Report - sdw1.online/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270

Report Overview

Visited public
2023-08-10 03:51:47
Tags
URL
sdw1.online/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270
Finishing URL
press-crew.com/adarutosaito/hgmo/
IP / ASN
202.226.37.135
#131965 Xserver Inc.
Title
H:G:M:O 詳細データ評価レビュー感想体験談口コミ評判有料アダルト動画サイト比較2023年最新版

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
official555.chicappa.jp	unknown	2006-03-06	2019-01-31 00:24:57	2023-08-04 02:54:33	588 B	611 B	163.44.185.224
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-08-09 07:50:44	1.0 kB	73 kB	104.18.11.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-09 12:50:59	434 B	1.7 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-09 09:40:32	524 B	32 kB	216.58.207.227
officialsite.lolipop.jp	unknown	2001-09-21	2017-01-20 00:30:24	2023-08-05 23:52:09	1.4 kB	2.7 kB	163.44.185.217
ocsp.securecore-ca.com	unknown	2015-02-06	2015-05-31 22:52:03	2023-08-09 13:22:52	336 B	964 B	104.18.15.101
sdw1.online	unknown	2022-10-21	2019-11-01 23:49:37	2023-08-09 16:20:15	454 B	674 B	202.226.37.135
press-crew.com	unknown	2007-11-09	2020-12-10 01:57:28	2023-08-02 10:55:56	12 kB	2.3 MB	162.43.107.21
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-08-09 05:10:35	444 B	2.5 kB	104.17.25.14
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-08-09 15:30:25	431 B	30 kB	142.250.74.138
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-09 05:09:38	1.3 kB	2.8 kB	142.250.74.131
affiliate.dtiserv.com	456046	1996-09-30	2012-07-05 16:22:33	2023-08-05 18:44:48	894 B	116 kB	140.174.2.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-08-10 03:51:27	high	Client IP	202.226.37.135	ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-10	medium	sdw1.online	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js	ScriptElement	5.6 kB	2023-03-07	2025-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-11 07:40 Times Seen1358 Hash 3eac3c72434a0945b92dd4a01f7b6b4e 7767b356530e39cd76ec259320b0b2774b4097a8 ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b Loading...

	press-crew.com/adarutosaito/hgmo/	ScriptElement	22 B	2023-03-07	2025-04-02
Pretty URL press-crew.com/adarutosaito/hgmo/ IP 162.43.107.21 ASN #131965 Xserver Inc. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-04-02 04:29 Times Seen23 Hash c47ee7ca74dfec76f79303e10d469d1f ee8a4f65a013344427fc70bf951b15d0f8ce46ea 17976bc926bdc6a4c3b38d4772e836a108f8327fc05b7c446061edd2996624fd Loading...

	press-crew.com/js/vertical-responsive-menu.min.js	ScriptElement	1.2 kB	2023-03-07	2024-09-20
Pretty URL press-crew.com/js/vertical-responsive-menu.min.js IP 162.43.107.21 ASN #131965 Xserver Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2024-09-20 20:15 Times Seen20 Hash 8b75175b88f9ffe679ee8ee1a6c0c624 d698e0584dfc764a0ff61f75ece361bce6a8834d 816c1f6eb621712294f1a9af5c708d12cbbe59e184ee75afd16b8c22987a12fc Loading...

	press-crew.com/js/scrolltopcontrol.js	ScriptElement	4.6 kB	2023-03-07	2024-09-20
Pretty URL press-crew.com/js/scrolltopcontrol.js IP 162.43.107.21 ASN #131965 Xserver Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2024-09-20 20:15 Times Seen20 Hash 9177ace8da6da919226594c3d99b3bef c3559fb38a8a69f4620ca3628bccfd0cae5d245e 099dad584e1588cebc166a88236362234b313e48b88a8992e4de9ba1c1e1d258 Loading...

	officialsite.lolipop.jp/thk-analytics-124/thk/script.php	ScriptElement	5.5 kB	2023-03-08	2024-08-21
Pretty URL officialsite.lolipop.jp/thk-analytics-124/thk/script.php IP 163.44.185.217 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:20 Last Seen2024-08-21 09:41 Times Seen19 Hash f09b517c02abbea6c2db0762d3c01fb9 780e1ff817d32d62cb219d364a2f85c28babc83b 31506808f5080c4427c556fbbaaaac9677ece3fd234ab60f14ef78891c19b9f1 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-09 20:01 Times Seen159 Hash 45b39185ca580f908597130ad22093c0 243d8f5f6d482fdfb98e8ad561c4271e9a2ddcd8 9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341 Loading...

	press-crew.com/js/nav.jquery.min.js	ScriptElement	4.5 kB	2023-03-07	2024-09-20
Pretty URL press-crew.com/js/nav.jquery.min.js IP 162.43.107.21 ASN #131965 Xserver Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2024-09-20 20:15 Times Seen20 Hash 5c14183cdd50de3987d956fdf88605c5 1063ffd18a67ef741fd5116eedd4995006c69c55 a6ca6d9bd85572b2d44f67096aecd736902a9ced663990de2f413c1e5ae90397 Loading...

	press-crew.com/js/footerFixed.js	ScriptElement	2.0 kB	2023-03-07	2025-02-20
Pretty URL press-crew.com/js/footerFixed.js IP 162.43.107.21 ASN #131965 Xserver Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-02-20 05:40 Times Seen34 Hash 41fa6321bd6816f6fc365869ec1a4f8a 8bff786e8c3fa6c2855818080cee736d6c2f7150 451c548511ab368a8f943b6facb3082ada3101c2df2ea3d6938b07cdeed88c8a Loading...

	officialsite.lolipop.jp/thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fhgmo%2F&TI=H%3AG%3AM%3AO%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832023%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=35	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL officialsite.lolipop.jp/thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fhgmo%2F&TI=H%3AG%3AM%3AO%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832023%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=35 IP 163.44.185.217 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 10:35 Times Seen4653371 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (43)

URL IP Response Size

ocsp.securecore-ca.com/

104.18.15.101

472 B

URL
ocsp.securecore-ca.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
581120ba3aa12d372da1c7c9e02d611d
4a3537cb3d6f6ee28f065e99e4931626def12980
0870f4a88f1e90b474a837d7725f77dfc2168797de1ab15f7beafbf77cb407be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.securecore-ca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 10 Aug 2023 03:51:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 07 Aug 2023 12:06:41 GMT
Expires: Mon, 14 Aug 2023 12:06:40 GMT
Etag: "4a3537cb3d6f6ee28f065e99e4931626def12980"
Cache-Control: max-age=375925,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f4547dc5a18b4f7-OSL

sdw1.online/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270

202.226.37.135

301 Moved Permanently

348 B

URL User Request GET HTTP/1.1
sdw1.online/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270
IP
202.226.37.135:80
ASN
#131965 Xserver Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
348 B (348 bytes)
Hash
a827a25c29cc0c9f53c42168c1821c0c
f91804581a67282398bfcfaf2d42c2ae61024246
e71f93e595e531a6ed45f79ff6269d4cab5902e0fbd8068eb7e2c957265f9e80

Detections

Analyzer	Verdict	Alert
quad9	malicious	Sinkholed

NIDS	Severity	Alert
suricata	high	ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016

HTTP Headers

GET /dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270 HTTP/1.1
Host: sdw1.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 10 Aug 2023 03:51:30 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 348
Connection: keep-alive
Location: https://official555.chicappa.jp/page/press-crew.com.adarutosaito.hgmo/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270

official555.chicappa.jp/page/press-crew.com.adarutosaito.hgmo/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270

163.44.185.224

301 Moved Permanently

319 B

URL User Request GET HTTP/2
official555.chicappa.jp/page/press-crew.com.adarutosaito.hgmo/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270
IP
163.44.185.224:443
ASN
#7506 GMO Internet,Inc

Certificate
IssuerLet's Encrypt
Subject*.10gallon.jp
Fingerprint2E:D3:13:A6:11:46:DB:70:36:2F:E9:BF:6D:FD:29:F3:09:70:27:48
ValidityTue, 13 Jun 2023 04:03:54 GMT - Mon, 11 Sep 2023 04:03:53 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
319 B (319 bytes)
Hash
5fe7c5699e43fd5d7b283d4eceeb3854
1e271ceb292a5e6958979415e5f827d861f529b4
700c8752426c3cc6135ad7e4edc5deed13f82d4c0596c99d872ce7cd4eeac105

HTTP Headers

GET /page/press-crew.com.adarutosaito.hgmo/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270 HTTP/1.1
Host: official555.chicappa.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 10 Aug 2023 03:51:31 GMT
content-type: text/html; charset=iso-8859-1
content-length: 319
location: https://press-crew.com/adarutosaito/hgmo/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270
server: Apache
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270

162.43.107.21

302 Found

225 B

URL User Request GET HTTP/2
press-crew.com/adarutosaito/hgmo/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
225 B (225 bytes)
Hash
de666fd6e7894f78c2aa6e02dfff3714
f41dff44ea29327feae26a1a1216fc4b76771f7a
1b4409ed0fa993da2a18cd41d2069d8343ae96840f1f6a822d2f524b618886ed

HTTP Headers

GET /adarutosaito/hgmo/dws/disc-file/Alcohol/Alcohol_120_v2.0.3.exe?EsetProtoscanCtx=1dcab270 HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 10 Aug 2023 03:51:32 GMT
content-type: text/html; charset=iso-8859-1
content-length: 225
location: https://press-crew.com/adarutosaito/hgmo/
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

104.18.11.207

200 OK

6.5 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (26548)
Size
6.5 kB (6488 bytes)
Hash
0831cba6a670e405168b84aa20798347
05ea25bc9b3ac48993e1fee322d3bc94b49a6e22
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

HTTP Headers

GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 5550244
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7f4547f04b721c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js

104.17.25.14

200 OK

1.5 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
1.5 kB (1508 bytes)
Hash
3eac3c72434a0945b92dd4a01f7b6b4e
7767b356530e39cd76ec259320b0b2774b4097a8
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

HTTP Headers

GET /ajax/libs/jquery-easing/1.3/jquery.easing.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 1508
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942b1a-5e4"
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 607243
expires: Tue, 30 Jul 2024 03:51:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbGTfPs8wGJhPngpkXO%2BDNC8s89Jr7bqlF%2BB9iAc2HL%2FFHxR8C9%2BWShNCzGH%2BaHeUASdf4LhnCMir9%2F2dPwgzQTgIIt9dG2yLzPBnRPYfJrxOPE1wqtlTc8sucK9Ioh5QajoUrK1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7f4547f18ffe0b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

press-crew.com/h2.gif

162.43.107.21

200 OK

891 B

URL GET HTTP/2
press-crew.com/h2.gif
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
GIF image data, version 89a, 145 x 20\012- data
Size
891 B (891 bytes)
Hash
54972197dee2b92f95079d72fe1a2681
f111da8e4a64a7773a6c88c71fe76838d0ba1e74
6e3eb6dca8e0e1680a2c6c8646137e654d6e1137a3a388de7df1b8f14b54e9de

HTTP Headers

GET /h2.gif HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/gif
content-length: 891
last-modified: Sat, 18 Feb 2023 13:08:43 GMT
etag: "37b-5f4f9211ba2ce"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/header.jpg

162.43.107.21

200 OK

72 kB

URL GET HTTP/2
press-crew.com/header.jpg
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 900x200, components 3\012- data
Size
72 kB (72187 bytes)
Hash
8c9ce6d79df09c50f71a4f4ac7e46aca
036293579496036b220109d03630b2bf2d66f3d7
12ef1ef1e80cc4c48e3daf4c0bc24669f7e9021ace23aec3edefb2658c7c396e

HTTP Headers

GET /header.jpg HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/jpeg
content-length: 72187
last-modified: Sat, 18 Feb 2023 13:08:43 GMT
etag: "119fb-5f4f92129eb09"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/contents1.png

162.43.107.21

200 OK

13 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/contents1.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 701 x 79, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12966 bytes)
Hash
152317ba1dcbe0d11617c9c241bba145
bcccdd66d14d92e8d61e79630a675cfa609d6f33
2340ee032bb5069aa8dfefac87ec3547e98cad6f5647ae6db38d23aa83b4718d

HTTP Headers

GET /adarutosaito/hgmo/contents1.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 12966
last-modified: Sat, 18 Feb 2023 13:15:18 GMT
etag: "32a6-5f4f938af2fc6"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint76:6B:FF:33:88:3C:50:72:1C:E1:96:2F:6E:FB:D0:D9:32:9D:FF:2F
ValidityMon, 10 Jul 2023 08:21:11 GMT - Mon, 02 Oct 2023 08:21:10 GMT

File type
ASCII text, with very long lines (32253)
Size
30 kB (29456 bytes)
Hash
45b39185ca580f908597130ad22093c0
243d8f5f6d482fdfb98e8ad561c4271e9a2ddcd8
9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341

HTTP Headers

GET /ajax/libs/jquery/2.0.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Aug 2023 10:49:45 GMT
expires: Fri, 02 Aug 2024 10:49:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 579708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b100c1d0401a01fbdf9a2412d8a9bae2
ef218a1ca642da3f38bb10f48e7f661ac11409bd
4b510b3f3105fc3585160bc5badc501b17eb0dd654fe9cd19f25bd5101fc846c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Aug 2023 03:51:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Playball|Teko

142.250.74.106

200 OK

1.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Playball|Teko
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint76:6B:FF:33:88:3C:50:72:1C:E1:96:2F:6E:FB:D0:D9:32:9D:FF:2F
ValidityMon, 10 Jul 2023 08:21:11 GMT - Mon, 02 Oct 2023 08:21:10 GMT

File type
gzip compressed data, max compression\012- data
Size
1.0 kB (1037 bytes)
Hash
4645fd470191f2665a552db4ce1fba7b
92356577298cd87aa104273c43fa05ffd5f3c6a2
f0590c30125db414b57fa9d1b282cb897843c0c1cf7ccfe1f8692e2276a8b047

HTTP Headers

GET /css?family=Playball|Teko HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Aug 2023 03:51:33 GMT
date: Thu, 10 Aug 2023 03:51:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b100c1d0401a01fbdf9a2412d8a9bae2
ef218a1ca642da3f38bb10f48e7f661ac11409bd
4b510b3f3105fc3585160bc5badc501b17eb0dd654fe9cd19f25bd5101fc846c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Aug 2023 03:51:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

press-crew.com/adarutosaito/hgmo/contents2.png

162.43.107.21

200 OK

5.1 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/contents2.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 475 x 39, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5055 bytes)
Hash
9c4f983f3666a82fe06757a9eab4138a
d00834d1653544a9e847964a02274bb049f4ab18
495bdc9395224fd925574070e5a964f61b299a37bf12149152deb83b12766764

HTTP Headers

GET /adarutosaito/hgmo/contents2.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 5055
last-modified: Sat, 18 Feb 2023 13:15:18 GMT
etag: "13bf-5f4f938b03966"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/hgmo.png

162.43.107.21

200 OK

132 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/hgmo.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 659 x 319, 8-bit/color RGBA, non-interlaced\012- data
Size
132 kB (131763 bytes)
Hash
31fc92f54ff4f9286e8483fba1fb350f
533035aeb76b89baaa58c58c800263d9ba7dbeb6
02d36b8d51f58d988ffa0dd355b366ff69db9f0f11d989dd58b6e7a422ff7412

HTTP Headers

GET /adarutosaito/hgmo/hgmo.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 131763
last-modified: Sat, 18 Feb 2023 13:15:19 GMT
etag: "202b3-5f4f938c111e0"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/contents4.png

162.43.107.21

200 OK

10 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/contents4.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 484 x 157, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10008 bytes)
Hash
35cdea3d0b782105c47fcc280417a4aa
2b8959478e4b0a8e48e019107a3c6a8ef46dd0b8
8b09d368658c99b9cb04c9187f657745b47ccbce58d2930a79b42fe22bf34f13

HTTP Headers

GET /adarutosaito/hgmo/contents4.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 10008
last-modified: Sat, 18 Feb 2023 13:15:18 GMT
etag: "2718-5f4f938b152a6"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/contents3.png

162.43.107.21

200 OK

28 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/contents3.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 701 x 429, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28482 bytes)
Hash
877f075780908bbb57cbfffe263a3f80
258b9a71af333b488860d3193caee2896cf3cc37
cb2646cad9d2a8c2af58b0796a2ef1bc28292df593970d7caee000dcdfede6ea

HTTP Headers

GET /adarutosaito/hgmo/contents3.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 28482
last-modified: Sat, 18 Feb 2023 13:15:18 GMT
etag: "6f42-5f4f938b077e6"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/contents5.png

162.43.107.21

200 OK

6.3 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/contents5.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 607 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
6.3 kB (6340 bytes)
Hash
8d9ea4df20680e2687f33250ac3e599c
974c082ebac38ece994b3420d2bf1fab650138f9
9151bea699dc4f7a8b80b5cdb894b4e576a2202477aa2a08b50122bbd313e28d

HTTP Headers

GET /adarutosaito/hgmo/contents5.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 6340
last-modified: Sat, 18 Feb 2023 13:15:18 GMT
etag: "18c4-5f4f938b16246"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/jcb.png

162.43.107.21

200 OK

51 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/jcb.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 85 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (50659 bytes)
Hash
8adaad75225943e3b18d6e3e2736d389
a6b2ae0f6f37e444c25cdc7f8470f6304aeef904
a933cda18c395bec4bb580d9be8b13e69ebbe28887ae1b6e6591d90925ab3ea3

HTTP Headers

GET /adarutosaito/hgmo/jcb.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 50659
last-modified: Sat, 18 Feb 2023 13:15:19 GMT
etag: "c5e3-5f4f938c24a60"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/link.jpg

162.43.107.21

200 OK

631 B

URL GET HTTP/2
press-crew.com/link.jpg
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 10x11, components 3\012- data
Size
631 B (631 bytes)
Hash
9b7245f6873de0b1c61fd7709f436ee7
574169a033ddb77458c7d82e344539cde3bcba3f
b91d15991a39c0bb192c46636475c0f1c497e0c6ed6cbd7794ed62d156e08ebf

HTTP Headers

GET /link.jpg HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/jpeg
content-length: 631
last-modified: Sat, 18 Feb 2023 13:08:46 GMT
etag: "277-5f4f92151c61b"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/master.png

162.43.107.21

200 OK

50 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/master.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 85 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
50 kB (49870 bytes)
Hash
daff66a92ecb7900632ecff9a3c21a92
45e70636292be5164f650acc8409e1bb64efdf4d
b9bda0277904fafc8969a216eb5553477ba9328102b533a9be707394d16fe615

HTTP Headers

GET /adarutosaito/hgmo/master.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 49870
last-modified: Sat, 18 Feb 2023 13:15:19 GMT
etag: "c2ce-5f4f938c3733f"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/visa.png

162.43.107.21

200 OK

49 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/visa.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 85 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (48787 bytes)
Hash
9c9142534c278dd6d76e8e98664458e6
b429f74251a90c7b76b6027ebc8aabb926ea1c88
e5e5b79d8f6c76aeebe11fb95c5519b2d9d977358c9cefb15ec04804b2325981

HTTP Headers

GET /adarutosaito/hgmo/visa.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 48787
last-modified: Sat, 18 Feb 2023 13:15:19 GMT
etag: "be93-5f4f938c3c15f"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/diners.png

162.43.107.21

200 OK

53 kB

URL GET HTTP/2
press-crew.com/adarutosaito/hgmo/diners.png
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
PNG image data, 85 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
53 kB (53065 bytes)
Hash
7dd453615af35b555bfab0b0488bb387
8d72ac58c3d814ce264d664052ddefc6d054ecd2
19dd4a01f66c3c047fe8884a538711ce713d0503cf178190bbcba3b24ac20e9a

HTTP Headers

GET /adarutosaito/hgmo/diners.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: image/png
content-length: 53065
last-modified: Sat, 18 Feb 2023 13:15:18 GMT
etag: "cf49-5f4f938b2ba05"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2

affiliate.dtiserv.com/image/carib/06-700-02.jpg

140.174.2.195

200 OK

66 kB

URL GET HTTP/1.1
affiliate.dtiserv.com/image/carib/06-700-02.jpg
IP
140.174.2.195:443
ASN
#30212 HYPERMEDIA-SYSTEMS

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectaffiliate.dtiserv.com
FingerprintFD:72:01:78:53:04:CF:64:5F:E7:3A:F9:08:EA:D7:EC:AC:E9:DA:22
ValidityMon, 31 Jul 2023 15:22:32 GMT - Sun, 29 Oct 2023 15:22:31 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x200, components 3\012- data
Size
66 kB (65888 bytes)
Hash
788d6e04684096d646614effef4e6da1
06e27b1d8e3fadc43e6a9ecd0320c4abd7909879
fa87b3322c725be1903c4e5c9bad3ef6acc0a2ee11193a77aa9bbef2b6f8647e

HTTP Headers

GET /image/carib/06-700-02.jpg HTTP/1.1
Host: affiliate.dtiserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 10 Aug 2023 03:51:33 GMT
Content-Type: image/jpeg
Content-Length: 65888
Last-Modified: Wed, 02 Aug 2023 15:42:00 GMT
Connection: keep-alive
ETag: "64ca7948-10160"
X-Sh: 107
Strict-Transport-Security: max-age=31536000
X-Requested-Domain: affiliate.dtiserv.com
Accept-Ranges: bytes

affiliate.dtiserv.com/image/allyoucanwatch/15070001.jpg

140.174.2.195

200 OK

50 kB

URL GET HTTP/1.1
affiliate.dtiserv.com/image/allyoucanwatch/15070001.jpg
IP
140.174.2.195:443
ASN
#30212 HYPERMEDIA-SYSTEMS

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectaffiliate.dtiserv.com
FingerprintFD:72:01:78:53:04:CF:64:5F:E7:3A:F9:08:EA:D7:EC:AC:E9:DA:22
ValidityMon, 31 Jul 2023 15:22:32 GMT - Sun, 29 Oct 2023 15:22:31 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x200, components 3\012- data
Size
50 kB (49786 bytes)
Hash
596b10a14800845b643c5dd2584f2b0c
f6db0962c8c974aa6e7ce062c8e5dcec14360fcf
2b04e32ddd2995e3c588577a882f3309f32f6c589b3da9d617f5aa69c3fd3ff5

HTTP Headers

GET /image/allyoucanwatch/15070001.jpg HTTP/1.1
Host: affiliate.dtiserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 10 Aug 2023 03:51:33 GMT
Content-Type: image/jpeg
Content-Length: 49786
Last-Modified: Tue, 27 Jul 2021 15:08:49 GMT
Connection: keep-alive
ETag: "61002181-c27a"
X-Sh: 104
Strict-Transport-Security: max-age=31536000
X-Requested-Domain: affiliate.dtiserv.com
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9115403309710ae628c8f6577fc80585
3f53060b6f0e9f599b952c07f4bea5ff67c2e098
92a4cd331add3ed01c2c090c90618890decc6e6d7a848e22cbd5522f1579c5fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Aug 2023 03:51:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

104.18.11.207

200 OK

64 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size
64 kB (64464 bytes)
Hash
4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

HTTP Headers

GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://press-crew.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 10 Aug 2023 03:51:34 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 06/09/2022 10:24:04
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 94e33e5255d1aad87396351e47b0e3e7
cdn-cache: HIT
cf-cache-status: HIT
age: 48655
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7f4547f96ad6b505-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2

216.58.207.227

200 OK

32 kB

URL GET HTTP/2
fonts.gstatic.com/s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1D:CB:14:A0:BA:14:B6:03:59:6D:D5:E2:F5:4C:73:E3:FF:73:57:90
ValidityMon, 10 Jul 2023 08:21:12 GMT - Mon, 02 Oct 2023 08:21:11 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31564, version 1.0\012- data
Size
32 kB (31564 bytes)
Hash
34b8d410c61dcbac31c06d4e72e17e22
f8edc32d045953f1190f2503da2bd590048f5fc6
21a5a1944ae56ff8b3142b32a4e54eab52dd4a630d2161179b8b98a5cbe8b80d

HTTP Headers

GET /s/playball/v17/TK3gWksYAxQ7jbsKcg8Eneo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://press-crew.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Aug 2023 11:15:44 GMT
expires: Sun, 04 Aug 2024 11:15:44 GMT
cache-control: public, max-age=31536000
age: 405350
last-modified: Tue, 02 May 2023 16:04:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9115403309710ae628c8f6577fc80585
3f53060b6f0e9f599b952c07f4bea5ff67c2e098
92a4cd331add3ed01c2c090c90618890decc6e6d7a848e22cbd5522f1579c5fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Aug 2023 03:51:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

officialsite.lolipop.jp/thk-analytics-124/thk/script.php

163.44.185.217

200 OK

2.2 kB

URL GET HTTP/2
officialsite.lolipop.jp/thk-analytics-124/thk/script.php
IP
163.44.185.217:443
ASN
#7506 GMO Internet,Inc

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subject*.10gallon.jp
Fingerprint2E:D3:13:A6:11:46:DB:70:36:2F:E9:BF:6D:FD:29:F3:09:70:27:48
ValidityTue, 13 Jun 2023 04:03:54 GMT - Mon, 11 Sep 2023 04:03:53 GMT

File type
HTML document, ASCII text, with very long lines (1017)
Size
2.2 kB (2173 bytes)
Hash
f09b517c02abbea6c2db0762d3c01fb9
780e1ff817d32d62cb219d364a2f85c28babc83b
31506808f5080c4427c556fbbaaaac9677ece3fd234ab60f14ef78891c19b9f1

HTTP Headers

GET /thk-analytics-124/thk/script.php HTTP/1.1
Host: officialsite.lolipop.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 10 Aug 2023 03:51:34 GMT
content-type: application/x-javascript
content-length: 2173
server: Apache
x-powered-by: PHP/7.4.33
vary: Range,Accept-Encoding
accept-ranges: none
content-encoding: gzip
X-Firefox-Spdy: h2

officialsite.lolipop.jp/thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fhgmo%2F&TI=H%3AG%3AM%3AO%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832023%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=35

163.44.185.217

200 OK

0 B

URL GET HTTP/2
officialsite.lolipop.jp/thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fhgmo%2F&TI=H%3AG%3AM%3AO%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832023%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=35
IP
163.44.185.217:443
ASN
#7506 GMO Internet,Inc

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subject*.10gallon.jp
Fingerprint2E:D3:13:A6:11:46:DB:70:36:2F:E9:BF:6D:FD:29:F3:09:70:27:48
ValidityTue, 13 Jun 2023 04:03:54 GMT - Mon, 11 Sep 2023 04:03:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fhgmo%2F&TI=H%3AG%3AM%3AO%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832023%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=35 HTTP/1.1
Host: officialsite.lolipop.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 10 Aug 2023 03:51:35 GMT
content-type: application/x-javascript
content-length: 0
server: Apache
x-powered-by: PHP/7.4.33
set-cookie: _thk_uid=dMgD4A; path=/thk-analytics-124/thk/; domain=officialsite.lolipop.jp
vary: Range
accept-ranges: none
X-Firefox-Spdy: h2

press-crew.com/favicon.ico

162.43.107.21

302 Found

207 B

URL GET HTTP/2
press-crew.com/favicon.ico
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
207 B (207 bytes)
Hash
3903c7e8080d5582285ff3818f731d95
3c27ee839b45ed21ac0bbb0c622f9c94218c07ea
d790e346d005d38c2524ee663c521d3845fb820f35287e04154d5a582abafdb1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 10 Aug 2023 03:51:35 GMT
content-type: text/html; charset=iso-8859-1
content-length: 207
location: https://press-crew.com/
expires: Thu, 17 Aug 2023 03:51:35 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2

press-crew.com/css/style.css

162.43.107.21

200 OK

2.7 kB

URL GET HTTP/2
press-crew.com/css/style.css
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (2933), with no line terminators
Size
2.7 kB (2727 bytes)
Hash
8eeb6738729d8ed7cdb24953cadf065f
bab3adf8d5a7a314cfb66cd4f47f612360e4d7a7
7c583d8c271c64c682526b8159d0626d62f362d095738eacb77ece65e73af8cc

HTTP Headers

GET /css/style.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:42:57 GMT
etag: W/"aa7-5f4f99b9319bb"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/js/scrolltopcontrol.js

162.43.107.21

200 OK

4.6 kB

URL GET HTTP/2
press-crew.com/js/scrolltopcontrol.js
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
ASCII text, with very long lines (4714), with no line terminators
Size
4.6 kB (4595 bytes)
Hash
d52482ba2959176a3c679f69b89f86bf
b8f53c54eb258d64c805c740411d8451ccd5c1eb
8ce0d5a8aa00e4b7e4b8593ef8d55166ed4626d7b4b9fbfe23ff15faeb8e88fc

HTTP Headers

GET /js/scrolltopcontrol.js HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:43:09 GMT
etag: W/"11f3-5f4f99c4d12df"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/hgmo/

162.43.107.21

200 OK

388 kB

URL User Request GET HTTP/2
press-crew.com/adarutosaito/hgmo/
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type

Size
388 kB (387518 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adarutosaito/hgmo/ HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/css/nav-layout.css

162.43.107.21

200 OK

3.8 kB

URL GET HTTP/2
press-crew.com/css/nav-layout.css
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (4025), with no line terminators
Size
3.8 kB (3755 bytes)
Hash
f66b219fb2007e3cee4e425aa312e56d
7da1be714f47d9799ce1f1d067fd658905f12237
cb367fcf25a26cb5b08d60dd1cead3dfd399ed3695b673c28d83a837e1211907

HTTP Headers

GET /css/nav-layout.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:42:57 GMT
etag: W/"eab-5f4f99b92fa7b"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/css/horizontal_menu.css

162.43.107.21

200 OK

1.4 kB

URL GET HTTP/2
press-crew.com/css/horizontal_menu.css
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (1528), with no line terminators
Size
1.4 kB (1421 bytes)
Hash
64ed06d563006115e358f8c77ff88914
e79c6f5c2e49acfb13443acced1c269d72668826
c4b3a686985a10ee36479e1a528f33de881a60eca30eff3ca8d373b5a95471ec

HTTP Headers

GET /css/horizontal_menu.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:42:57 GMT
etag: W/"58d-5f4f99b91931b"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/

162.43.107.21

200 OK

1.4 MB

URL GET HTTP/2
press-crew.com/
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type

Size
1.4 MB (1440976 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://press-crew.com/adarutosaito/hgmo/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/js/footerFixed.js

162.43.107.21

200 OK

1.9 kB

URL GET HTTP/2
press-crew.com/js/footerFixed.js
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (1665), with NEL line terminators
Size
1.9 kB (1853 bytes)
Hash
b8fb8a017a90d1d7b54f29a7c6b41955
277a27b07d658d3350ad801c16c9fb83a19061d8
0ef34ee3568b9d78d55cab639a4598964cf5c7bc5ada178a71f34ea3fe892fd9

HTTP Headers

GET /js/footerFixed.js HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:43:08 GMT
etag: W/"73d-5f4f99c3b01e5"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/css/vertical-responsive-menu.css

162.43.107.21

200 OK

5.8 kB

URL GET HTTP/2
press-crew.com/css/vertical-responsive-menu.css
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (6112), with no line terminators
Size
5.8 kB (5758 bytes)
Hash
51ab0a5841925228de423ea575332b51
07d443229c4a9b621077b59c8d90554864ef3826
02e7f75a04baa3fc9319796d5550aff97c80256282a68da39b1af60d156c3f63

HTTP Headers

GET /css/vertical-responsive-menu.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:42:57 GMT
etag: W/"167e-5f4f99b93f47a"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/css/content.css

162.43.107.21

200 OK

9.5 kB

URL GET HTTP/2
press-crew.com/css/content.css
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (9993), with no line terminators
Size
9.5 kB (9479 bytes)
Hash
6a8eed6b0f49847ca3027709abd30c36
324e22d26cf8ac07d72bdc031b0078d0ce13e2f0
899cc8cb063c443009322f3d4fa04333b52c9676ea44f8b7b63c5f9ab4a56cda

HTTP Headers

GET /css/content.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:42:57 GMT
etag: W/"2507-5f4f99b8e56fc"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/js/nav.jquery.min.js

162.43.107.21

200 OK

4.5 kB

URL GET HTTP/2
press-crew.com/js/nav.jquery.min.js
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
ASCII text, with very long lines (4676), with no line terminators
Size
4.5 kB (4478 bytes)
Hash
c9eade6dcae7b0f5aa88a343fc25ee61
5f46b677ac3be31865510bdd206426dd37c49e53
845863f8b50124e9a87ef97ef786b7e98d2b34390af5639b835f2235aa2ff5e1

HTTP Headers

GET /js/nav.jquery.min.js HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:43:09 GMT
etag: W/"117e-5f4f99c4b9be0"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

press-crew.com/js/vertical-responsive-menu.min.js

162.43.107.21

200 OK

1.2 kB

URL GET HTTP/2
press-crew.com/js/vertical-responsive-menu.min.js
IP
162.43.107.21:443
ASN
#131965 Xserver Inc.

Requested by
https://press-crew.com/adarutosaito/hgmo/
Certificate
IssuerLet's Encrypt
Subjectwww.press-crew.com
FingerprintC8:28:5D:83:F9:BC:C2:25:F0:1A:EC:5C:5E:80:CC:6A:3C:9E:63:2A
ValiditySun, 18 Jun 2023 23:32:22 GMT - Sat, 16 Sep 2023 23:32:21 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1223), with no line terminators
Size
1.2 kB (1168 bytes)
Hash
6096f3307322589056eb749054b225e8
01852f834666d76921936f5dc19e385a8897bd44
c2f6d62be9e1621403326c3920f788108674ab073b9f8f173d525aa4a9586725

HTTP Headers

GET /js/vertical-responsive-menu.min.js HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/hgmo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 10 Aug 2023 03:51:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 18 Feb 2023 13:43:10 GMT
etag: W/"490-5f4f99c4f06df"
expires: Thu, 17 Aug 2023 03:51:33 GMT
cache-control: max-age=604800
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (43)

URL

IP

ASN