; type="application/json", <https://gnula.nu/?p=178423>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 07:33:23 GMT
age: 2960
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
gnula.nu/wp-includes/css/dist/block-library/style.min.css
185.178.208.130200 OK 8.9 kB URL HTTP/2 gnula.nu/wp-includes/css/dist/block-library/style.min.css
IP 185.178.208.130:0
File type Unicode text, UTF-8 text, with very long lines (29677)
Hash c787c06ec6de64a26274c2335677bf93
61d65d871722227622a19026f4c546ec1819df14
3689099f7cfc2d806fe0660c9c031d1bffbd642b9c7c3f278192055c901dbdab
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/documental/ver-only-the-dead-2015-online/
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 15:04:20 GMT
content-type: text/css
last-modified: Wed, 14 Jul 2021 22:04:26 GMT
cache-control: max-age=604800
content-encoding: gzip
content-length: 8930
ddg-cache-status: HIT,HIT
etag: W/"60ef5f6a-e33b"
expires: Sat, 17 Dec 2022 22:42:58 GMT
age: 321503
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/style.css
185.178.208.130200 OK 6.2 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/style.css
IP 185.178.208.130:0
File type Unicode text, UTF-8 text, with very long lines (1067)
Hash 523060523e8538a5ce44511e3f6857f0
dfd9a769e7f8cbc18799af4180ce662570e5b51f
4295c27a0291af314f33273ae7a76d13b3556bb29e50d49cd7925169223fb8ba
GET /wp-content/themes/charcoal2/style.css HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/documental/ver-only-the-dead-2015-online/
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 15:32:19 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 22:32:04 GMT
cache-control: max-age=604800
content-encoding: gzip
content-length: 6165
ddg-cache-status: HIT,HIT
etag: W/"6032df64-9af4"
expires: Sat, 17 Dec 2022 22:54:09 GMT
age: 319824
X-Firefox-Spdy: h2
gnula.nu/wp-content/plugins/akismet/_inc/form.js
185.178.208.130200 OK 318 B URL HTTP/2 gnula.nu/wp-content/plugins/akismet/_inc/form.js
IP 185.178.208.130:0
Hash 9981fd8493ac6b5c99634815c9aef030
15e922eda1c62a37bce0aea182535530889a044e
66780daa2edc073e9067f4b12f75d41c58bea33d1455d788b72b0e1853cca132
GET /wp-content/plugins/akismet/_inc/form.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/documental/ver-only-the-dead-2015-online/
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 12:27:31 GMT
content-type: application/javascript
last-modified: Wed, 14 Jul 2021 20:59:01 GMT
cache-control: max-age=604800
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "60ef5015-2bc"
expires: Mon, 12 Dec 2022 17:15:14 GMT
age: 503712
content-length: 318
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/The_Banshees_of_Inisherin3.gif
185.178.208.130200 OK 5.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/The_Banshees_of_Inisherin3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash acf91113d3d856918901bc3b1033b503
d4a20a4d4083ea02a9cd6dda75b2842795e58047
0bfdd9565bc93bb617613732995ba3fb1225309d3bb2efb55d50d45d896dc5e6
GET /wp-content/uploads/2022/12/The_Banshees_of_Inisherin3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 17 Dec 2022 16:27:54 GMT
content-type: image/gif
content-length: 5301
last-modified: Sat, 17 Dec 2022 16:20:27 GMT
etag: "639dec4b-14b5"
expires: Sat, 24 Dec 2022 16:27:54 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 57289
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/I_Believe_in_Santa3.gif
185.178.208.130200 OK 5.5 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/I_Believe_in_Santa3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash af3cdc44e80c475af1b3570a4e88a132
dc3f105a275906fc8387b3de6cd055b297ed732a
5d45746805cefee8915f2f0d15457f58ceff237417e9d5c882b4941aa8caa219
GET /wp-content/uploads/2022/12/I_Believe_in_Santa3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 23:32:46 GMT
content-type: image/gif
content-length: 5455
last-modified: Fri, 16 Dec 2022 23:28:24 GMT
etag: "639cff18-154f"
expires: Fri, 23 Dec 2022 23:32:46 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 118197
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/In_From_the_Side3.gif
185.178.208.130200 OK 5.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/In_From_the_Side3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 96cee8e1e1c977c0ef8b331898a64c73
0037747f6f601d7eccbe166681bd5e36ddd4436e
ed0901d6b430120d6dc0871f068c7f32a3f61e0a59a02e8f8d71bc8ef619d665
GET /wp-content/uploads/2022/12/In_From_the_Side3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 23:25:54 GMT
content-type: image/gif
content-length: 5329
last-modified: Fri, 16 Dec 2022 23:22:14 GMT
etag: "639cfda6-14d1"
expires: Fri, 23 Dec 2022 23:25:54 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 118609
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/About_Fate3.gif
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/About_Fate3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 41012706da78b083a75ba94e20592053
7f1b8271e22415c637a40d05296ad47f2bb24dee
ccb4dacdbf0350929db302103ce38548b396907efee81ef6b348f99284a5a354
GET /wp-content/uploads/2022/12/About_Fate3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 23:20:16 GMT
content-type: image/gif
content-length: 5922
last-modified: Fri, 16 Dec 2022 23:15:40 GMT
etag: "639cfc1c-1722"
expires: Fri, 23 Dec 2022 23:20:16 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 118947
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/De_Veroordeling3.gif
185.178.208.130200 OK 5.1 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/De_Veroordeling3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 2e01df48bdf7c584a6054201c9ae52ad
c182cbef48ef52fc389eb8fc1e0fc7ba7687cdf0
6f06649cca36d32af94c15073706a2b04b935377d678c5b72b7399c8ca28f3a7
GET /wp-content/uploads/2022/12/De_Veroordeling3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 23:08:28 GMT
content-type: image/gif
content-length: 5093
last-modified: Fri, 16 Dec 2022 23:03:25 GMT
etag: "639cf93d-13e5"
expires: Fri, 23 Dec 2022 23:08:28 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 119655
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Nanny3.gif
185.178.208.130200 OK 5.6 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Nanny3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash fdd33144617689cac010d2d36b156204
fe41f8d920d6b88e0b7feca4c60318ba2c6a736b
97a30f682ad7d17262b2ed901c3ae47db929a14c6f15ca8def7e42081c7c1eb5
GET /wp-content/uploads/2022/12/Nanny3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 22:39:51 GMT
content-type: image/gif
content-length: 5602
last-modified: Fri, 16 Dec 2022 22:34:14 GMT
etag: "639cf266-15e2"
expires: Fri, 23 Dec 2022 22:39:51 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 121372
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Es_ist_nur_eine_Phase_Hase3.gif
185.178.208.130200 OK 5.6 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Es_ist_nur_eine_Phase_Hase3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash b8f7f8b8224aeeb8743f7f1e9de5fe21
fe2576f910b45cc47e411be0e20b7f394cd19fda
796b9fc06e09ce296b97471b178f9c5d6e5c17009f2f72127ba919bf947a1429
GET /wp-content/uploads/2022/12/Es_ist_nur_eine_Phase_Hase3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 06:28:25 GMT
content-type: image/gif
content-length: 5620
last-modified: Fri, 16 Dec 2022 06:22:54 GMT
etag: "639c0ebe-15f4"
expires: Fri, 23 Dec 2022 06:28:25 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 179659
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/06/Monstrous3.gif
185.178.208.130200 OK 5.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/06/Monstrous3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 5b1f731794018e3b63bdedeeae1767c1
08fbd19c74a45a23e1c1ad16389a2c777ea4249f
ea8a678eabd1d31cfdb0fcbc3c85c0bffa270572aed72c0634cfa7d4b218820c
GET /wp-content/uploads/2022/06/Monstrous3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 22:50:13 GMT
content-type: image/gif
content-length: 5260
last-modified: Fri, 10 Jun 2022 17:19:42 GMT
etag: "62a37d2e-148c"
expires: Fri, 23 Dec 2022 22:50:13 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 120750
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2
gnula.nu/wp-includes/js/wp-embed.min.js
185.178.208.130200 OK 6.4 kB URL HTTP/2 gnula.nu/wp-includes/js/wp-embed.min.js
IP 185.178.208.130:0
File type ASCII text, with very long lines (1391)
Hash caf877430e98068adb7fd3d9c8f53651
2530c06381d42e6a5033efebea839a1d2ff6c821
1676c565a6764a48365b4b38d2cf9f2ec8f314c757f9e92254909f56936b26fb
GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/documental/ver-only-the-dead-2015-online/
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 00:33:24 GMT
content-type: application/javascript
last-modified: Mon, 15 Feb 2021 03:38:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: W/"6029ecaa-592"
expires: Tue, 20 Dec 2022 10:36:44 GMT
age: 373759
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Contra3.gif
185.178.208.130200 OK 5.5 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Contra3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 0ff2613fa166ad86e1162d5d1f33fa4d
d9640c5c003a54a2ae5b1acd2d2a8856762b5a03
51fb25cc9dce6655bccb8024c21b6f364967ba3f3c4c26f8d61ab2777165d1db
GET /wp-content/uploads/2022/12/Contra3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 05:52:26 GMT
content-type: image/gif
content-length: 5519
last-modified: Fri, 16 Dec 2022 05:45:57 GMT
etag: "639c0615-158f"
expires: Fri, 23 Dec 2022 05:52:26 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 181817
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 07013e28466ba007efcc7fadf7ef16b5
22eede56d603898aea68f6c351f2452ad9be5664
90cd70231258c8675498b49cf2c3a38ff62884a373fa576da0378b0c093564cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e5450c699fd766ff699b734ba0105f44
c30d5168d5a1c34769f913634fb049bcbfbdbc5b
95625cfe5f5d106ce9999b77bfcac203bac660fb1a398187e0869df06ecb3855
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5397
Cache-Control: max-age=94445
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Etag: "639d86ab-1d7"
Expires: Mon, 19 Dec 2022 10:36:48 GMT
Last-Modified: Sat, 17 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
gnula.nu/wp-content/uploads/2022/12/Contra2.gif
185.178.208.130200 OK 13 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Contra2.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 98 x 140\012- data
Hash dc8e467cd00def394daf646e5745147d
057d337b0645057cbbbd1bbbb99439ffb363f19b
2280db99874fb34d20f95d41a12e43970652ad0dd7e56c07a9b291f62b8121a2
GET /wp-content/uploads/2022/12/Contra2.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 05:52:28 GMT
content-type: image/gif
content-length: 12882
last-modified: Fri, 16 Dec 2022 05:45:56 GMT
etag: "639c0614-3252"
expires: Fri, 23 Dec 2022 05:52:28 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 181815
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Ozel_Ders3.gif
185.178.208.130200 OK 6.0 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Ozel_Ders3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 05c73d4eface20f62b9651e56dab3f74
f7738ea713e4cd177da3305a7ecb3d9554fc30e1
a11634d7a97a365ccd481519c6b2465d1bbef1276c521d419c0899cdaf11b3be
GET /wp-content/uploads/2022/12/Ozel_Ders3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 23:37:24 GMT
content-type: image/gif
content-length: 5968
last-modified: Fri, 16 Dec 2022 23:34:22 GMT
etag: "639d007e-1750"
expires: Fri, 23 Dec 2022 23:37:24 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 117919
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Something_from_Tiffanys3.gif
185.178.208.130200 OK 5.6 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Something_from_Tiffanys3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 505e0a40345e3d3397102b96441d06fa
ad431cabdb21d5e276c38c733e9052d5a2f8b21b
27f8bd0014e13471d527bd4b50fa3920e0412ab580f0cd596232a26993118501
GET /wp-content/uploads/2022/12/Something_from_Tiffanys3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 19:09:45 GMT
content-type: image/gif
content-length: 5621
last-modified: Fri, 09 Dec 2022 19:02:44 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "63938654-15f5"
expires: Fri, 23 Dec 2022 19:09:45 GMT
age: 133978
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Los_Reyes_Magos_La_verdad3.gif
185.178.208.130200 OK 6.0 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Los_Reyes_Magos_La_verdad3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash a02e7994259dc423c3addb5601e66787
e9c75f240bbe0666f38f948d8d710f4444d66e67
4166e2f571e530d7a0201b405f03b24d546b37ddd01ae32eaba835af23c374f0
GET /wp-content/uploads/2022/12/Los_Reyes_Magos_La_verdad3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 23:01:36 GMT
content-type: image/gif
content-length: 5997
last-modified: Fri, 16 Dec 2022 22:57:09 GMT
etag: "639cf7c5-176d"
expires: Fri, 23 Dec 2022 23:01:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 120067
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Guillermo_del_Toros_Pinocchio4.gif
185.178.208.130200 OK 39 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Guillermo_del_Toros_Pinocchio4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 3359153c2123818feaf3054dc1139f96
8550de0212419c18c05078cc9a76959211f75573
3bbdd037e986d89889ba349f9a98f67fed59ba3adb59c2ba95f6b14d74f07622
GET /wp-content/uploads/2022/12/Guillermo_del_Toros_Pinocchio4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 04:48:17 GMT
content-type: image/gif
content-length: 38755
last-modified: Fri, 16 Dec 2022 04:46:07 GMT
etag: "639bf80f-9763"
expires: Fri, 23 Dec 2022 04:48:17 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 185666
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Mad_Heidi3.gif
185.178.208.130200 OK 6.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Mad_Heidi3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 58010e4a242e8632e3e3541649272264
2e26397f28d7f7ccfe628417400d9e000dbe90cd
8dc3e7c13ae54afa085b6056f3858a4bc5cbebe4757086b6f24077ed74eb7a1e
GET /wp-content/uploads/2022/12/Mad_Heidi3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 22:44:02 GMT
content-type: image/gif
content-length: 6168
last-modified: Fri, 16 Dec 2022 22:40:52 GMT
etag: "639cf3f4-1818"
expires: Fri, 23 Dec 2022 22:44:02 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 121122
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Ramona3.gif
185.178.208.130200 OK 5.1 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Ramona3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 03b488b4fe48f642c2af25951bafbf2f
9392545f6cd2b936318e04f7a896e3ee1667904b
3f0e3ed93c9a545c0332216d4cfb6593d8f5beed2435cc80f05d155c5eba3a4b
GET /wp-content/uploads/2022/12/Ramona3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 22:32:10 GMT
content-type: image/gif
content-length: 5117
last-modified: Fri, 16 Dec 2022 22:27:25 GMT
etag: "639cf0cd-13fd"
expires: Fri, 23 Dec 2022 22:32:10 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 121833
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Ardiente_paciencia3.gif
185.178.208.130200 OK 5.8 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Ardiente_paciencia3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash dd27864f92640c5c2247a1b4000afe76
8dc1bdd53c1a4a49d9cc55c013ae2dc38da353d3
96c8680e170e0cc610cf871d8119237c9a68c5182b6cb041c4c55b376700651c
GET /wp-content/uploads/2022/12/Ardiente_paciencia3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 06:18:02 GMT
content-type: image/gif
content-length: 5840
last-modified: Fri, 16 Dec 2022 06:13:20 GMT
etag: "639c0c80-16d0"
expires: Fri, 23 Dec 2022 06:18:02 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 180281
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Huevitos_congelados3.gif
185.178.208.130200 OK 5.7 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Huevitos_congelados3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash fb83ae8e77b35977d43ddef6b2e47a57
0fd855d7be878c2580de8ba719040066c29bdb4d
2581fa5c540c192146977e895e1e58c60afde1dbe4520ef2c314d79643bbf5dd
GET /wp-content/uploads/2022/12/Huevitos_congelados3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 04:35:18 GMT
content-type: image/gif
content-length: 5744
last-modified: Fri, 16 Dec 2022 04:32:04 GMT
etag: "639bf4c4-1670"
expires: Fri, 23 Dec 2022 04:35:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 186445
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Night_at_the_Museum_Kahmunrah_Rises_Again3.gif
185.178.208.130200 OK 6.1 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Night_at_the_Museum_Kahmunrah_Rises_Again3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 8e0c065b57f04e50ae1cc80252995cf0
6e8349dd2b992733762659d520a18df2f5c4430b
dcb407ca4d66874110634d3a09a310a7c67ae1adb0fabaa82d3b2eafe5a74f37
GET /wp-content/uploads/2022/12/Night_at_the_Museum_Kahmunrah_Rises_Again3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 06:08:25 GMT
content-type: image/gif
content-length: 6054
last-modified: Fri, 16 Dec 2022 04:03:26 GMT
etag: "639bee0e-17a6"
expires: Fri, 23 Dec 2022 06:08:25 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 180858
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Matrimillas3.gif
185.178.208.130200 OK 5.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Matrimillas3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash a946f5ae74e62e8d6c05dfae2da8c163
363151c97cb13188354ce80fa8178a3a31523b0c
95fb9779955597367fa0340e918a6cfbbe1a7fde42bb23572cd98bb727c1063b
GET /wp-content/uploads/2022/12/Matrimillas3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 04:35:18 GMT
content-type: image/gif
content-length: 5271
last-modified: Fri, 16 Dec 2022 04:26:41 GMT
etag: "639bf381-1497"
expires: Fri, 23 Dec 2022 04:35:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 186445
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Guillermo_del_Toros_Pinocchio3.gif
185.178.208.130200 OK 4.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Guillermo_del_Toros_Pinocchio3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash a08b02c07b51b3bf31d1aeb1b9636748
8a8b3fa110e1cd091ec82e597b7930bc2061566e
46fda015c1e34f21393db083c1cf955612fc74d7e87fd8336c1dbb2aec64e8de
GET /wp-content/uploads/2022/12/Guillermo_del_Toros_Pinocchio3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 04:48:18 GMT
content-type: image/gif
content-length: 4269
last-modified: Fri, 16 Dec 2022 04:46:07 GMT
etag: "639bf80f-10ad"
expires: Fri, 23 Dec 2022 04:48:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 185665
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Its_A_Wonderful_Binge3.gif
185.178.208.130200 OK 6.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Its_A_Wonderful_Binge3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 46baf454f6c96314b461d50e322dfb2d
763513ba966667fc45b4c25b9e47e92ed7ec6fe8
d1becb76e07ea39690d4a97435f5a18728b92f087b31deb6e8c794a2c7468f7a
GET /wp-content/uploads/2022/12/Its_A_Wonderful_Binge3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 16:01:22 GMT
content-type: image/gif
content-length: 6209
last-modified: Wed, 14 Dec 2022 15:57:40 GMT
etag: "6399f274-1841"
expires: Wed, 21 Dec 2022 16:01:22 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 318081
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Hawa3.gif
185.178.208.130200 OK 5.4 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Hawa3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash e492776b937ea86d865bb75e5be3532e
e14585ba32b9209c5e3f621aa50000aefc8edb2a
bf00126c84b7219480bfee3758a3162fefc531ed141e405b74fb9e8d6fe5a4ab
GET /wp-content/uploads/2022/12/Hawa3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 04:27:59 GMT
content-type: image/gif
content-length: 5409
last-modified: Mon, 12 Dec 2022 04:23:06 GMT
etag: "6396acaa-1521"
expires: Mon, 19 Dec 2022 04:27:59 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 532484
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/They_Them3.gif
185.178.208.130200 OK 6.4 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/They_Them3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 07ac52075460cd3da42b83d195ad007c
ee36fab4fb19f26d33d017577ca7cdbc5d00be11
690085482ad88c76914603e599150b9bcc9502d68934e726aefb3f684a124843
GET /wp-content/uploads/2022/08/They_Them3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 22:24:57 GMT
content-type: image/gif
content-length: 6354
last-modified: Mon, 08 Aug 2022 15:31:53 GMT
etag: "62f12c69-18d2"
expires: Fri, 23 Dec 2022 22:24:57 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 122266
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Slayers3.gif
185.178.208.130200 OK 6.1 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Slayers3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash afcfa6ae92cf0c5d46d2fc55be58d0d6
1016b4cdef56fed582250b708f3d10f05d751a2d
c5d11edd019bce8e9630d378104d39cf6d5557513b6523df52819b7829215bec
GET /wp-content/uploads/2022/12/Slayers3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 20:42:15 GMT
content-type: image/gif
content-length: 6058
last-modified: Tue, 06 Dec 2022 04:21:27 GMT
etag: "638ec347-17aa"
expires: Mon, 19 Dec 2022 20:42:15 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 474028
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Emancipation3.gif
185.178.208.130200 OK 6.0 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Emancipation3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 966ef21a6ad09956106f4d2ede61618e
1e8c56b15c76c7c652735ada4a8ed4b1860cc1fb
43fc7d6bad7e548791481c73db38b3c75f1151c8b6ef25ee6934bd1e46d729a0
GET /wp-content/uploads/2022/12/Emancipation3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 04:35:23 GMT
content-type: image/gif
content-length: 5962
last-modified: Mon, 12 Dec 2022 04:29:28 GMT
etag: "6396ae28-174a"
expires: Mon, 19 Dec 2022 04:35:23 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 532040
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/10/Los_renglones_torcidos_de_Dios3.gif
185.178.208.130200 OK 6.1 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/10/Los_renglones_torcidos_de_Dios3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash cfd71c678d51fd5a7da3b42b47f6405f
779f4b0f7370e77b1de62ff2b6966723efc89c17
a527544a23d513f579ff4ec80ab58439360b95f3ec09bf2446826a3527fa1645
GET /wp-content/uploads/2022/10/Los_renglones_torcidos_de_Dios3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 10:07:27 GMT
content-type: image/gif
content-length: 6052
last-modified: Mon, 10 Oct 2022 23:20:09 GMT
etag: "6344a8a9-17a4"
expires: Thu, 22 Dec 2022 10:07:27 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 252916
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b09c5fd392d9d40a99ab4c70e59fd24e
40e39676ca8052fd8b9eab501750f0011737f507
8c2b60b0ec0a8121d5c5a8dda2ec1a57b923efe10246386262f359f6a458cdcd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2022/11/Black_Adam5.gif
185.178.208.130200 OK 34 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/11/Black_Adam5.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash cc449cf16222716cab5d0792042b7c4f
60d4beb0a0fe383d8763287786892ee6c2cab395
dd45a20cf17c45159382a965ae8ae5f9f9db9b330d71048a9ca594dc559139ee
GET /wp-content/uploads/2022/11/Black_Adam5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 17 Dec 2022 19:19:42 GMT
content-type: image/gif
content-length: 33635
last-modified: Wed, 23 Nov 2022 02:20:29 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "637d836d-8363"
expires: Fri, 23 Dec 2022 09:41:45 GMT
age: 46981
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1429)
Hash 296a5a06eafc4950f2cbcfb331e84089
7f9819fc037359fc7af6808bfcc6cf2c56718845
84877268694e5d2d037b75970fe362a7fc4775cfd76ebc9d7f7676b820019d00
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20933
date: Sun, 18 Dec 2022 08:22:43 GMT
expires: Sun, 18 Dec 2022 08:22:43 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a255ff5eb9ebf9b5"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.es/cse/brand?form=cse-search-box&lang=es
216.58.207.195301 Moved Permanently 237 B URL HTTP/2 www.google.es/cse/brand?form=cse-search-box&lang=es
IP 216.58.207.195:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd
GET /cse/brand?form=cse-search-box&lang=es HTTP/1.1
Host: www.google.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/prose/brandjs.js
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 08:22:43 GMT
expires: Sun, 18 Dec 2022 08:52:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/10/Dont_Worry_Darling4.gif
185.178.208.130200 OK 33 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/10/Dont_Worry_Darling4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 784bc6da36153189895b958af63c648c
5c0ae88ad3d2720921dfb6954809ba8ac5cfcbf3
81c22b8799def0e5e82cbc13abaf6643752c4f522c9eaa9c9edf1d79be3b58ad
GET /wp-content/uploads/2022/10/Dont_Worry_Darling4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 10:07:50 GMT
content-type: image/gif
content-length: 33362
last-modified: Wed, 26 Oct 2022 03:28:42 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6358a96a-8252"
expires: Sat, 17 Dec 2022 15:16:34 GMT
age: 166493
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/11/My_Policeman4.gif
185.178.208.130200 OK 38 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/11/My_Policeman4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash ee49875136f6a4e0f36b1b090ce32bdf
5fb4e22a36354d52309bd32877f4d043eaa66a1f
0d0fa87c67b46606b66c108106059e35792c45f1727d28e592d8d77b149213e3
GET /wp-content/uploads/2022/11/My_Policeman4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 17:06:13 GMT
content-type: image/gif
content-length: 38299
last-modified: Mon, 07 Nov 2022 16:34:47 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "636933a7-959b"
expires: Fri, 16 Dec 2022 07:48:32 GMT
age: 486990
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-144276616-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144276616-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 098198cf1710fa4705c244a54b42dae0
82bacddae153fb8ce84d26caddcc50f9fd483f47
f3db654aca0d7b56c179c8d043e78e6fa6e68d5096eb31bef65312a1f42484df
GET /gtag/js?id=UA-144276616-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Dec 2022 08:22:43 GMT
expires: Sun, 18 Dec 2022 08:22:43 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Nope4.gif
185.178.208.130200 OK 41 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Nope4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 3938804975796ef88f10bfdc13098f7c
6c228c84d8867f44d5b61ce39dcdf7e5ae520aa8
385a0d28d4855873ad6f61d07464f23613249bad88579d60123392deb6bf3364
GET /wp-content/uploads/2022/08/Nope4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 14:12:09 GMT
content-type: image/gif
content-length: 40845
last-modified: Thu, 25 Aug 2022 17:12:40 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6307ad88-9f8d"
expires: Sat, 17 Dec 2022 10:19:59 GMT
age: 238234
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/11/Bodies_Bodies_Bodies4.gif
185.178.208.130200 OK 36 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/11/Bodies_Bodies_Bodies4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 609af1aca0b86df61decea3888097441
8d04bc59beaa1da770ebb5002cfc05d58f5553f2
aecdf6e59f70749c2be0a890a73f40750a149a20034de1ef850837b51d1453d6
GET /wp-content/uploads/2022/11/Bodies_Bodies_Bodies4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 08:09:05 GMT
content-type: image/gif
content-length: 35488
last-modified: Wed, 02 Nov 2022 05:15:08 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6361fcdc-8aa0"
expires: Sun, 18 Dec 2022 04:53:48 GMT
age: 260018
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Emancipation4.gif
185.178.208.130200 OK 45 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Emancipation4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 4615d0d673b5e2a5a1d6094b101f00f6
a1ef5793808b4d90961a215806b829f84f31b927
34fd3bd7d913d549c50026e3c1e8df7f3d4c52de522fdd9b3b4d5fa1ca2a305f
GET /wp-content/uploads/2022/12/Emancipation4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 20:02:13 GMT
content-type: image/gif
content-length: 44595
last-modified: Mon, 12 Dec 2022 04:29:30 GMT
etag: "6396ae2a-ae33"
expires: Thu, 22 Dec 2022 20:02:13 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 217230
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/11/The_Woman_King4.gif
185.178.208.130200 OK 44 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/11/The_Woman_King4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 3290f6c4940858e881cb31838fdfb891
6920d3ca37cf1681f8a2208004912ad73a58f4e6
66218423811df26cf62257ea934e4543de60c4d37b6ec1a00c6cee6bd6785031
GET /wp-content/uploads/2022/11/The_Woman_King4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 08:06:59 GMT
content-type: image/gif
content-length: 44520
last-modified: Wed, 23 Nov 2022 01:43:51 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "637d7ad7-ade8"
expires: Wed, 14 Dec 2022 08:19:46 GMT
age: 346544
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Beast2m4.gif
185.178.208.130200 OK 41 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Beast2m4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash c15b04077a1988ceab4d1ea6905d7520
922c0aa0e66d16b61c058e81e6721f4ec7589de8
63e990da95df43fa16d4cd816e4f0b4f3078d6921c3094eab0af218ac118c91e
GET /wp-content/uploads/2022/09/Beast2m4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 11 Dec 2022 08:40:49 GMT
content-type: image/gif
content-length: 41074
last-modified: Thu, 08 Sep 2022 18:35:12 GMT
etag: "631a35e0-a072"
expires: Sun, 18 Dec 2022 08:40:49 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 603714
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/La_mancha-negra3.gif
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/La_mancha-negra3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 627fd4cb97d158d8652bae2a2881b6fa
b1630fcc7033102ef27d0802c2cbb9bb6fd4440d
b44d5572bc94f927582bd31571a78d3d02b432acb394ff0f512d825a53d8888e
GET /wp-content/uploads/2022/12/La_mancha-negra3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 22:54:18 GMT
content-type: image/gif
content-length: 5865
last-modified: Fri, 16 Dec 2022 22:51:57 GMT
etag: "639cf68d-16e9"
expires: Fri, 23 Dec 2022 22:54:18 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 120505
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/10/Wolves_of_War3.gif
185.178.208.130200 OK 6.1 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/10/Wolves_of_War3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 1c97acb987dc9dca04d2eddf5bddb675
e5bc510c5893661656cd6b109295ffb2c8841715
67c259a31f04625f034c4752496f95cacf6bda0679da40ab1199f451f588514b
GET /wp-content/uploads/2022/10/Wolves_of_War3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 08:08:15 GMT
content-type: image/gif
content-length: 6064
last-modified: Mon, 10 Oct 2022 02:42:31 GMT
etag: "63438697-17b0"
expires: Wed, 21 Dec 2022 08:08:15 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 346468
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/03/Ash_and_Dust3.gif
185.178.208.130200 OK 6.3 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/03/Ash_and_Dust3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 38eaf116e407c5167fff70da8812e9f9
40b64e4131adbb024715ac17b51a4344bd78db94
b38d013f124eceada588d549c1ada9c63603ac94032dee5c49829ced0e75934e
GET /wp-content/uploads/2022/03/Ash_and_Dust3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 15:53:25 GMT
content-type: image/gif
content-length: 6262
last-modified: Sat, 19 Mar 2022 22:06:46 GMT
etag: "623653f6-1876"
expires: Wed, 21 Dec 2022 15:53:25 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 318558
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/10/Lyle_Lyle_Crocodile3.gif
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/10/Lyle_Lyle_Crocodile3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash fb9b29914900b0e9ad8060743a0a5ad5
9bab6f093f0f915114e865222a9d6cc7fa4e5e92
c25ada41eccdad2304339754f4ca77c5711298dafc974943118f54c2fff54d7c
GET /wp-content/uploads/2022/10/Lyle_Lyle_Crocodile3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 01:22:25 GMT
content-type: image/gif
content-length: 5922
last-modified: Sat, 22 Oct 2022 16:25:45 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "63541989-1722"
expires: Wed, 14 Dec 2022 19:44:41 GMT
age: 370818
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/04/Alien_Sniperess3.gif
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/04/Alien_Sniperess3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 75b11d4892ea988b5ff56b1ce2cbace4
eb6cbd3e52a5d8f48f41ecf579e77161406a1df7
5c456caafe5226c7c5a8790612f11b1dcafb7593b7221965493821903dafc050
GET /wp-content/uploads/2022/04/Alien_Sniperess3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 13 Dec 2022 09:25:31 GMT
content-type: image/gif
content-length: 5892
last-modified: Sun, 24 Apr 2022 14:36:21 GMT
etag: "62656065-1704"
expires: Tue, 20 Dec 2022 09:25:31 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 428232
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/11/Reyes_contra_Santa3.gif
185.178.208.130200 OK 6.0 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/11/Reyes_contra_Santa3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash c4c798ae25cd847aa674af573a6a23f6
0d84754f460181d9d716665240dab6b6b5d58fd5
f6037e4462054e482f5b10ed27cbbb6bfd9b4a486d8dcc1624fa4f47ff290fce
GET /wp-content/uploads/2022/11/Reyes_contra_Santa3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 11:24:10 GMT
content-type: image/gif
content-length: 5977
last-modified: Sun, 27 Nov 2022 23:28:31 GMT
etag: "6383f29f-1759"
expires: Thu, 22 Dec 2022 11:24:10 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 248313
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/07/Abandoned3.gif
185.178.208.130200 OK 5.8 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Abandoned3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash e8c15c50d48e8d22de0cb1483fbcf679
00f5e8bf106b53f5bb4754bbfbec7e1ff0eeded3
ee9f92734fa393692402cf11c43aa091da1584a8719958f3330c20457259a194
GET /wp-content/uploads/2022/07/Abandoned3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 14:46:23 GMT
content-type: image/gif
content-length: 5813
last-modified: Sun, 17 Jul 2022 21:02:40 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,MISS
etag: "62d478f0-16b5"
expires: Wed, 21 Dec 2022 14:46:23 GMT
age: 322580
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/12/Avatar_The_Way_of_Water_new.jpg
185.178.208.130200 OK 36 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/12/Avatar_The_Way_of_Water_new.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.4 (Macintosh), datetime=2022:12:15 12:37:05], baseline, precision 8, 215x279, components 3\012- data
Hash 2e5f76915fee991e0351c290c13596e3
e11a5c278d58ec8bbb4d03cc6ebc4d197e5ec992
d86df1d71a1818d51af64b6372fbd686fa664ee7ca228d10450f21f4e369926d
GET /wp-content/uploads/2022/12/Avatar_The_Way_of_Water_new.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 17:41:56 GMT
content-type: image/jpeg
content-length: 35880
last-modified: Thu, 15 Dec 2022 17:37:10 GMT
etag: "639b5b46-8c28"
expires: Thu, 22 Dec 2022 17:41:56 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 225647
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/11/Amsterdam4.gif
185.178.208.130200 OK 36 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/11/Amsterdam4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 4b04ddab75cd6fad617b3081e254dcb1
e5b90f90cac25fecb04f1219e6dd041880cd05da
568a0bb4135b099a04325fbb7b83aa0e383151d07b48abc14dedaf0abbd1c9e4
GET /wp-content/uploads/2022/11/Amsterdam4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 13 Dec 2022 17:52:30 GMT
content-type: image/gif
content-length: 35652
last-modified: Tue, 15 Nov 2022 17:40:37 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6373cf15-8b44"
expires: Sun, 18 Dec 2022 12:08:05 GMT
age: 397814
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/11/Halloween_Ends5.gif
185.178.208.130200 OK 34 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/11/Halloween_Ends5.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash f2dd6502043b71b245120730a5a17d4f
6f065d619730f0bccf081593f7897dc20a8fd5cd
e6cbf20a531d2fab7f96ffa775df952618075fcf48dd269f5617b9e88d308107
GET /wp-content/uploads/2022/11/Halloween_Ends5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 13 Dec 2022 20:52:45 GMT
content-type: image/gif
content-length: 34140
last-modified: Sat, 05 Nov 2022 06:08:36 GMT
etag: "6365fde4-855c"
expires: Tue, 20 Dec 2022 20:52:45 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 386998
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif
185.178.208.130200 OK 40 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash e77f0b8630fddaa60f4af4a3a38b1224
7b49bd428fbc28c1ca7acac32ce6aca443053eab
ceb169c22fda9f4739637944673372e7d2d2476778075b689eda5f292cad951d
GET /wp-content/uploads/2022/08/Minions_The_Rise_of_Gru4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 11:29:48 GMT
content-type: image/gif
content-length: 40272
last-modified: Tue, 02 Aug 2022 14:00:46 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "62e92e0e-9d50"
expires: Fri, 16 Dec 2022 08:55:10 GMT
age: 334375
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing4.gif
185.178.208.130200 OK 40 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash defa4b7e5b78b3f54bb63e7971fb128c
f9df4b5376e03cf9672efed4b0415d597b4b61da
11e203114231734a55a865581b268b738a7ff79cea4da8bc0750cca58bfb8366
GET /wp-content/uploads/2022/09/Three_Thousand_Years_of_Longing4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 14:12:09 GMT
content-type: image/gif
content-length: 39834
last-modified: Mon, 19 Sep 2022 19:00:03 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6328bc33-9b9a"
expires: Mon, 19 Dec 2022 14:28:37 GMT
age: 238234
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/Fall5.gif
185.178.208.130200 OK 36 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/Fall5.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 9e1d07d1fcda9b4db2b23ffd054d6640
0e389380b0628fb2a99944804b88b7019370e65c
03be235a9ddabb7abf9b38eee6387311d1ba8aa398d0f8f74bbc89535fbbfc2b
GET /wp-content/uploads/2022/09/Fall5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 14:17:09 GMT
content-type: image/gif
content-length: 36342
last-modified: Fri, 02 Sep 2022 14:32:42 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6312140a-8df6"
expires: Sat, 17 Dec 2022 07:16:02 GMT
age: 497134
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 729
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 18 Dec 2022 08:22:43 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
gnula.nu/wp-content/uploads/2022/07/Lightyear4.gif
185.178.208.130200 OK 33 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/07/Lightyear4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash bc414fdcadd43283ba463097b1de3d92
bff73ee95800371b3e50dee1fbdd691095dddd92
11232c7a182b06dd91a0d706fd48d0cea7fa9f3817ea606c368d1320cf0490b5
GET /wp-content/uploads/2022/07/Lightyear4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 13 Dec 2022 22:24:33 GMT
content-type: image/gif
content-length: 33003
last-modified: Thu, 14 Jul 2022 16:51:11 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "62d0497f-80eb"
expires: Sat, 17 Dec 2022 21:11:12 GMT
age: 381490
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c1a54be2f807717c663ae56fe3a1f0e6
0afbdebd95989a47f42373166997f27536dc8c9d
9adadb6966c57bbe3e5efbe302e54eeb2bb2364259796b6fa376bf0b956179a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ADADB6966C57BBE3E5EFBE302E54EEB2BB2364259796B6FA376BF0B956179A7"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20372
Expires: Sun, 18 Dec 2022 14:02:15 GMT
Date: Sun, 18 Dec 2022 08:22:43 GMT
Connection: keep-alive
gnula.nu/wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif
185.178.208.130200 OK 27 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 86a76e72f8f96c44d0347bdda79d056d
8007d4a92aafc7a13956c4cbb02d3a0020cb6026
cf784b3c1dda6a1870ccfa4902b760f53a063f44e8f3d7374d1db1852938c2c2
GET /wp-content/uploads/2021/01/The_Croods_A_New_Age5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 13:22:05 GMT
content-type: image/gif
content-length: 27011
last-modified: Sat, 02 Jan 2021 14:04:12 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ff07d5c-6983"
expires: Fri, 16 Dec 2022 11:07:43 GMT
age: 500438
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/11/Black_Adam4.gif
185.178.208.130200 OK 33 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/11/Black_Adam4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash eeb25bdd8c538037b393efbb6cbf9ec7
0f2013a4a0f5ff16b71dd49191727b6ec79f9204
487eb2a86630f85ced8acde914c76eae0cfce18dd8f8e8dcd6b4f832bfa09590
GET /wp-content/uploads/2022/11/Black_Adam4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 05:39:38 GMT
content-type: image/gif
content-length: 32715
last-modified: Wed, 16 Nov 2022 04:54:50 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "63746d1a-7fcb"
expires: Sat, 17 Dec 2022 16:55:50 GMT
age: 355385
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/11/La_fracture3.gif
185.178.208.130200 OK 5.1 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/11/La_fracture3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 6071a88502aec64d4055e4be8a8a0dcc
896b3a7a3b28acd15cfcd9e62aa4a62a180d6f0f
be0a5e80eef5685a401a3b6b09514ef5d78481780588e6dbcf5b0efa7db01678
GET /wp-content/uploads/2021/11/La_fracture3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 06:43:59 GMT
content-type: image/gif
content-length: 5104
last-modified: Mon, 29 Nov 2021 14:16:45 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "61a4e0cd-13f0"
expires: Thu, 22 Dec 2022 06:43:59 GMT
age: 265124
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2022/09/One_Way3.gif
185.178.208.130200 OK 5.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/09/One_Way3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 55b72fe1f1d8e1846314fa1fcc87dea8
c1bfdd45a5e721e48399f585269a31d52a7014d8
6e90a7779701b8a95f079f9c3130fb6ca3f4f4dd3188311ca396ed89703f7762
GET /wp-content/uploads/2022/09/One_Way3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 16:02:28 GMT
content-type: image/gif
content-length: 5861
last-modified: Mon, 19 Sep 2022 14:30:48 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "63287d18-16e5"
expires: Wed, 21 Dec 2022 12:10:34 GMT
age: 231615
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 157b62091fad279063f540564a4c72e6
9db33b844db31eed03695c97daf4c84a4d7d265f
92904432175c023613dea4d660d2c9098e00b7f3b628c8519bf5b404cad450a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2022/08/Heroes_de_barrio3.gif
185.178.208.130200 OK 4.2 kB URL HTTP/2 gnula.nu/wp-content/uploads/2022/08/Heroes_de_barrio3.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 54 x 83\012- data
Hash 1625270919acbbbd379d863032ead032
3371037a16245c21cb7115d1692c4ea11c36e604
1af653a6e03cef278b0014030130095200a5eef0c2d80a7867c387dc80867d6c
GET /wp-content/uploads/2022/08/Heroes_de_barrio3.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 20:43:30 GMT
content-type: image/gif
content-length: 4229
last-modified: Tue, 02 Aug 2022 15:34:13 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "62e943f5-1085"
expires: Sun, 18 Dec 2022 09:36:45 GMT
age: 301153
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 07013e28466ba007efcc7fadf7ef16b5
22eede56d603898aea68f6c351f2452ad9be5664
90cd70231258c8675498b49cf2c3a38ff62884a373fa576da0378b0c093564cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2021/09/Free_Guy5.gif
185.178.208.130200 OK 40 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/09/Free_Guy5.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash a46cc3cd01e9889ea09d14ec81ad1fbe
d462507245493576e505040bf0de984f2e490a4f
652a376a1bef35a690e3ca8a3ad646f5d71d291b4e430f09a7f7589575e0244a
GET /wp-content/uploads/2021/09/Free_Guy5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 17 Dec 2022 21:14:21 GMT
content-type: image/gif
content-length: 40539
last-modified: Wed, 29 Sep 2021 04:25:52 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6153ead0-9e5b"
expires: Sat, 24 Dec 2022 21:11:22 GMT
age: 40102
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif
185.178.208.130200 OK 33 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash dce8ec7cdeee2deca8a5de066915e400
abb2f56e5f7c7a9c7d43762f73f2579d9fbc026d
3a7a5f3ce2f8e0930b9813442c60e2b04c701f713bb390061d424acf5560c3f1
GET /wp-content/uploads/2021/09/Dear_Evan_Hansen4.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 17:37:51 GMT
content-type: image/gif
content-length: 33142
last-modified: Mon, 20 Sep 2021 02:11:32 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6147edd4-8176"
expires: Wed, 21 Dec 2022 00:35:25 GMT
age: 312292
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2021/05/Chaos_Walking5.gif
185.178.208.130200 OK 36 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/05/Chaos_Walking5.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 8cbe83232e067e85f193643cff4733db
0b6476a4dbf52899cf9dc3b1b36743cfafcbbfa0
416115705b0e961e14f589b577a4b9096cf4c8bdb5f31ca3edb61b90b4947cac
GET /wp-content/uploads/2021/05/Chaos_Walking5.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 05:37:55 GMT
content-type: image/gif
content-length: 35478
last-modified: Sat, 08 May 2021 22:27:16 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "60971044-8a96"
expires: Thu, 22 Dec 2022 10:23:30 GMT
age: 182688
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2021/01/Promising_Young_Woman6.gif
185.178.208.130200 OK 31 kB URL HTTP/2 gnula.nu/wp-content/uploads/2021/01/Promising_Young_Woman6.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 215 x 269\012- data
Hash 4f4d7e501b001996cf36e22084e3dc36
5a20254f715aea63e3af30da9e5968660cdb5b8e
f1f91761b558400b145c7672943ae3e766e3491b5015e6a120bc260528e6dba7
GET /wp-content/uploads/2021/01/Promising_Young_Woman6.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 10:56:19 GMT
content-type: image/gif
content-length: 31093
last-modified: Fri, 15 Jan 2021 01:35:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6000f166-7975"
expires: Sat, 17 Dec 2022 05:44:45 GMT
age: 249984
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.94.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.94.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UFGvPRL12st5PLpdJG54DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2Q7uimqyR1GDucjMHEydNtkcMJk=
hangersbozal.com/flRBO2UBwE6d/27199
23.109.248.182200 OK 26 B URL HTTP/1.1 hangersbozal.com/flRBO2UBwE6d/27199
IP 23.109.248.182:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /flRBO2UBwE6d/27199 HTTP/1.1
Host: hangersbozal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 08:22:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 19-Dec-2022 08:22:43 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 19-Dec-2022 08:22:43 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b09c5fd392d9d40a99ab4c70e59fd24e
40e39676ca8052fd8b9eab501750f0011737f507
8c2b60b0ec0a8121d5c5a8dda2ec1a57b923efe10246386262f359f6a458cdcd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/prose/brandjs.js
142.250.74.35200 OK 5.8 kB URL HTTP/2 www.gstatic.com/prose/brandjs.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (1352)
Hash 10aa07ab4f7de5535f4cafe167ca4fa7
6c804574a29f9d8a77ed2823a7879e56dbc42c22
d111484a9bceee10b129b20ebd4ead4639b5d7dd78117522249195fb84db3cf0
GET /prose/brandjs.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gnula.nu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 5807
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Dec 2022 09:07:35 GMT
expires: Sun, 18 Dec 2022 09:07:35 GMT
cache-control: public, max-age=86400
age: 83708
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/images/li2.gif
185.178.208.130200 OK 2.0 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/li2.gif
IP 185.178.208.130:0
File type GIF image data, version 89a, 210 x 25\012- data
Hash dd9cca90bdfe16a9a85b6e46f57bb97f
c1a797f881f789f111df30455369e05439856211
54f6772dc8d1466e269ea4da0435d09751b740226bcb57e336abf066459e484a
GET /wp-content/themes/charcoal2/images/li2.gif HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 19:20:36 GMT
content-type: image/gif
content-length: 2043
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-7fb"
expires: Wed, 21 Dec 2022 19:18:13 GMT
age: 306127
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08027148764e318ac4316df76dddb657
0e5fcb1b643e0cf2a14206768311d9f73924847c
ba78a49e55781ba46426f21fb8682af29e55bbaf4dd6c275793ca2fe313073bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA78A49E55781BA46426F21FB8682AF29E55BBAF4DD6C275793CA2FE313073BF"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19631
Expires: Sun, 18 Dec 2022 13:49:54 GMT
Date: Sun, 18 Dec 2022 08:22:43 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2014/04/heada.jpg
185.178.208.130200 OK 90 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/04/heada.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:22 16:36:42], progressive, precision 8, 1200x116, components 3\012- data
Hash 50f9a92c99bb8560a4108909327f1314
3b964b1dd35ae34c5c0bbc931a3e650e47546061
da7095ec43fb09c4c5fde2546ac40a15fca9ad785a44a5bd00cf1963128243ac
GET /wp-content/uploads/2014/04/heada.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 13 Dec 2022 09:25:31 GMT
content-type: image/jpeg
content-length: 89782
last-modified: Wed, 20 May 2020 00:18:30 GMT
etag: "5ec47756-15eb6"
expires: Tue, 20 Dec 2022 09:25:31 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 428232
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2014/04/headb.jpg
185.178.208.130200 OK 46 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/04/headb.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:22 16:48:18], progressive, precision 8, 1200x65, components 3\012- data
Hash a464117e8d7a6e49becab8e33d3ef73c
39d4580fb9e397dc824075dc0100a5973ca4e2a7
b158e64c80b09edb16ca4ad107d62dbf4aa81e5bb684bd81dbdfb38447b2f241
GET /wp-content/uploads/2014/04/headb.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 11 Dec 2022 16:29:52 GMT
content-type: image/jpeg
content-length: 45487
last-modified: Wed, 20 May 2020 00:18:31 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec47757-b1af"
expires: Sun, 18 Dec 2022 16:28:58 GMT
age: 575571
X-Firefox-Spdy: h2
murkilyergots.com/gcgLKdwzr0hh/33424
23.109.87.154200 OK 26 B URL HTTP/1.1 murkilyergots.com/gcgLKdwzr0hh/33424
IP 23.109.87.154:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gcgLKdwzr0hh/33424 HTTP/1.1
Host: murkilyergots.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 08:22:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 19-Dec-2022 08:22:43 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 19-Dec-2022 08:22:43 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
hangersbozal.com/flRBO2UBwE6d/27199
23.109.248.182200 OK 26 B URL HTTP/1.1 hangersbozal.com/flRBO2UBwE6d/27199
IP 23.109.248.182:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /flRBO2UBwE6d/27199 HTTP/1.1
Host: hangersbozal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 08:22:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gnula.nu
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
gnula.nu/wp-content/themes/charcoal2/images/title2.jpg
185.178.208.130200 OK 13 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/title2.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=80, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=733], progressive, precision 8, 733x80, components 3\012- data
Hash 7e3bba5148383e024e7c60df9f45f50e
fdda5141ebad4e113e7474978a8b7f243b399488
69e8a33827a670237dddcabf6be05afa3de58f0bc4be2c19baa6840a033ef4fc
GET /wp-content/themes/charcoal2/images/title2.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 17 Dec 2022 19:47:31 GMT
content-type: image/jpeg
content-length: 12871
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-3247"
expires: Wed, 21 Dec 2022 02:35:52 GMT
age: 45312
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/images/cover.jpg
185.178.208.130200 OK 7.9 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/cover.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:22 18:36:21], progressive, precision 8, 733x1, components 3\012- data
Hash c112f3224ed14bb42edf832fb372b7ed
b8fa50269e145cdff0e133e9200240881409affa
3ef5c51a9b84f59b50fa0b4bcf5f007a7f431d0b1ad305d1488a108341d3ea97
GET /wp-content/themes/charcoal2/images/cover.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 13 Dec 2022 17:26:52 GMT
content-type: image/jpeg
content-length: 7863
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-1eb7"
expires: Sat, 17 Dec 2022 21:11:12 GMT
age: 399351
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/images/meta2.jpg
185.178.208.130200 OK 10 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/meta2.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=36, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=733], progressive, precision 8, 733x36, components 3\012- data
Hash d4ff51ac76dfed6d096597e3df76dd53
456558d04e04ea784a950ea752d35411e6b98bde
29c63951fe970b00a8d5da4c56da57e1b225abf9f5fc4e62fae7e6d40659a5c8
GET /wp-content/themes/charcoal2/images/meta2.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 15:18:39 GMT
content-type: image/jpeg
content-length: 10093
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
etag: "5ec470b1-276d"
expires: Mon, 19 Dec 2022 15:18:39 GMT
age: 493444
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2016/06/Only_the_Dead_poster_usa.jpg
185.178.208.130200 OK 238 kB URL HTTP/2 gnula.nu/wp-content/uploads/2016/06/Only_the_Dead_poster_usa.jpg
IP 185.178.208.130:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2016:06:05 13:33:39], baseline, precision 8, 394x512, components 3\012- data
Size 238 kB (237746 bytes)
Hash a4066e1ccbf14205c1fbf6d536a42842
3538e1dcf40f7538e26aee749fd613c2d74eeb47
b0f8e2b22bc864ebc582d91193acef389a7b104cb867dfa96aabfdfc23023a8d
GET /wp-content/uploads/2016/06/Only_the_Dead_poster_usa.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 08:22:43 GMT
content-type: image/jpeg
content-length: 237746
last-modified: Wed, 20 May 2020 00:18:42 GMT
etag: "5ec47762-3a0b2"
expires: Sun, 25 Dec 2022 08:22:43 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/images/footer.jpg
185.178.208.130200 OK 12 kB URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/images/footer.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:22 19:48:35], progressive, precision 8, 1200x72, components 3\012- data
Hash 2c6aad12cf0fdab93b1e0a1829e16e32
0920b41cd4d2f0f2b8fb42d992dfdddbc51ea67f
ab6ff958174c2bbf87bebd765f638b90904f63f31c85ce3e0159b67ca489d3b5
GET /wp-content/themes/charcoal2/images/footer.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/wp-content/themes/charcoal2/style.css
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 17:37:53 GMT
content-type: image/jpeg
content-length: 11906
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec470b1-2e82"
expires: Wed, 21 Dec 2022 00:35:28 GMT
age: 312290
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb4a6af38760f2ee978b27d3480c161d
70a7e13e7827df61dcb48b12f8bc76b3b81e3902
9cd1c144368c023396cc8338d0fcee52ca51b222cc662569840567fbb04d78a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CD1C144368C023396CC8338D0FCEE52CA51B222CC662569840567FBB04D78A1"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10581
Expires: Sun, 18 Dec 2022 11:19:04 GMT
Date: Sun, 18 Dec 2022 08:22:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 496d96f69203ab6ad46a661482df3c81
1e09de48fbd4df599eab45d9339ebf6cee9825d7
b43e2510e05b3ca9adfc47f8526c71c732b3f530bd1ecec189a21b777f131498
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: max-age=113974
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Etag: "639dd583-1d7"
Expires: Mon, 19 Dec 2022 16:02:17 GMT
Last-Modified: Sat, 17 Dec 2022 14:43:15 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
gnula.nu/wp-content/uploads/2017/01/streamplaylogo.jpg
185.178.208.130200 OK 12 kB URL HTTP/2 gnula.nu/wp-content/uploads/2017/01/streamplaylogo.jpg
IP 185.178.208.130:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2017:01:24 16:57:46], baseline, precision 8, 120x25, components 3\012- data
Hash 820f193a7ce6cee340a1b99d0e40e1f6
872011ba0d00967d41f1e35f5d5fc96e6f89db1a
e90ea0d7233d8cd44802e8f6980a7a84fcfed29e77dcc1e748e2737d662d934f
GET /wp-content/uploads/2017/01/streamplaylogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 20:37:21 GMT
content-type: image/jpeg
content-length: 12037
last-modified: Wed, 20 May 2020 00:18:26 GMT
etag: "5ec47752-2f05"
expires: Wed, 21 Dec 2022 20:37:21 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 301522
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2016/04/flashx_logo_icono.jpg
185.178.208.130200 OK 11 kB URL HTTP/2 gnula.nu/wp-content/uploads/2016/04/flashx_logo_icono.jpg
IP 185.178.208.130:0
File type JPEG image data, JFIF standard 1.02, resolution (DPCM), density 28x28, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS4 Windows, datetime=2016:04:11 17:09:47], baseline, precision 8, 120x25, components 3\012- data
Hash c073fc25099ef5094828a0c34ad66c3b
e1d0ab286599c17f2c158177dbe63e5ddcaf3639
c257d3c45420e52298688db59195c1bfc456dfd219f66b7fc99563331a419e94
GET /wp-content/uploads/2016/04/flashx_logo_icono.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 10:26:58 GMT
content-type: image/jpeg
content-length: 11168
last-modified: Wed, 20 May 2020 00:18:39 GMT
etag: "5ec4775f-2ba0"
expires: Thu, 22 Dec 2022 10:26:58 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 251745
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2017/01/bdlogo.jpg
185.178.208.130200 OK 12 kB URL HTTP/2 gnula.nu/wp-content/uploads/2017/01/bdlogo.jpg
IP 185.178.208.130:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2017:01:09 11:58:03], baseline, precision 8, 120x25, components 3\012- data
Hash 876185df288cfbe7ee8579c35a60a6e2
b5a2604e5773b34627d0a3d473615808893f5f1e
198156f44a96a645e67e8a0806d7aae7f1c6c1b927c20c6abe40f903d464f69f
GET /wp-content/uploads/2017/01/bdlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 17:16:34 GMT
content-type: image/jpeg
content-length: 12383
last-modified: Wed, 20 May 2020 00:18:27 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec47753-305f"
expires: Sun, 18 Dec 2022 18:53:14 GMT
age: 486369
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2014/03/streamlogo.jpg
185.178.208.130200 OK 11 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/03/streamlogo.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:29 20:20:02], progressive, precision 8, 120x25, components 3\012- data
Hash aa76e27b50dc1f64b3b86965865a938f
909bb632995d0ed0e9488bddb58db08997855fcb
6a9785c81021e3f738d420bb27c23228c0eb0922ac7f047d4fe5c3ffd6afcc99
GET /wp-content/uploads/2014/03/streamlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 22:15:22 GMT
content-type: image/jpeg
content-length: 10955
last-modified: Wed, 20 May 2020 00:18:35 GMT
etag: "5ec4775b-2acb"
expires: Thu, 22 Dec 2022 22:15:22 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 209241
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2017/02/userscloud_logo.jpg
185.178.208.130200 OK 12 kB URL HTTP/2 gnula.nu/wp-content/uploads/2017/02/userscloud_logo.jpg
IP 185.178.208.130:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2017:02:24 17:46:47], baseline, precision 8, 120x25, components 3\012- data
Hash fe0691e9ceba1cfa2b0eb9a24517d26c
9e556175e16273195a486791a40ce4b57d122039
8bac77c9acdba12cb6a0b63592559d6625e246b9638530b3c4a92d0179c62a03
GET /wp-content/uploads/2017/02/userscloud_logo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 09:09:15 GMT
content-type: image/jpeg
content-length: 12143
last-modified: Wed, 20 May 2020 00:18:22 GMT
etag: "5ec4774e-2f6f"
expires: Fri, 23 Dec 2022 09:09:15 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 170008
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2015/03/openloadlogo.jpg
185.178.208.130200 OK 11 kB URL HTTP/2 gnula.nu/wp-content/uploads/2015/03/openloadlogo.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2015:03:29 15:15:09], baseline, precision 8, 120x25, components 3\012- data
Hash 15d4e6f382ee94b9d9230920c881b6e7
fb5a6daf812dd9c971bee24004aba6e76777d2cb
9178ee0072e9a0f0c2c3f4c74dd9af0a6a9b9fd3c128b3e63d2eb1a457ccd1ce
GET /wp-content/uploads/2015/03/openloadlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 09:09:15 GMT
content-type: image/jpeg
content-length: 10776
last-modified: Wed, 20 May 2020 00:19:18 GMT
etag: "5ec47786-2a18"
expires: Fri, 23 Dec 2022 09:09:15 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 170008
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2014/11/uptoboxlogo.jpg
185.178.208.130200 OK 15 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/11/uptoboxlogo.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS5 Windows, datetime=2014:11:09 16:09:18], baseline, precision 8, 120x25, components 3\012- data
Hash b1293684b940b0a121cd5fef371bf248
ef2f3785dfd4a95159c53981bf16e9dc620068e4
fef8a80115e0dc42784d442204536dc7085770193c4549ca7cb070ca69c4cb04
GET /wp-content/uploads/2014/11/uptoboxlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 17:31:11 GMT
content-type: image/jpeg
content-length: 14655
last-modified: Wed, 20 May 2020 00:18:34 GMT
etag: "5ec4775a-393f"
expires: Thu, 22 Dec 2022 17:31:11 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 226293
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2014/08/powvideologo.jpg
185.178.208.130200 OK 13 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/08/powvideologo.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2014:08:07 12:24:51], progressive, precision 8, 120x25, components 3\012- data
Hash b5a70ab6f979625d56428f38845b0585
722a725e9079675de26f4819a2ea355af5bcb365
a70828377c541df6d2f61b16bb705e200795a643816ee9eb5218d3c3cc4c10e3
GET /wp-content/uploads/2014/08/powvideologo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 12 Dec 2022 19:13:16 GMT
content-type: image/jpeg
content-length: 12692
last-modified: Wed, 20 May 2020 00:18:36 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec4775c-3194"
expires: Sun, 18 Dec 2022 15:08:35 GMT
age: 479367
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2014/03/teelogo.jpg
185.178.208.130200 OK 1.9 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/03/teelogo.jpg
IP 185.178.208.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Picasa], baseline, precision 8, 120x25, components 3\012- data
Hash 79aa34a85d291706678d412586288e69
a49e3d3f00afa76d8752f3ac354e5923516b87a9
f2542be2bbff5095b6a0458ffd7b9f81dbe35cbe4663d558af58b6fdd75311c8
GET /wp-content/uploads/2014/03/teelogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 11:27:48 GMT
content-type: image/jpeg
content-length: 1869
last-modified: Wed, 20 May 2020 00:18:35 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec4775b-74d"
expires: Wed, 21 Dec 2022 01:00:16 GMT
age: 248095
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2015/07/streaminlogo.jpg
185.178.208.130200 OK 11 kB URL HTTP/2 gnula.nu/wp-content/uploads/2015/07/streaminlogo.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS5 Windows, datetime=2015:07:10 13:13:03], baseline, precision 8, 120x25, components 3\012- data
Hash 1a984b3a5a5f82ab7521e636e4eb9c2f
d854c8118c4da80e5c1aed184d733d8d85745626
3f22eb1fa2f3c037be6d2b473c462cb9870b67dffc0b5e9d1b7003b70121c9db
GET /wp-content/uploads/2015/07/streaminlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 17 Dec 2022 03:47:00 GMT
content-type: image/jpeg
content-length: 10761
last-modified: Wed, 20 May 2020 00:19:20 GMT
etag: "5ec47788-2a09"
expires: Sat, 24 Dec 2022 03:47:00 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 102943
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2014/03/logouplonee.jpg
185.178.208.130200 OK 12 kB URL HTTP/2 gnula.nu/wp-content/uploads/2014/03/logouplonee.jpg
IP 185.178.208.130:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:10:26 10:57:01], progressive, precision 8, 120x25, components 3\012- data
Hash 986778606a0fe42fb4c7634297518f12
b1d1b78683e7a6ba7197af4b8615239dd38247d5
3a364228f9e7852095a9f96fe04532684a1fc3146d9481e1c2a33e20449708d7
GET /wp-content/uploads/2014/03/logouplonee.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 14 Dec 2022 13:55:24 GMT
content-type: image/jpeg
content-length: 11951
last-modified: Wed, 20 May 2020 00:18:35 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec4775b-2eaf"
expires: Sun, 18 Dec 2022 05:16:56 GMT
age: 325639
X-Firefox-Spdy: h2
gnula.nu/wp-content/uploads/2017/03/uploadionlogo.jpg
185.178.208.130200 OK 16 kB URL HTTP/2 gnula.nu/wp-content/uploads/2017/03/uploadionlogo.jpg
IP 185.178.208.130:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2017:03:27 15:46:48], baseline, precision 8, 120x25, components 3\012- data
Hash c72c0783c5f9c5343e5a2f70ac05982f
0371ec5b30489f26f893d92de675c3497de67be4
95652622c17dcbf74689cffabc7bbba057c3a5ade07cfc3e6bf00b5dbc2ef46e
GET /wp-content/uploads/2017/03/uploadionlogo.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 17 Dec 2022 07:11:03 GMT
content-type: image/jpeg
content-length: 15886
last-modified: Wed, 20 May 2020 00:18:25 GMT
etag: "5ec47751-3e0e"
expires: Sat, 24 Dec 2022 07:11:03 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 90700
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fdocumental%2Fver-only-the-dead-2015-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fdocumental%2Fver-only-the-dead-2015-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fgnula.nu%2Fdocumental%2Fver-only-the-dead-2015-online%2F&layout=button_count&show_faces=false&width=100&action=like&colorscheme=light HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: VDkAp29WIhhbjHTJ/s+6REiR1ITFtuwrmD2Mms9P8GgFUXWIljyxPe81TEY4YP80aea7aC5sntNbJqqC/a5mYQ==
content-length: 0
date: Sun, 18 Dec 2022 08:22:43 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb4a6af38760f2ee978b27d3480c161d
70a7e13e7827df61dcb48b12f8bc76b3b81e3902
9cd1c144368c023396cc8338d0fcee52ca51b222cc662569840567fbb04d78a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CD1C144368C023396CC8338D0FCEE52CA51B222CC662569840567FBB04D78A1"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6001
Expires: Sun, 18 Dec 2022 10:02:44 GMT
Date: Sun, 18 Dec 2022 08:22:43 GMT
Connection: keep-alive
gnula.nu/documental/ver-only-the-dead-2015-online/
185.178.208.130200 OK 0 B URL HTTP/2 gnula.nu/documental/ver-only-the-dead-2015-online/
IP 185.178.208.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /documental/ver-only-the-dead-2015-online/ HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/documental/ver-only-the-dead-2015-online/
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 18 Dec 2022 08:22:43 GMT
content-type: text/html; charset=UTF-8
link: <https://gnula.nu/wp-json/>; rel="https://api.w.org/", <https://gnula.nu/wp-json/wp/v2/posts/178423>; rel="alternate"; type="application/json", <https://gnula.nu/?p=178423>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2
grunoaph.net/tag.min.js
139.45.197.238200 OK 24 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9c2d6b1489d7384ea1531272c490ed1e
daa14cf1f173e9c3cf9c99c788b18ce7bc7e2f96
6b26ddfd104337ca3705d7071110bcd9de793d32659ae80b8ee465a6fea35a60
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 23551
content-encoding: br
x-trace-id: 937a3c44a74f5d8cae6a233224e59a2b
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 16 Dec 2022 15:55:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ebce2554e5db01512dfa6f2f369e4af7
8d05148599bdc07bb05bc5bd198070768d9a232f
fb409b3bed7d8e10a9f8d80f389d77719e1a65a39e22972817dfc63550cce133
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB409B3BED7D8E10A9F8D80F389D77719E1A65A39E22972817DFC63550CCE133"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2426
Expires: Sun, 18 Dec 2022 09:03:09 GMT
Date: Sun, 18 Dec 2022 08:22:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 496d96f69203ab6ad46a661482df3c81
1e09de48fbd4df599eab45d9339ebf6cee9825d7
b43e2510e05b3ca9adfc47f8526c71c732b3f530bd1ecec189a21b777f131498
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4742
Cache-Control: max-age=113974
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Etag: "639dd583-1d7"
Expires: Mon, 19 Dec 2022 16:02:17 GMT
Last-Modified: Sat, 17 Dec 2022 14:43:15 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgnula.nu
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgnula.nu
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fgnula.nu HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 99736
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 18 Dec 2022 08:22:43 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 9e23511c7cd0c79c59b516e4420f85eb
2bd842a5f55f467cbfb9372c0aa8e7433d37d70e
18b67f79930fae2f082743b89200296ac154a572d175f709da7cb9a26de25a62
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 08:22:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Dec 2022 04:34:31 GMT
ETag: "2bd842a5f55f467cbfb9372c0aa8e7433d37d70e"
Last-Modified: Sun, 18 Dec 2022 04:34:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1360
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b67e0c3c011c0e-OSL
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c1766547facf2a7b2db271be6354a26f
172fb997da2d58b32acef5e4f27fa17571ef3097
4cb98d3ba82a3b97ca742e01843b0b6660496c0b6c48bd7becb2e5eb83ab0f5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4CB98D3BA82A3B97CA742E01843B0B6660496C0B6C48BD7BECB2E5EB83AB0F5B"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Sun, 18 Dec 2022 14:22:21 GMT
Date: Sun, 18 Dec 2022 08:22:43 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 18 Dec 2022 07:34:02 GMT
expires: Sun, 18 Dec 2022 09:34:02 GMT
cache-control: public, max-age=7200
age: 2921
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 953635cff82596ecfcbd7ff83474031a
5ea2fa051d49d203df6582bc273639a90348f8d2
bb63f27f12c917fccddd13680972fc6e12a8e0e4dcb9b9340f7f911c8b1db9ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 157b62091fad279063f540564a4c72e6
9db33b844db31eed03695c97daf4c84a4d7d265f
92904432175c023613dea4d660d2c9098e00b7f3b628c8519bf5b404cad450a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gnula.nu/wp-content/uploads/2015/06/natsu_incono_gnula.jpg
185.178.208.130200 OK 2.8 kB URL HTTP/2 gnula.nu/wp-content/uploads/2015/06/natsu_incono_gnula.jpg
IP 185.178.208.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 59x45, components 3\012- data
Hash 00a0e9802138dd13d3433dc8a8892dc5
27f4b2b80e9fc682d63953d08ef14457dd8ae6ac
ad0ebb72ed8394e48ffaf5ef59244ccfe0f5af7a43df06fd7061b068f4a91df2
GET /wp-content/uploads/2015/06/natsu_incono_gnula.jpg HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 15 Dec 2022 16:32:56 GMT
content-type: image/jpeg
content-length: 2761
last-modified: Wed, 20 May 2020 00:19:16 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5ec47784-ac9"
expires: Thu, 22 Dec 2022 15:51:48 GMT
age: 229788
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash cd7c9e7a27924ffc2cf89c11782fcda3
700975fc5b2097863ae7eeed72b5b46a6842f278
afdb810c06078f4223627528c78c47c79997864ffee486f56b15860d72eb7036
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5214
Cache-Control: max-age=166236
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:44 GMT
Etag: "639e9fd2-139"
Expires: Tue, 20 Dec 2022 06:33:20 GMT
Last-Modified: Sun, 18 Dec 2022 05:06:26 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c1766547facf2a7b2db271be6354a26f
172fb997da2d58b32acef5e4f27fa17571ef3097
4cb98d3ba82a3b97ca742e01843b0b6660496c0b6c48bd7becb2e5eb83ab0f5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4CB98D3BA82A3B97CA742E01843B0B6660496C0B6C48BD7BECB2E5EB83AB0F5B"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21577
Expires: Sun, 18 Dec 2022 14:22:21 GMT
Date: Sun, 18 Dec 2022 08:22:44 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f5715bf6f14616e5231af16293c37f7b
c7705e7ffb12c63095664823cd11af8868e28b6f
2b7205371d7a48322eb985a4fa3948d44959d55c53862939c0d4e0f747c21ae9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hqq.tv/js/embed.205.js?736
190.115.19.71200 OK 40 kB URL HTTP/2 hqq.tv/js/embed.205.js?736
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (3414)
Hash 61f129d31f3e10e49621bef803592a37
244c781d1e93fc86164d82e981e394048e3fb6d2
b40fbb2563aa771a7d003481145cf770173cb04346048eabf25a4704369d0b89
GET /js/embed.205.js?736 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=cej999o1hYBTgFkKkulh; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Mon, 17 Oct 2022 10:45:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
etag: W/"62ec0ae6-298ce"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 5348215
ddg-cache-status: HIT,MISS
content-length: 39538
X-Firefox-Spdy: h2
hqq.tv/styles/global/embed_player.3.css?130
190.115.19.71200 OK 1.6 kB URL HTTP/2 hqq.tv/styles/global/embed_player.3.css?130
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 8e6c46db0d3b9b09cb250529f4e92245
78ccfc915538c39e35acb536eca217f2f12e7a0e
7a8726525e4b7e4a725b96f82dafba6d1da8b54d71c5d02144aca8b7d306bf65
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=pdvtDQwKSUOpsoRMdJDU; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Mon, 17 Oct 2022 10:45:50 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 5348216
ddg-cache-status: HIT,MISS
content-length: 1623
X-Firefox-Spdy: h2
hqq.tv/styles/global/segment.css?11
190.115.19.71200 OK 267 B URL HTTP/2 hqq.tv/styles/global/segment.css?11
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 4275df640189402f416d44d6eefad35a
c279cbd3e9b082c6e9fbf92fa095db874bc6981a
69b78dd3f38ee6fbca7b8952cb4fc4f99ad6c2710576c251b177c3ab5449da7a
GET /styles/global/segment.css?11 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=apTE2ep15Q56JrN7a5GR; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Mon, 17 Oct 2022 10:55:22 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Mar 2019 16:12:54 GMT
etag: W/"5c8e7206-268"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 5347642
ddg-cache-status: HIT,MISS
content-length: 267
X-Firefox-Spdy: h2
hqq.tv/styles/cbv2new/theme/embed_menu.css?21
190.115.19.71200 OK 2.5 kB URL HTTP/2 hqq.tv/styles/cbv2new/theme/embed_menu.css?21
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 75f50314e0fbc4af465ae8cd12df3928
d9a2b3867dad7c5e3da4742b3508ee9dd9ff687e
f987f72dbaf27541c5718238775af6b22c53898476e6147efcdd5397cbc22f05
GET /styles/cbv2new/theme/embed_menu.css?21 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=H3OkyCur2f2fuVqrMzLa; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Mon, 17 Oct 2022 10:45:58 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 02 Dec 2020 01:21:09 GMT
etag: W/"5fc6ec05-26c0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 5348206
ddg-cache-status: HIT,MISS
content-length: 2519
X-Firefox-Spdy: h2
hqq.tv/js/segment.7.js?157
190.115.19.71200 OK 2.3 kB URL HTTP/2 hqq.tv/js/segment.7.js?157
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash e38436a08b346696925e3683d44a2839
51462a7f81aa426d40b94854845a9811432c659f
5d75e6e48369762f3752139f02a131bbb5036d02df13c4b571ec3048cbec4c6a
GET /js/segment.7.js?157 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=LV5unWtrL0LS2X1nZlUP; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Mon, 17 Oct 2022 10:46:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Dec 2021 17:25:16 GMT
etag: W/"61b38d7c-1c01"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 5348200
ddg-cache-status: HIT,MISS
content-length: 2258
X-Firefox-Spdy: h2
hqq.tv/js/d_check.js?34
190.115.19.71200 OK 1.0 kB IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (821)
Hash 841e4af4332ce934406a4e59a063aa98
fd8429c4c48157e134268b448d713b642f461af6
fde29879f9e4795b74c36aa1a23b32f35f5f67131fc914be72e42f1fff8740d3
GET /js/d_check.js?34 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=FbDL7FiRXfVlmQ4H03A8; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Mon, 17 Oct 2022 10:54:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 5347666
ddg-cache-status: HIT,MISS
content-length: 1028
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 3.3 kB IP 93.184.220.29:0
Hash a7a27971c52481d2811fa1fbf6b368f2
bf859e5fcc472b68e7ea03edf3bf8ac7cb41dda5
4c4b7ceeeea90113b0acb4f70ca3187ce71a2e38114d802b6cd015d4fc296d8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2212
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:44 GMT
Last-Modified: Sun, 18 Dec 2022 07:45:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
syndication.twitter.com/settings?session_id=d8f45677ffeb0108b571527661c8cbdadaa1eb35
104.244.42.8200 OK 402 B URL HTTP/2 syndication.twitter.com/settings?session_id=d8f45677ffeb0108b571527661c8cbdadaa1eb35
IP 104.244.42.8:0
File type JSON data\012- , ASCII text, with very long lines (1109), with no line terminators
Hash 20129f6ba74cadb768c12cfebff99625
744c5248ab9712adf0179067dbadae75464f7383
53476bf04ddc3dbf9b75ba3f96f28a345c9cac4d9f7b0f57f901870692a4acf2
GET /settings?session_id=d8f45677ffeb0108b571527661c8cbdadaa1eb35 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:44 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 18 Dec 2022 08:22:44 GMT
content-length: 402
content-encoding: gzip
x-transaction-id: a2ee6f674b551f66
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 111
x-connection-hash: 830ea9df4e48d32266cd4850de8fd2c0e7af0d2264005a9c9a0fe2c80587da90
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d9b18ac6541daf704dd981d6e72a5ab7
4516d6a2850f57ab5f1a4e9e07bf9dc3b43aa7e1
d866c3b16c7dbd7683aa1856b13e9abad1bdf69760fe1aeacc80140c30bda6c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D866C3B16C7DBD7683AA1856B13E9ABAD1BDF69760FE1AEACC80140C30BDA6C2"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Sun, 18 Dec 2022 09:30:45 GMT
Date: Sun, 18 Dec 2022 08:22:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 764 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b2c214d76a49eaef8a2a10093036153
a8ac55cc9a0845a85146e241e42538d57641252c
b72fa5e4ecad40074765508941809e5fd0e434263e8d02d7ae22422756b0100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3AED5D2B06286AE1330D72DDC1BE32FC2F5E853835EC293737CBC26B0FFF096"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5529
Expires: Sun, 18 Dec 2022 09:54:53 GMT
Date: Sun, 18 Dec 2022 08:22:44 GMT
Connection: keep-alive
commentsengine.com/js/js.load.1.js?5323400518121574
188.114.97.1200 OK 0 B URL HTTP/2 commentsengine.com/js/js.load.1.js?5323400518121574
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?5323400518121574 HTTP/1.1
Host: commentsengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 16801089
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAdrooOXY2WVgr6XMPp36PreOJWyut68PCCUInG2Y8QptHwvMdXaxpLpohB9Dmkv%2B8B5o%2FCEITYEPF2JIosC2H5njh%2BsOcZNjskBzzMK5hVh%2BS7CnXIHYEPwqaN%2BlNeNvbg1tgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e0e7f6ab4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ok.ru/res/js/lib/require-2.1.11_1ae533d5.js
217.20.155.13200 OK 5.8 kB URL HTTP/2 ok.ru/res/js/lib/require-2.1.11_1ae533d5.js
IP 217.20.155.13:0
File type ASCII text, with very long lines (16739)
Hash 07e62c9cf1f95e62ea829b62dd9b669b
f3413232a12f65a0cca1fee0694a370dd65e8784
1445394e2f42ae01eaf7724ec39ee5a1ba3fb7bbd14378e7b2389b8730cce93d
GET /res/js/lib/require-2.1.11_1ae533d5.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
content-length: 5789
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:44 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
polldaddy.com/js/rating/rating.js
192.0.123.249200 OK 17 kB URL HTTP/2 polldaddy.com/js/rating/rating.js
IP 192.0.123.249:0
File type ASCII text, with very long lines (562)
Hash 177b8f4db2784425a5ef0f2a3abd558e
0c96f7cd1a176af1a0ee9cccf68342b8497dfb38
e567a2f9c877becaa654809e482f40503ee044adab7bd53718d8bd2af1255b53
GET /js/rating/rating.js HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:43 GMT
content-type: application/javascript
last-modified: Mon, 12 Sep 2022 08:38:20 GMT
vary: Accept-Encoding
etag: W/"631eeffc-3fe3"
expires: Tue, 17 Jan 2023 08:22:43 GMT
cache-control: max-age=2592000
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 404fff8b2eebae447bffa75480d100da
01cbcf269577a6fc2500418ee7b60427f825d858
22ad33b7b45fa08b3f453d68d8024aca32f3ba37e0a8400329ef8fc4e9be3141
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2212
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:44 GMT
Last-Modified: Sun, 18 Dec 2022 07:45:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
my.rtmark.net/gid.js?userId=044c215d7c4f4c73bd064b334f0069d1
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=044c215d7c4f4c73bd064b334f0069d1
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0a811058091514d9ddb6b1c838722399
fb7caa18e5df955d3fcc2cdecd56938fbe0ad429
e2b8a169462730e0387378af67a9f5c469a18d3c2bf9ae0b1cb2f24795c472de
GET /gid.js?userId=044c215d7c4f4c73bd064b334f0069d1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gnula.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=044c215d7c4f4c73bd064b334f0069d1; expires=Mon, 18 Dec 2023 08:22:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
hqq.tv/js/script-2.12.5.js
190.115.19.71200 OK 4.3 kB URL HTTP/2 hqq.tv/js/script-2.12.5.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1242)
Hash 63c6cc05ba344ef5f0e94cf7ad729625
0dde0cb61346e7bf5fb67f0f322be3e00a23da1e
fc751c1b5978b5381f24a0a6e3d55c21294d3ad2fa864064125bdd19885dd760
GET /js/script-2.12.5.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Cookie: uid=VVC7CVjvZw2QR91k0mBMLjg77EjKDKmy
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=FHOJ8RRRsGZfxl0jPpgk; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Mon, 17 Oct 2022 10:54:59 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 5347665
ddg-cache-status: HIT,MISS
content-length: 4344
X-Firefox-Spdy: h2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
172.217.21.163200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 172.217.21.163:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 20:43:51 GMT
expires: Fri, 15 Dec 2023 20:43:51 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 09 Dec 2022 07:08:34 GMT
content-type: text/javascript
age: 214733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
93.184.220.66200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7017), with no line terminators
Hash 83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 99734
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Sun, 18 Dec 2022 08:22:44 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash d10b3a0f1d339af73960b54631443769
b310e70595bc1a3ce0d65b4f4fc107986e29358e
66f105da0fd77a1d06d57c0e03e2a446fe8b132973b9bc04e7dd9c12bf69c824
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 08:22:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Dec 2022 05:15:07 GMT
ETag: "b310e70595bc1a3ce0d65b4f4fc107986e29358e"
Last-Modified: Sun, 18 Dec 2022 05:15:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2764
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b67e0f3e021c0e-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash d10b3a0f1d339af73960b54631443769
b310e70595bc1a3ce0d65b4f4fc107986e29358e
66f105da0fd77a1d06d57c0e03e2a446fe8b132973b9bc04e7dd9c12bf69c824
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 08:22:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Dec 2022 05:15:07 GMT
ETag: "b310e70595bc1a3ce0d65b4f4fc107986e29358e"
Last-Modified: Sun, 18 Dec 2022 05:15:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2764
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b67e0f4e0b1c0e-OSL
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144276616-1&cid=592568191.1671351761&jid=22111304&gjid=1624325301&_gid=2013383913.1671351761&_u=YEBAAUAAAAAAACAAI~&z=2066293622
64.233.164.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144276616-1&cid=592568191.1671351761&jid=22111304&gjid=1624325301&_gid=2013383913.1671351761&_u=YEBAAUAAAAAAACAAI~&z=2066293622
IP 64.233.164.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144276616-1&cid=592568191.1671351761&jid=22111304&gjid=1624325301&_gid=2013383913.1671351761&_u=YEBAAUAAAAAAACAAI~&z=2066293622 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://gnula.nu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Dec 2022 08:22:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
polldaddy.com/images/ratings/nero-hand-med.png
192.0.123.249200 OK 1.2 kB URL HTTP/2 polldaddy.com/images/ratings/nero-hand-med.png
IP 192.0.123.249:0
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 620224fd31a56f8b52ede14a0173f43f
e51333fbde9c767aa21bbd1610fc26c09868670d
d45bc6234fbff20dda709b132b23aa6cf93be77e85026f0fe740bb4a93bb0851
GET /images/ratings/nero-hand-med.png HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: image/png
content-length: 1179
last-modified: Wed, 08 Sep 2021 02:43:27 GMT
etag: "6138234f-49b"
expires: Tue, 17 Jan 2023 08:22:44 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 1.0 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 602b63fba87f7eedea3d324763e1c772
81436556176e3a9836ffa1c3ac52f5e7c56347c3
e5c81b4e930018fa20a1711529b6824fb4f9550624836b38d98c51fcb40fd65f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CA0A51FA54322EC5993F533761ACB4C04B5116AA40B13016338FD72BA15C8908"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Sun, 18 Dec 2022 14:22:25 GMT
Date: Sun, 18 Dec 2022 08:22:44 GMT
Connection: keep-alive
polldaddy.com/images/ratings/info.png
192.0.123.249200 OK 1.2 kB URL HTTP/2 polldaddy.com/images/ratings/info.png
IP 192.0.123.249:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 242cc5efe3724c793e5fa742c3aa1315
fbba0bdf013403f3d835b54d222931d04e137167
8d1b51a6bcf97a173884161816c19b753e0088a0926148482d8a1f371706c774
GET /images/ratings/info.png HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: image/png
content-length: 1226
last-modified: Wed, 08 Sep 2021 02:44:15 GMT
etag: "6138237f-4ca"
expires: Tue, 17 Jan 2023 08:22:44 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d9b18ac6541daf704dd981d6e72a5ab7
4516d6a2850f57ab5f1a4e9e07bf9dc3b43aa7e1
d866c3b16c7dbd7683aa1856b13e9abad1bdf69760fe1aeacc80140c30bda6c2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D866C3B16C7DBD7683AA1856B13E9ABAD1BDF69760FE1AEACC80140C30BDA6C2"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Sun, 18 Dec 2022 09:30:45 GMT
Date: Sun, 18 Dec 2022 08:22:44 GMT
Connection: keep-alive
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32033)
Hash df9f1c904ed2c721599e1807ce50e10c
0ff0dd277a16bca1a9da1994fa40b505a3918f0c
b9efa6faa4fc0f00035eaeb0d0c6044aa62131568d3f1dcd6c0da4a69965f674
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.es.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 97333
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 18 Dec 2022 08:22:44 GMT
Etag: "fa4af18a6c068f0092b0e7636c87e143+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13990
hqq.tv/cdn-cgi/trace
190.115.19.71404 Not Found 568 B IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 38efc78c2c0070885cb41da58dee00bf
518fa8a999886afb7ab1296f08ef50163a477005
447b90ddaf0e357f89f563acad6aa3539e6238a985e35c76845f0fb99008f5d2
GET /cdn-cgi/trace HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Cookie: uid=VVC7CVjvZw2QR91k0mBMLjg77EjKDKmy
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
set-cookie: __ddg1_=LDG0Ts0r9TmBY1IVFXmx; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Sun, 18 Dec 2022 08:22:43 GMT
content-type: text/html; charset=UTF-8
x-origin-location: /
x-cache-status-inferno: MISS
x-inferno-location: /
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
player.vimple.ru/iframe/a99f81f3e0d045dfbf004e1a8aa5a9c8
172.67.134.240200 OK 5.0 kB URL HTTP/2 player.vimple.ru/iframe/a99f81f3e0d045dfbf004e1a8aa5a9c8
IP 172.67.134.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2006), with CRLF line terminators
Hash 8aaa4f095f6dd35020ff74379e657716
36e2b286a710e2faabf528707ef9e20521093a32
d0bfc6ce22820f01690d62be99d6b5455ba41153d46cbaaddd29814152af477d
GET /iframe/a99f81f3e0d045dfbf004e1a8aa5a9c8 HTTP/1.1
Host: player.vimple.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
set-cookie: UniversalUserID=50bef38d4cdb448688da17cbb6d52929; Expires=Mon, 18 Dec 2023 11:22:47 GMT; Max-Age=63072000; Secure; Path=/; SameSite=None; HttpOnly; Domain=.vimple.ru
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3a0TD6jHcD3G6%2Bx8LmpvMY2KlTockDNfwwhQN6h2I53u371eOgZnsBST5ts7Uxj%2F7L59ft0hUv%2FcMHP5njOxhnGTZ8Xhx3jGheOD3MzKG171Pph%2Bmr9gyrRb%2Fj9%2B7mGl%2BMU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b67e0c6dafb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.mycdn.me/videoPreview?id=272866871942&type=32&idx=2&tkn=33qfH_vlinhJhw8lw0ePX4weXh4&fn=external_8
217.20.155.57200 OK 28 kB URL HTTP/2 i.mycdn.me/videoPreview?id=272866871942&type=32&idx=2&tkn=33qfH_vlinhJhw8lw0ePX4weXh4&fn=external_8
IP 217.20.155.57:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x405, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8cb8725c4f4c7c6bb394a526d2d86f74
76fd54e0c93a8b6d325f72ba09d2cda285eba44b
667e127197653e89b26654c991344e1b123d2d6e700bd2e8796529cc1ca1ed17
GET /videoPreview?id=272866871942&type=32&idx=2&tkn=33qfH_vlinhJhw8lw0ePX4weXh4&fn=external_8 HTTP/1.1
Host: i.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: image/webp
content-length: 27992
accept-ranges: bytes
last-modified: Wed, 19 Oct 2022 08:22:44 GMT
expires: Thu, 14 Sep 2023 08:22:44 GMT
cache-control: private, max-age=100000000
etag: "686897696a7c876b7e"
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
videoplayer.ru/ru/player/spruto/sp.js?v=3.0.0.0
188.114.97.1200 OK 11 kB URL HTTP/2 videoplayer.ru/ru/player/spruto/sp.js?v=3.0.0.0
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with very long lines (40513)
Hash 4de51022feadeb91ece2725116f230ea
b32911b76b8816b9b3141a33dfbc7237ad0b222a
854c2efc739be91f2ef8632ee77f362942cb3d5bd767e1e8531197a60e716c19
Analyzer Verdict Alert fortinet Malware
GET /ru/player/spruto/sp.js?v=3.0.0.0 HTTP/1.1
Host: videoplayer.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimple.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
cache-control: max-age=14400
last-modified: Wed, 01 Jun 2022 19:06:58 GMT
etag: W/"0f515c4ea75d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFZwG0rktZiBs9XMsIDFaLiwzkcWHnyDTb9aYow1as3lVXj5IJFYJUSANR07uAbZtV34rSYR5bZxRw3DlcVZ8apC2%2BDcMPyKLn2YQK6bvdS493tLbP9W%2BFFaNJd9MF83Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b67e0fcbb4b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fdocumental%2Fver-only-the-dead-2015-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671351760906%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=d8f45677ffeb0108b571527661c8cbdadaa1eb35
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fdocumental%2Fver-only-the-dead-2015-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671351760906%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=d8f45677ffeb0108b571527661c8cbdadaa1eb35
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgnula.nu%2Fdocumental%2Fver-only-the-dead-2015-online%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22es%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671351760906%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=d8f45677ffeb0108b571527661c8cbdadaa1eb35 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:43 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Sun, 18 Dec 2022 08:22:44 GMT
content-length: 43
x-transaction-id: 3695eda9ffd0f748
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: 830ea9df4e48d32266cd4850de8fd2c0e7af0d2264005a9c9a0fe2c80587da90
X-Firefox-Spdy: h2
ok.ru/res/js/app/capture_5f689327.js
217.20.155.13200 OK 675 B URL HTTP/2 ok.ru/res/js/app/capture_5f689327.js
IP 217.20.155.13:0
File type ASCII text, with very long lines (1522)
Hash 0662bfa0b482394ccde3a3471903b82e
e4c8f1a990e7dcaac87bcfd9067928f234f80e3a
dc2c91380f47fbf65b1860daffea9d480b095ca121d72418cbcfd1b0238ede6d
GET /res/js/app/capture_5f689327.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
content-length: 675
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:44 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 77 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (636)
Hash 5b7e18cebcc15eb4cf0099cc2f41cece
19b331d1a0c923e21203ce12a3fc6cef54348e9c
d310d6bafdc3e80a3c4064cb754c420b93539acef43f5a38aa60495a789b4031
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 76668
date: Sun, 18 Dec 2022 08:22:44 GMT
access-control-allow-origin: *
etag: "639bee03-12b7c"
expires: Sun, 18 Dec 2022 09:22:44 GMT
last-modified: Fri, 16 Dec 2022 07:03:15 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ok.ru/res/js/app/VideoEmbed_bc0da08a.js
217.20.155.13200 OK 360 B URL HTTP/2 ok.ru/res/js/app/VideoEmbed_bc0da08a.js
IP 217.20.155.13:0
File type ASCII text, with very long lines (825)
Hash 5c3d7116fc8951a7fdcd7909dc3a15f3
054bf8af4b66c4c0924619d040d3cf446ffae37b
5c2d84d52609fff99f561cdb2876c1a6554ee4c7db52bd694342c6dbe4b5fde7
GET /res/js/app/VideoEmbed_bc0da08a.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
content-length: 360
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:44 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
ok.ru/res/js/app/OKVideo_2974a142.js
217.20.155.13200 OK 5.3 kB URL HTTP/2 ok.ru/res/js/app/OKVideo_2974a142.js
IP 217.20.155.13:0
File type ASCII text, with very long lines (16082)
Hash 3499abb59944e95514f8a3600a7e68be
ca1f87de928067c11c6fbbae779783b2529e789b
bb6b8a2774c69ba50604ff23e3ddfbd6d279ed32464b438a78d388d22a30208b
GET /res/js/app/OKVideo_2974a142.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
content-length: 5344
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:44 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144276616-1&cid=592568191.1671351761&jid=22111304&_u=YEBAAUAAAAAAACAAI~&z=1165973096
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144276616-1&cid=592568191.1671351761&jid=22111304&_u=YEBAAUAAAAAAACAAI~&z=1165973096
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144276616-1&cid=592568191.1671351761&jid=22111304&_u=YEBAAUAAAAAAACAAI~&z=1165973096 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 08:22:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ok.ru/res/js/lib/jquery-1.8.3_699b1ac6.js
217.20.155.13200 OK 30 kB URL HTTP/2 ok.ru/res/js/lib/jquery-1.8.3_699b1ac6.js
IP 217.20.155.13:0
File type Unicode text, UTF-8 text, with very long lines (36291)
Hash c9ec089128fe701595e679c379cb04d4
448432aab6126c99f96fbfcd560458e6e4bd8cf6
5a7fad0f634f88c51358f65491dc20f0e42b57c70d6fe9007c53645757ebbbdb
GET /res/js/lib/jquery-1.8.3_699b1ac6.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
content-length: 29958
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:44 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7424
Expires: Sun, 18 Dec 2022 10:26:29 GMT
Date: Sun, 18 Dec 2022 08:22:45 GMT
Connection: keep-alive
st.mycdn.me/static/MegaPlayer/10-11-67/okVideoPlayerUtils.min.js
217.20.155.82200 OK 3.6 kB URL HTTP/2 st.mycdn.me/static/MegaPlayer/10-11-67/okVideoPlayerUtils.min.js
IP 217.20.155.82:0
File type ASCII text, with very long lines (7596)
Hash e8c7deb0e65b161da76fd5482a11a84b
b18faab71a06f3ef25308187d494ed2b514e54e0
ff2984b40d9f0a9a17430c1993babb8ea72e96abe44c8d1a677c8aa100f29db8
GET /static/MegaPlayer/10-11-67/okVideoPlayerUtils.min.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 21 Feb 2022 15:45:25 GMT
vary: Accept-Encoding
expires: Mon, 18 Dec 2023 08:22:44 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7424
Expires: Sun, 18 Dec 2022 10:26:29 GMT
Date: Sun, 18 Dec 2022 08:22:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9111
Expires: Sun, 18 Dec 2022 10:54:36 GMT
Date: Sun, 18 Dec 2022 08:22:45 GMT
Connection: keep-alive
ok.ru/res/js/b/primary_438edfa.js
217.20.155.13200 OK 26 kB URL HTTP/2 ok.ru/res/js/b/primary_438edfa.js
IP 217.20.155.13:0
File type ASCII text, with very long lines (55101)
Hash 42d2b38949098e833414c9e2ae9f72da
036c11e23b560fb68ab08e8438e736ee1710270b
21147eb60f074a465e1bd137f06d08b0819bb8765e1ac9ab362a807c1db478ee
GET /res/js/b/primary_438edfa.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
content-length: 25587
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:44 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c80a9fa-2fa0-4eaa-8573-26bcb62a1728.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c80a9fa-2fa0-4eaa-8573-26bcb62a1728.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 455fac45ae0c53d1597a541eaf497576
591202053dde2e39766bb8d58898dd58bac94b64
567510fec1be57dc02c7daf4aa2b6ecdfd79c218e02dbab9319ad8cee75034db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c80a9fa-2fa0-4eaa-8573-26bcb62a1728.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12988
x-amzn-requestid: 98254e1f-8c22-46db-9eb3-6dd85a657173
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2Z2FG3IAMFlmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3772-2aa92ecb7ea390b82c1c2665;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:41:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ctRdi7t-KHO1QuclQGGeDghvY-dPCBmNTG03wzwi8Tf7kCcBNgnIjA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 22:12:10 GMT
age: 36635
etag: "591202053dde2e39766bb8d58898dd58bac94b64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ok.ru/res/js/b/music2_1b220cb7.js
217.20.155.13200 OK 3.9 kB URL HTTP/2 ok.ru/res/js/b/music2_1b220cb7.js
IP 217.20.155.13:0
File type ASCII text, with very long lines (13213)
Hash ffc8c12273aa782d2217667237a265fe
bfdef1e684867efec95882a0b9bd6583df73e4c0
bc49a4051c5ef911c3ed414e6fc4e8d96bc4c32e1d2d4ae10f32f8676068c0e0
GET /res/js/b/music2_1b220cb7.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
content-length: 3941
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:44 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada04738696f861648635c9ba98841e4
ce644cd4349d88aa7c24b2503b0b18b444061639
e5cee777efbf1d8a0f95f6cce71199e5f016a91f90cf0afe38bc86654b9d730d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xFbmIbrDz7MnhaF8tqHeTDzjrwbsP7SbmYb_OLLWZPb7poAmecfDew==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 38620
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
st.mycdn.me/static/MegaPlayer/10-11-67/flashDetect.swf
217.20.155.82200 OK 424 B URL HTTP/2 st.mycdn.me/static/MegaPlayer/10-11-67/flashDetect.swf
IP 217.20.155.82:0
File type Macromedia Flash data (compressed), version 10\012- data
Hash 06c338f8a657bf5c6419ba4ab5964032
e4aa29797303e264067dc302a51d02f48b22ef2c
e94bf27d60e9ba64f079e8dcc296a1e12bcdf0bf8d189a7b1bceadcae979695a
GET /static/MegaPlayer/10-11-67/flashDetect.swf HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:45 GMT
content-type: application/x-shockwave-flash
content-length: 424
last-modified: Sat, 02 Apr 2022 08:09:56 GMT
vary: Accept-Encoding
expires: Mon, 18 Dec 2023 08:22:45 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/metrika_match.html
77.88.21.119200 OK 696 B URL HTTP/2 mc.yandex.ru/metrika/metrika_match.html
IP 77.88.21.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (540)
Hash 784e2d6c9868e5d3aca06efb9fc6bdd2
9496aba69de55c6b74b1494d0479772a28a7f29c
cf75bbfd28015ee0303483f2224ef09129135c7487ddb6537f999b6095619698
GET /metrika/metrika_match.html HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 696
date: Sun, 18 Dec 2022 08:22:45 GMT
access-control-allow-origin: *
etag: "639bee03-2b8"
expires: Sun, 18 Dec 2022 09:22:45 GMT
last-modified: Fri, 16 Dec 2022 07:03:15 GMT
cache-control: max-age=3600
content-encoding: br
content-type: text/html
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae5629d0-2146-4184-be4e-96bb9ad63cda.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae5629d0-2146-4184-be4e-96bb9ad63cda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f483fbc04fdbb1b30097fadad516f718
5acc44f724df315d42fad6c3a6147c781285f498
c0709eab8e4a270d6a1ff763953241c6820dfd53f1c45fd73b0a8e2837934b58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae5629d0-2146-4184-be4e-96bb9ad63cda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5290
x-amzn-requestid: 78198cd7-6565-48c4-a017-52522d65d9af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOAbhGYpoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639be116-62976f8f1156951a5f8173f8;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 03:08:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2iWdl5-74fJleg5LpAWNtIhG1xbDtulnFiD_XfzKC5dQS90JsRkDrg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 01:23:35 GMT
age: 25150
etag: "5acc44f724df315d42fad6c3a6147c781285f498"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12c4c2232b6d09e9085f0214b3260c1e
a24f8e949a2f2a973fe2dd5af994cd970d37f13a
000475ed7d0aab9a7dab3e25f0a29f82552739fea99f98cbf5131282d0db7d63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: d72e1904-caf4-4c72-a811-d1bde023f4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11JGCsIAMFRDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3687-7789040d71253d00378f9162;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NWh-ecaQXJITj6VyK4qutXz95L557E8kCDxs-fNBRmkjUk_ZG0Oygg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 38620
etag: "a24f8e949a2f2a973fe2dd5af994cd970d37f13a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dg3c2lWr1FbFUalH5QB05VrQIkpt3LNuUM-VxJZiaXy3nJu-cfd5jg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 38620
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JHDfcd35b-bHZm6oayBIN5NDt6ZeGygBfvu7IKU18wFiLHMGEPQPkQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 22:02:19 GMT
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
age: 37226
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ok.ru/res/js/app/CurrentUserCfg_c4fb49e3.js
217.20.155.13200 OK 420 B URL HTTP/2 ok.ru/res/js/app/CurrentUserCfg_c4fb49e3.js
IP 217.20.155.13:0
File type ASCII text, with very long lines (1018)
Hash b873a58b09b83ca950e41354d7e849d6
6162870f5209ce9144f838ecd3a0f40aca1ebc38
cff75cd751fa6397e7750c5c5e69915c8304868fc2b7bf5573754a04cfc535ea
GET /res/js/app/CurrentUserCfg_c4fb49e3.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:45 GMT
content-type: application/javascript
content-length: 420
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:45 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 18 Dec 2022 08:22:45 GMT
access-control-allow-origin: *
etag: "639bee03-2b"
expires: Sun, 18 Dec 2022 09:22:45 GMT
accept-ranges: bytes
last-modified: Fri, 16 Dec 2022 07:03:15 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ok.ru/res/js/app/GwtConfig_609c2106.js
217.20.155.13200 OK 341 B URL HTTP/2 ok.ru/res/js/app/GwtConfig_609c2106.js
IP 217.20.155.13:0
File type ASCII text, with very long lines (551)
Hash 989a5cfe3580dc7a4dda333684b4921d
8374be1f5bc50ab9cf9d24fd00b71d8fbcb0817b
ee0fa52170ad4a91f0178ea3b1326b65dd5c8dc72ad4a46dd76f797d3d2430fa
GET /res/js/app/GwtConfig_609c2106.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:45 GMT
content-type: application/javascript
content-length: 341
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:45 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f54c7fcfddc2c84875d4a36f8d1beb07
63ccadc87fab8b5e8f1aea26e26c167ccef8e791
36d7adf123c31cd639ca5c6ed773ce2fa7b378b6b345f616ff40b8783e96c989
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 08:22:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 22 Dec 2022 04:55:35 GMT
ETag: "63ccadc87fab8b5e8f1aea26e26c167ccef8e791"
Last-Modified: Sun, 18 Dec 2022 04:55:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1019
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b67e154a540b06-OSL
ok.ru/res/js/lib/noext_2f9c7b37.js
217.20.155.13200 OK 293 B URL HTTP/2 ok.ru/res/js/lib/noext_2f9c7b37.js
IP 217.20.155.13:0
Hash b8a297ed2464300416ef44e35c7c2538
20f9f47063cfb766f0d838c0855377eeed7c72dc
a8e99ebcaf3ba67af9abdbcde2b325950916eb30e4ceaf5aa109164a53155655
GET /res/js/lib/noext_2f9c7b37.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:45 GMT
content-type: application/javascript
content-length: 293
last-modified: Wed, 14 Dec 2022 14:22:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:45 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash e50601e00f65582fe2bb2328f6371c47
b09b463b65aa7a68956b55f0ab02129645778bfc
ed6b02b100134fe8486d95ac3fa44a17ab0487538dd3bcb56d8f85ba8bf0c83c
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 08:22:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 22 Dec 2022 06:14:24 GMT
ETag: "b09b463b65aa7a68956b55f0ab02129645778bfc"
Last-Modified: Sun, 18 Dec 2022 06:14:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b67e1449801c0e-OSL
adfstat.yandex.ru/metrica?id=535910616
87.250.250.145200 OK 15 B URL HTTP/1.1 adfstat.yandex.ru/metrica?id=535910616
IP 87.250.250.145:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c776997933eb60833b37beaf43814c8
bff63526eb02853c6b414ccfb4d00ac9ca283930
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
GET /metrica?id=535910616 HTTP/1.1
Host: adfstat.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mc.yandex.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 08:22:45 GMT
Content-Type: application/json
Content-Length: 15
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=10, immutable
ocsp.pki.goog/s/gts1p5/mQ0hfpLFOZs
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mQ0hfpLFOZs
IP 216.58.211.3:0
Hash b92d3e307569c460d9c5fbb8a4729332
01a5576eaf86ac1b8b53e92073559641a76f20d2
4e56541a627ad31d28906f51548fcfeac07621862c476f29087c5afdb24de58e
POST /s/gts1p5/mQ0hfpLFOZs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/mQ0hfpLFOZs
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mQ0hfpLFOZs
IP 216.58.211.3:0
Hash b92d3e307569c460d9c5fbb8a4729332
01a5576eaf86ac1b8b53e92073559641a76f20d2
4e56541a627ad31d28906f51548fcfeac07621862c476f29087c5afdb24de58e
POST /s/gts1p5/mQ0hfpLFOZs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.multipulter.com/modules/ad/frame.html?origin=https%3A%2F%2Fplayer.vimple.ru
46.61.151.250200 OK 238 B URL HTTP/2 s3.multipulter.com/modules/ad/frame.html?origin=https%3A%2F%2Fplayer.vimple.ru
IP 46.61.151.250:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3a539cdd6a8d193fce07d3e2a1836902
dbfcabf31d5729c6584e7b1f6242babfb2e261cd
9231a77ce2054310458db0f9f81a3c46f05c1bf8f00729c5d15cb6fb61e3fea5
GET /modules/ad/frame.html?origin=https%3A%2F%2Fplayer.vimple.ru HTTP/1.1
Host: s3.multipulter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimple.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.1
date: Sun, 18 Dec 2022 08:35:44 GMT
content-type: text/html
content-length: 238
cache-control: max-age=60
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 12:55:49 GMT
etag: "c187a2a531c0d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.marazma.com/zEel8G4
188.114.96.1301 Moved Permanently 49 kB IP 188.114.96.1:0
File type gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 8adc2dc8a4563fd9aee9ff9029ead38f
b1214a4f6d2ce618d0096cf1261f65d4c16a9b26
01d0f5ebf56e56d4d005184ff94488fc2333c321124a222a4ca2d186d49d6ac1
GET /zEel8G4 HTTP/1.1
Host: www.marazma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marazma.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 301 Moved Permanently
date: Sun, 18 Dec 2022 08:22:45 GMT
location: https://marazma.com/zEel8G4
cache-control: max-age=3600
expires: Sun, 18 Dec 2022 09:22:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laIAhUoXruXO2sFDJU09adf2KughiSfKAXC2EL5DKwpaQGXvfH1zihNzmDjLWs69EAQktia3u2mlAmvtWFHr%2FdVwDFrLm1uFUis723rCzIVA8DpuCTuOzAyHEGp8Dmr8Dz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e16be66fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/mQ0hfpLFOZs
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/mQ0hfpLFOZs
IP 216.58.211.3:0
Hash b92d3e307569c460d9c5fbb8a4729332
01a5576eaf86ac1b8b53e92073559641a76f20d2
4e56541a627ad31d28906f51548fcfeac07621862c476f29087c5afdb24de58e
POST /s/gts1p5/mQ0hfpLFOZs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6f9586a8eefa78516d7ff8fb466696b
9671a8f3d1956ba57ce8b6ec71bb780cfded0fce
6b7fe82eca2ba0c4107051298afabde68d8697f88f86dbcbd9665948899b173d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1493
Cache-Control: max-age=93757
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:46 GMT
Etag: "639d933e-117"
Expires: Mon, 19 Dec 2022 10:25:23 GMT
Last-Modified: Sat, 17 Dec 2022 10:00:30 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6f9586a8eefa78516d7ff8fb466696b
9671a8f3d1956ba57ce8b6ec71bb780cfded0fce
6b7fe82eca2ba0c4107051298afabde68d8697f88f86dbcbd9665948899b173d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1493
Cache-Control: max-age=93757
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:46 GMT
Etag: "639d933e-117"
Expires: Mon, 19 Dec 2022 10:25:23 GMT
Last-Modified: Sat, 17 Dec 2022 10:00:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 37ea0420a05aff5978caaff2562a5834
4638e9326f9ee24abcde5fd94733da82b6a9b049
188e3c8a4892f2e68a1897e5161e715a4b7eac3ec591d946e3d825e787a92f8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3927
Cache-Control: max-age=94803
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:46 GMT
Etag: "639d8dd2-117"
Expires: Mon, 19 Dec 2022 10:42:49 GMT
Last-Modified: Sat, 17 Dec 2022 09:37:22 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 46 kB IP 93.184.220.29:0
Hash c3d12d8dbd063e3934375aba4d24d747
a1d2e9dc3dbab239d16ff297203f104e66755815
05cd9b557c627a74678330b94e9d8a40b4058994a9672c00ffced1fd35f409f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3927
Cache-Control: max-age=94803
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:46 GMT
Etag: "639d8dd2-117"
Expires: Mon, 19 Dec 2022 10:42:49 GMT
Last-Modified: Sat, 17 Dec 2022 09:37:22 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e8464e4f3e18eb415ca73334fa939c95
045f47aa736e878ecbaa6ba0a5c81df40070b5e5
9622e48177dc89d72a95fb2caeb4c49596fabf66f1e85540f9cb5f7bef2aec47
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 08:22:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 01:50:05 GMT
Expires: Sat, 24 Dec 2022 01:50:04 GMT
Etag: "045f47aa736e878ecbaa6ba0a5c81df40070b5e5"
Cache-Control: max-age=494237,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77b67e1f7e54b503-OSL
st.mycdn.me/static/music/0-4-17/model.js
217.20.155.82200 OK 18 kB URL HTTP/2 st.mycdn.me/static/music/0-4-17/model.js
IP 217.20.155.82:0
File type ASCII text, with very long lines (46840)
Hash 1a6847df7721b5529355ce339fdd7929
4a36a4ba1242df9170df5d911b0020a8966b761a
0ff0f27b387e1b773bfc9aa32ccdb086dacc7055c677a06be2177b8bb2996c58
GET /static/music/0-4-17/model.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 18390
last-modified: Tue, 29 Nov 2022 12:37:39 GMT
vary: Accept-Encoding
content-encoding: br
expires: Mon, 18 Dec 2023 08:22:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic
142.250.74.106200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic
IP 142.250.74.106:0
Hash 0d7ab13f449b09c94596eb304a3cb5ad
b8b03b5d1791a22973028d3f6e71cf8f6e62c93d
979dd47e06ce0e2cd2918bdf67cc6c7e0f5518869ff3fee52a300c51c5f6f52f
GET /css?family=Open+Sans:400,300&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Dec 2022 08:22:44 GMT
date: Sun, 18 Dec 2022 08:22:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 071c4a2a38413d1b9894cb8a7ec7613b
45331796c0bdfce32761358c7d4c89ddf7e8fb5e
db0f9d13917356744ec8f753a89f2e2fc7071c2df536cbe1af58cb196d407e2c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 08:22:48 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Thu, 22 Dec 2022 05:46:49 GMT
ETag: "45331796c0bdfce32761358c7d4c89ddf7e8fb5e"
Last-Modified: Sun, 18 Dec 2022 05:46:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1146
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b67e273e890b06-OSL
popxyz.com/Jr1zAzZ
172.67.181.82200 OK 3.2 kB IP 172.67.181.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (343)
Hash 12741407236bdaaa52f2ca7e54e9bde9
4c55833376318db91d439ff2e46fc5a805667ede
7b6962d37f8e5ac6d949caf926d6b70e72ceb306fc2a3627f145c2162908cb89
GET /Jr1zAzZ HTTP/1.1
Host: popxyz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marazma.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:46 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v95z%2FlMZGwf4a4rsmFJfsh8BYZ1GG7bCBeDSP%2FWuhAPBJM2RMKvmZnUkwzHvcRkTrQWI944kvuokxgGU8eTIbFw%2BRvN%2BEcbtDCY3kIuSo9slynnQIOI9Oc0ifMGa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b67e1a9dd9b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4fe5c9d23532267c69b0bade45c6168e
bb1d6510fc8f4f9187dc5d55ad81f35d2fd97bae
7903a1151fc9bb57f825256a15aced917c7e9fcd02c7c4acc715976806c171b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7903A1151FC9BB57F825256A15ACED917C7E9FCD02C7C4ACC715976806C171B9"
Last-Modified: Sat, 17 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Sun, 18 Dec 2022 09:05:38 GMT
Date: Sun, 18 Dec 2022 08:22:49 GMT
Connection: keep-alive
sadnesscontemporary.com/q3bt590w4?key=7cbf442f270879e7b3216d1e2cfd2bef
192.243.61.225200 OK 1.2 kB URL HTTP/1.1 sadnesscontemporary.com/q3bt590w4?key=7cbf442f270879e7b3216d1e2cfd2bef
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash edc72ce134e68a855ee7fcb1f59c30f9
4294f3ec37289508b7c626693a473a6946509b30
54aeaa4d4301f9006399b7fd1f6f8e5eefb68bf15e6e1e8e6a64a1bfa01ec278
Analyzer Verdict Alert quad9 Sinkholed
GET /q3bt590w4?key=7cbf442f270879e7b3216d1e2cfd2bef HTTP/1.1
Host: sadnesscontemporary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://popxyz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 08:22:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17420400; expires=Mon, 19 Dec 2022 08:22:49 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyMDQwMCwiayI6IjdjYmY0NDJmMjcwODc5ZTdiMzIxNmQxZTJjZmQyYmVmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODUzNDAzLCJwaWQiOjQ0MjE4OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJxM2J0NTkwdzQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vcG9weHl6LmNvbS8ifX0.IUYylyRTRck3tJFrACoZDlH7Dc8FtgDbFzHgcJLLRyE; expires=Sun, 18 Dec 2022 08:23:49 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 733a5276cf52ae35af611d07038ce231
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sadnesscontemporary.com/q3bt590w4?shu=6a794b2d64825cf43c0d05f09247b8e3d1eb3fe99a7019bf9f499ea2047666e7fa4ab53a93f9e71e303590946a0dd38b0107558fe2941f2d1f7d6de270ab5d4fda876bd46d88ccc1d5118832ae1a0a15c4d451e6&pst=1671351829&rmtc=t&uuid=&pii=true&in=false&key=7cbf442f270879e7b3216d1e2cfd2bef&refer=https%3A%2F%2Fpopxyz.com%2F
192.243.61.225302 Found 0 B URL HTTP/1.1 sadnesscontemporary.com/q3bt590w4?shu=6a794b2d64825cf43c0d05f09247b8e3d1eb3fe99a7019bf9f499ea2047666e7fa4ab53a93f9e71e303590946a0dd38b0107558fe2941f2d1f7d6de270ab5d4fda876bd46d88ccc1d5118832ae1a0a15c4d451e6&pst=1671351829&rmtc=t&uuid=&pii=true&in=false&key=7cbf442f270879e7b3216d1e2cfd2bef&refer=https%3A%2F%2Fpopxyz.com%2F
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /q3bt590w4?shu=6a794b2d64825cf43c0d05f09247b8e3d1eb3fe99a7019bf9f499ea2047666e7fa4ab53a93f9e71e303590946a0dd38b0107558fe2941f2d1f7d6de270ab5d4fda876bd46d88ccc1d5118832ae1a0a15c4d451e6&pst=1671351829&rmtc=t&uuid=&pii=true&in=false&key=7cbf442f270879e7b3216d1e2cfd2bef&refer=https%3A%2F%2Fpopxyz.com%2F HTTP/1.1
Host: sadnesscontemporary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadnesscontemporary.com/q3bt590w4?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17420400
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 08:22:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17420400
Set-Cookie: u_pl=17420400; expires=Mon, 19 Dec 2022 08:22:49 GMT
pdhtkv=true; expires=Mon, 19 Dec 2022 08:22:49 GMT
uncs=1; expires=Mon, 19 Dec 2022 08:22:49 GMT
pdhtkv28=true; expires=Mon, 19 Dec 2022 08:22:49 GMT
uncs28=1; expires=Mon, 19 Dec 2022 08:22:49 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 981f5752c4dadb6446ae31cf89a72a17
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17420400
95.101.10.186307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17420400
IP 95.101.10.186:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17420400 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sadnesscontemporary.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&sref=ADST&ADST=17420400&affiliateId=1&pid=86327060&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 18 Dec 2022 08:22:49 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 18 Dec 2022 08:22:49 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86327060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671351769576)%5c%2f%22%2c%22CookieTag%22%3a%223795086327060451240919C20221218822%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228577530981%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 18-Dec-3021 08:22:49 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=29, origin; dur=49
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&sref=ADST&ADST=17420400&affiliateId=1&pid=86327060&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&sref=ADST&ADST=17420400&affiliateId=1&pid=86327060&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&sref=ADST&ADST=17420400&affiliateId=1&pid=86327060&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sadnesscontemporary.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 18 Dec 2022 08:22:49 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&sref=ADST&ADST=17420400&affiliateId=1&pid=86327060&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950
set-cookie: JSESSIONID=node01cdl4wavuzkcbvs9ma3m942679120734.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01cdl4wavuzkcbvs9ma3m94267; Path=/; Domain=.unibet.nu; Expires=Tue, 17-Dec-2024 08:22:49 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Tue, 17-Dec-2024 08:22:49 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://sadnesscontemporary.com/"; Path=/; Domain=.unibet.nu; Expires=Tue, 17-Dec-2024 08:22:49 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=86327060; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://sadnesscontemporary.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 18 Dec 2022 08:22:49 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&sref=ADST&ADST=17420400&affiliateId=1&pid=86327060&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&sref=ADST&ADST=17420400&affiliateId=1&pid=86327060&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&sref=ADST&ADST=17420400&affiliateId=1&pid=86327060&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sadnesscontemporary.com/
Connection: keep-alive
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 18 Dec 2022 08:22:49 GMT
content-length: 0
location: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 08:22:49 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
marazma.com/Jr1zAzZ
172.67.128.55200 OK 3.6 kB IP 172.67.128.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (343)
Hash c4dc52e11ae67aae8b4e0cdbf5ff946f
658b227340de8dd00b126097cc78c9df588f7a23
d5be268951836e3b1479cc0a07e4ebd2cbffb8226d691a90f9aaaf44f7ec4100
GET /Jr1zAzZ HTTP/1.1
Host: marazma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:45 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ruo24BBIxfeDiSUU3aVCxi9Ggqn4pTrHYKsIrvSLds%2BUw4PmdaHLau%2FDlXSGd1lQpPhhJ9sM4I7lnr4hCimeXVQiW8MpBm5YIBeMVl4SX1n2%2B77KS%2FUKe7UHpd%2BGvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b67e1608410b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
104.18.24.188200 OK 4.1 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
IP 104.18.24.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (584)
Hash 6c4c4ee2c167fdbe60f6e638279eb483
e75de0af96aca2f0553178579700ed6e82b8e839
3d0c0d906ef899aba8832e955b2ff57536aaf0fe8297465ee0aec9c4067a5b93
GET /nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sadnesscontemporary.com/
Connection: keep-alive
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: g4nUNV/zpbklMqSw9+6VNw==
last-modified: Thu, 15 Dec 2022 16:05:34 GMT
x-ms-request-id: 399c2e06-c01e-0021-10b9-123679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e31894db529-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 27d72c9214c25294370af6719e425872
9bfbe4c49f1a5219c0555349669c6a85227849c5
9b1ad53a428c5dadcc356276026f588c9282ff1b8ab213ed48dc25b7a8e31f39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3611
Cache-Control: max-age=103453
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:50 GMT
Etag: "639db0dc-117"
Expires: Mon, 19 Dec 2022 13:07:03 GMT
Last-Modified: Sat, 17 Dec 2022 12:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash d5a179960e8d7e3ca980ee065e3c9e67
9bad92be1ec0dd388ade0275dbebcf6b1f597621
2a495e32a9d9cfe78336438922db83667d2353da01a42b864fe013925e64858d
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: text/css
x-amz-id-2: j0KP2T+lYsdM78NKtBoDNHe4fRFcKuMVeEAp1vddgV92TvFKuzqbftrbkn6fwCFtDD5ZoIhSwPo=
x-amz-request-id: RY3YM19KP2MSWPBW
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 231886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jATaA4WKS%2Bgr916qLl9KaUcRE8khe5p7ZsGYRJCDQ000ptzFsE%2F6fALA6IRcCw%2BOsL5P7lB%2FovXM8wtELTeKkrlw9rXXMXTV%2BrfD4IOgSqiWCJBfs8hCdkQoKmuV%2Buzl2D920b6b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b67e33ed51d168-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/unibet-logo.svg
104.18.24.188200 OK 82 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/unibet-logo.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash 64a4e36c81e3280601e1f5cfb9c254af
1e1cd1f9d8290ee4f9a05ae4b20b0ff471494b67
f4b66f5381fe14997d61b386d45e4c4d76b06c832adf2423481434844f7b281e
GET /nu/pop/sportsbook/football/wc/2022/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 15 Dec 2022 16:05:35 GMT
etag: W/"0x8DADEB6334FB2FA"
x-ms-request-id: 59159075-601e-0038-339f-10b6c2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 231175
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e336b7db529-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
185.89.210.101307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 18 Dec 2022 08:22:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 7c61d09d-af9a-472c-b7bd-65aa1560e148
Set-Cookie: uuid2=5670926786761986305; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 18-Mar-2023 08:22:50 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.101200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.101:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 18 Dec 2022 08:22:50 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 28c88b1c-9cbb-4100-a926-f5bffb664d6e
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GTwvr[.^!]tbP6j2F-XstGt!@Di4$qJ_(; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 18-Mar-2023 08:22:50 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 38900021f4196388b8d196d67fd1d575
4183e47f47359b87d5c0a881f1e723b3017be32b
b9887ef6f8682da2c5aa8ab0313922de2a6635216fc0005dcc415660a497552b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5756
Cache-Control: max-age=89398
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 08:22:50 GMT
Etag: "639d7194-1d7"
Expires: Mon, 19 Dec 2022 09:12:48 GMT
Last-Modified: Sat, 17 Dec 2022 07:36:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s42888883643311?AQB=1&ndh=1&pf=1&t=18%2F11%2F2022%208%3A22%3A47%200%200&mid=36711327948193398585530781134597617268&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26bid%3D37950%26campaignId%3D2809443%26pid%3D86327060&r=https%3A%2F%2Fsadnesscontemporary.com%2F&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26bid%3D37950%26campaignId%3D2809443%26pid%3D86327060&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=8%3A22%20AM%7CSunday&v6=8%3A22%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1671351767&v21=Not%20Logged-In&c73=unibet&c74=36711327948193398585530781134597617268&v99=36711327948193398585530781134597617268&v120=popunder&v121=1%3A127656177%3A86327060-37950&v122=NONE&v124=2809443&v125=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&v126=86327060&v127=37950&v134=1671351766&s=1280x1024&c=24&j=1.6&v=N&k=N&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.176.210200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s42888883643311?AQB=1&ndh=1&pf=1&t=18%2F11%2F2022%208%3A22%3A47%200%200&mid=36711327948193398585530781134597617268&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26bid%3D37950%26campaignId%3D2809443%26pid%3D86327060&r=https%3A%2F%2Fsadnesscontemporary.com%2F&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26bid%3D37950%26campaignId%3D2809443%26pid%3D86327060&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=8%3A22%20AM%7CSunday&v6=8%3A22%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1671351767&v21=Not%20Logged-In&c73=unibet&c74=36711327948193398585530781134597617268&v99=36711327948193398585530781134597617268&v120=popunder&v121=1%3A127656177%3A86327060-37950&v122=NONE&v124=2809443&v125=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&v126=86327060&v127=37950&v134=1671351766&s=1280x1024&c=24&j=1.6&v=N&k=N&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s42888883643311?AQB=1&ndh=1&pf=1&t=18%2F11%2F2022%208%3A22%3A47%200%200&mid=36711327948193398585530781134597617268&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26bid%3D37950%26campaignId%3D2809443%26pid%3D86327060&r=https%3A%2F%2Fsadnesscontemporary.com%2F&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A86327060-37950%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26bid%3D37950%26campaignId%3D2809443%26pid%3D86327060&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=8%3A22%20AM%7CSunday&v6=8%3A22%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1671351767&v21=Not%20Logged-In&c73=unibet&c74=36711327948193398585530781134597617268&v99=36711327948193398585530781134597617268&v120=popunder&v121=1%3A127656177%3A86327060-37950&v122=NONE&v124=2809443&v125=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&v126=86327060&v127=37950&v134=1671351766&s=1280x1024&c=24&j=1.6&v=N&k=N&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 18 Dec 2022 08:22:50 GMT
expires: Sat, 17 Dec 2022 08:22:50 GMT
last-modified: Mon, 19 Dec 2022 08:22:50 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3589200596232241152-4619915755405707935
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /player/embed_player.php?vid=v2D48Z7a20we&autoplay=no HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=PHBYBttylppVS1bGU4eW; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:43 GMT
date: Sun, 18 Dec 2022 08:22:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.tv>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
hqq.tv/ad/api/popunder.js
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/ad/api/popunder.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /ad/api/popunder.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=v2D48Z7a20we&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=ZXcley344pvG8wYJjZlu; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Mon, 18-Dec-2023 08:22:44 GMT
date: Sat, 16 Jul 2022 01:05:52 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: W/"6141fdde-15"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
age: 13418256
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
unpkg.com/jquery@2.2.4/dist/jquery.min.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP 104.16.126.175:0
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 14395265
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77b67e0df9950b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/custom.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/custom.js
IP 104.18.24.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 400534
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e335b72b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
ok.ru/web-api/pts/video.player/en
217.20.155.13200 OK 0 B URL HTTP/2 ok.ru/web-api/pts/video.player/en
IP 217.20.155.13:0
GET /web-api/pts/video.player/en HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/videoembed/275772541574
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:45 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: bci=-1775435718416822198; Domain=.ok.ru; Expires=Fri, 05-Jan-2091 11:36:52 GMT; Path=/; Secure; HttpOnly
_statid=e83001d7-4a0d-427c-970f-5f3ce60e5172; Domain=.ok.ru; Expires=Fri, 05-Jan-2091 11:36:52 GMT; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
etag: W/"14a2eaa0cdc4e00c529dff3699717801"
content-encoding: br
X-Firefox-Spdy: h2
marazma.com/static/css/style.css
172.67.128.55200 OK 0 B URL HTTP/2 marazma.com/static/css/style.css
IP 172.67.128.55:0
GET /static/css/style.css HTTP/1.1
Host: marazma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://marazma.com/Jr1zAzZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:45 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 21:31:03 GMT
etag: W/"63925797-76c83"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6403
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvFnfM4wPOvMPZ1nDlqx1rkkFThW2b2EJ89wRRpbIzdCRPQLUK5UH6DVIGlGJ17qq%2Fx5vJRS%2BKjyTECBqQsmG3eiI%2F8U6Urbf1nN2OOMq8wvAL4NBlP6%2FksG4Insrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e16689c0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js
216.58.207.234200 OK 0 B URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js
IP 216.58.207.234:0
GET /ajax/libs/jquery/1.6/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 91668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 11:33:24 GMT
expires: Wed, 13 Dec 2023 11:33:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 420559
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
grunoaph.net/5/5487261/?oo=1&aab=1
139.45.197.238200 OK 0 B URL HTTP/2 grunoaph.net/5/5487261/?oo=1&aab=1
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5487261/?oo=1&aab=1 HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gnula.nu
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:43 GMT
content-type: application/json
x-trace-id: 5f6666aac684df97d950db4065e98c0d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://gnula.nu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=044c215d7c4f4c73bd064b334f0069d1; expires=Mon, 18 Dec 2023 08:22:43 GMT; path=/; secure; SameSite=None
oaidts=1671351763; expires=Mon, 18 Dec 2023 08:22:43 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
marazma.com/zEel8G4
172.67.128.55200 OK 0 B IP 172.67.128.55:0
GET /zEel8G4 HTTP/1.1
Host: marazma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://marazma.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:45 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XI9DFVdVCAS4kuDrrFp%2Bbq5b%2FP8pwxJFVGZhfPSo9eX9L5JqIQfNkOt%2FsE5K%2Bcl%2F2PQlnmdvY5KZqZrhj4dEw8GQKad3eRD8WDPi4%2BbfANTFHUYvQUG1xq91%2F3ePTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b67e16d8ee0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.popxperts.com/qpad49Q
172.67.145.78301 Moved Permanently 0 B URL HTTP/2 www.popxperts.com/qpad49Q
IP 172.67.145.78:0
GET /qpad49Q HTTP/1.1
Host: www.popxperts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popxyz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 18 Dec 2022 08:22:46 GMT
location: https://popxperts.com/qpad49Q
cache-control: max-age=3600
expires: Sun, 18 Dec 2022 09:22:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88KluBTmtkZ6%2Fvu7ofRHclbwUz8wDQY8yThc5tnPfi68auc0RPxIGMmn%2FTZwEvs80WSn0TJFP5gqiIHRbMmIAPS3cpQTC3g%2BKKca6j%2Fw9gJ2umO7GMd9HcaSbZRj39q7kvaz4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e1b9e59b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/com-payments.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/com-payments.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/com-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 15 Dec 2022 16:05:35 GMT
etag: W/"0x8DADEB633762115"
x-ms-request-id: 2fe68966-f01e-0005-479f-10c0d9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 231175
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e336b8eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
developers.google.com/
172.217.21.174200 OK 0 B IP 172.217.21.174:0
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 14 Dec 2022 22:11:50 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.4026346250.1671351764; Expires=Tue, 17 Dec 2024 08:22:44 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-ibqaGw5Zm5OJdb1mVEf/TCnzK927ze' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: fbf2d5f4dc12d55db87c94c000b15088
vary: Accept-Encoding
date: Sun, 18 Dec 2022 08:22:44 GMT
server: Google Frontend
content-length: 25548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/utv-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/utv-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/utv-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 15 Dec 2022 16:05:35 GMT
etag: W/"0x8DADEB6332AF239"
x-ms-request-id: 6deb1615-601e-0028-449f-1073aa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 231175
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e336b7eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-trust.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-trust.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/icon-trust.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 15 Dec 2022 16:05:37 GMT
etag: W/"0x8DADEB6349C7498"
x-ms-request-id: 787fba4a-601e-004a-219f-10b18d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 231175
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e336b82b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-expert.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-expert.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/icon-expert.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 15 Dec 2022 16:05:37 GMT
etag: W/"0x8DADEB634A39F80"
x-ms-request-id: 3b4edf20-401e-005d-529f-101886000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 231175
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e336b8ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
gnula.nu/wp-content/themes/charcoal2/scroller.js
185.178.208.130200 OK 0 B URL HTTP/2 gnula.nu/wp-content/themes/charcoal2/scroller.js
IP 185.178.208.130:0
GET /wp-content/themes/charcoal2/scroller.js HTTP/1.1
Host: gnula.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/documental/ver-only-the-dead-2015-online/
Cookie: __ddg1_=NyVdbrxwL1DMQDqHuRpW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 16 Dec 2022 00:43:19 GMT
content-type: application/javascript
last-modified: Tue, 19 May 2020 23:50:09 GMT
cache-control: max-age=604800
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: W/"5ec470b1-400"
expires: Wed, 21 Dec 2022 17:51:36 GMT
age: 200364
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP 104.16.126.175:0
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 14395265
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77b67e0de9850b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
testingmetriksbre.ru/netu.php
172.64.160.13200 OK 0 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 172.64.160.13:0
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZEur1ntMJaLFUKrZaVeoItgC4tIMgPbLBlkhsZap9JTxnddrOVEywEnouazJSRLKa7GkrVQ1%2FUOab9R0fHNROf2ptwcqBfoX3O7bZGp0aYBkwjV2pKe07RIWV03seNoa9ULEzBUhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b67e0e9c842408-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
testingmetriksbre.ru/f.php?sid=212040
172.64.160.13200 OK 0 B URL HTTP/2 testingmetriksbre.ru/f.php?sid=212040
IP 172.64.160.13:0
GET /f.php?sid=212040 HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIk6gQLVOWJroHMV6hGHU6fJ9b0koy2wwKLV60QIkHXAwVW2trcN26QwtzdESaTR%2BpO7tQgpFoewpRAQ48HzzREnbxOfaNNMN8B%2BuD%2B2pJxgo2hrSn9cPQL6QtxLJFGuenMk9crEoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77b67e0f3d2b2408-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: application/xml
x-ms-request-id: 399a33f7-c01e-0021-4fb9-123679000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 264
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e34ade5b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
polldaddy.com/ratings/rate.php?cmd=get&id=6422202&uid=wp-post-178423&item_id=_post_178423
192.0.123.249200 OK 0 B URL HTTP/2 polldaddy.com/ratings/rate.php?cmd=get&id=6422202&uid=wp-post-178423&item_id=_post_178423
IP 192.0.123.249:0
GET /ratings/rate.php?cmd=get&id=6422202&uid=wp-post-178423&item_id=_post_178423 HTTP/1.1
Host: polldaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gnula.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:43 GMT
content-type: application/javascript
vary: Accept-Encoding
content-language: en
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/1-styles.css HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: lMc9drvQACpBd5pyJgR1QA==
last-modified: Thu, 15 Dec 2022 16:05:34 GMT
etag: W/"0x8DADEB632B95551"
x-ms-request-id: 6e775ddb-001e-002e-0c9f-104015000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 231176
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e334b60b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: aKFt6UnI1NUrF+upCSAbIA==
last-modified: Thu, 15 Dec 2022 16:05:36 GMT
etag: W/"0x8DADEB633DB8ACC"
x-ms-request-id: 236bbc57-d01e-0060-629f-106e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 231175
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e336b8fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86327060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671351769576)%5c%2f%22%2c%22CookieTag%22%3a%223795086327060451240919C20221218822%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
mc.yandex.ru/watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F275772541574&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06srfr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A951%3Acn%3A1%3Adp%3A0%3Als%3A1319213417553%3Ahid%3A535910616%3Az%3A0%3Ai%3A20221218082244%3Aet%3A1671351764%3Arn%3A829355844%3Arqn%3A1%3Au%3A1671351761972727508%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C28%2C0%2C%2C501%2C0%2C1644%2C1644%2C0%2C952%3Aco%3A0%3Ans%3A1671351760117%3Aadb%3A2%3Aafr%3A375eba19_24-undefined-4f03ecaj_2eb2d60j_2e9c8101_30ah20gb-1280x1002x0-unspecified-%3Arqnl%3A1%3Ast%3A1671351764%3At%3AOK&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)efid(1)afr(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F275772541574&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06srfr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A951%3Acn%3A1%3Adp%3A0%3Als%3A1319213417553%3Ahid%3A535910616%3Az%3A0%3Ai%3A20221218082244%3Aet%3A1671351764%3Arn%3A829355844%3Arqn%3A1%3Au%3A1671351761972727508%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C28%2C0%2C%2C501%2C0%2C1644%2C1644%2C0%2C952%3Aco%3A0%3Ans%3A1671351760117%3Aadb%3A2%3Aafr%3A375eba19_24-undefined-4f03ecaj_2eb2d60j_2e9c8101_30ah20gb-1280x1002x0-unspecified-%3Arqnl%3A1%3Ast%3A1671351764%3At%3AOK&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)efid(1)afr(1)ti(2)
IP 77.88.21.119:0
GET /watch/87663567?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F275772541574&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06srfr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A951%3Acn%3A1%3Adp%3A0%3Als%3A1319213417553%3Ahid%3A535910616%3Az%3A0%3Ai%3A20221218082244%3Aet%3A1671351764%3Arn%3A829355844%3Arqn%3A1%3Au%3A1671351761972727508%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C28%2C0%2C%2C501%2C0%2C1644%2C1644%2C0%2C952%3Aco%3A0%3Ans%3A1671351760117%3Aadb%3A2%3Aafr%3A375eba19_24-undefined-4f03ecaj_2eb2d60j_2e9c8101_30ah20gb-1280x1002x0-unspecified-%3Arqnl%3A1%3Ast%3A1671351764%3At%3AOK&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)efid(1)afr(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ok.ru
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/87663567/1?wmode=7&page-url=https%3A%2F%2Fok.ru%2Fvideoembed%2F275772541574&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06srfr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A951%3Acn%3A1%3Adp%3A0%3Als%3A1319213417553%3Ahid%3A535910616%3Az%3A0%3Ai%3A20221218082244%3Aet%3A1671351764%3Arn%3A829355844%3Arqn%3A1%3Au%3A1671351761972727508%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C28%2C0%2C%2C501%2C0%2C1644%2C1644%2C0%2C952%3Aco%3A0%3Ans%3A1671351760117%3Aadb%3A2%3Aafr%3A375eba19_24-undefined-4f03ecaj_2eb2d60j_2e9c8101_30ah20gb-1280x1002x0-unspecified-%3Arqnl%3A1%3Ast%3A1671351764%3At%3AOK&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29pe%281%29efid%281%29afr%281%29ti%282%29
date: Sun, 18 Dec 2022 08:22:47 GMT
access-control-allow-origin: https://ok.ru
set-cookie: yabs-sid=600343441671351767; Path=/; SameSite=None; Secure
i=sjCewGLjCG2eNULFm5gf4ekjts5AMQbmRkf4CkHpyw1jwGZpjkfhgHVKJ41hUv9is1BkNTALIVFWRAOnbQRIsBYWL58=; Expires=Wed, 15-Dec-2032 08:22:43 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1265962231671351767; Expires=Mon, 18-Dec-2023 08:22:47 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1265962231671351767; Expires=Mon, 18-Dec-2023 08:22:47 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1702887767.yc.1671351767#1702887767.yrts.1671351767#1702887767.yrtsi.1671351767; Expires=Mon, 18-Dec-2023 08:22:47 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Dec-2022 08:22:47 GMT
last-modified: Sun, 18-Dec-2022 08:22:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ad.mail.ru/static/admanhtml/rbadman-html5.min.js
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/static/admanhtml/rbadman-html5.min.js
IP 95.163.41.56:0
GET /static/admanhtml/rbadman-html5.min.js HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 08:22:48 GMT
content-type: application/javascript;charset=UTF-8
expires: Sun, 18 Dec 2022 08:32:48 GMT
cache-control: max-age=600
access-control-allow-origin: *
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-casino.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-casino.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/icon-casino.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: u/57C1Al21ESpXtbDs6sbw==
last-modified: Thu, 15 Dec 2022 16:05:37 GMT
etag: W/"0x8DADEB63495E5E6"
x-ms-request-id: 1d0a2ea1-901e-003c-5f9f-103bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 231174
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e336b8cb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
ok.ru/videoembed/275772541574
217.20.155.13200 OK 0 B URL HTTP/2 ok.ru/videoembed/275772541574
IP 217.20.155.13:0
GET /videoembed/275772541574 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Sun, 18 Dec 2022 08:22:44 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=-166484140910680628; Domain=.ok.ru; Expires=Fri, 05-Jan-2091 11:36:50 GMT; Path=/; Secure; HttpOnly
_statid=9b8d9aaa-4a80-44c6-9084-6423f4113fb7; Domain=.ok.ru; Expires=Fri, 05-Jan-2091 11:36:50 GMT; Path=/; Secure; HttpOnly
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
last-modified: Wed, 09 Jun 2021 17:27:12 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: br
X-Firefox-Spdy: h2
s3.multipulter.com/modules/advarksprutoplugin.js
46.61.151.250200 OK 0 B URL HTTP/2 s3.multipulter.com/modules/advarksprutoplugin.js
IP 46.61.151.250:0
GET /modules/advarksprutoplugin.js HTTP/1.1
Host: s3.multipulter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimple.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.1
date: Sun, 18 Dec 2022 08:35:44 GMT
content-type: application/javascript
cache-control: max-age=60
content-encoding: gzip
last-modified: Thu, 12 May 2022 23:30:20 GMT
etag: "8aafa03e5866d81:0"
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:86327060-37950&btag=127656177_7DCD7C6C7B1844ADBACEA16717CCF465&bid=37950&campaignId=2809443&pid=86327060
Cookie: __ucbt=node01cdl4wavuzkcbvs9ma3m94267; uniattr=ST.0.T; uniattr_ref="https://sadnesscontemporary.com/"; affiliateId=1; B-TAG=127656177_7DCD7C6C7B1844ADBACEA16717CCF465; BID=37950; PID=86327060; REFERER=https%3A%2F%2Fsadnesscontemporary.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_7DCD7C6C7B1844ADBACEA16717CCF465%26sref%3DADST%26ADST%3D17420400%26affiliateId%3D1%26pid%3D86327060%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 18 Dec 2022 08:22:50 GMT
content-type: application/xml
x-ms-request-id: 399a33f7-c01e-0021-4fb9-123679000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 264
vary: Accept-Encoding
server: cloudflare
cf-ray: 77b67e336b8db529-OSL
content-encoding: br
X-Firefox-Spdy: h2