fakaza.me/
104.21.64.43301 Moved Permanently 0 B IP 104.21.64.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: fakaza.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 08:29:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 26 Jan 2023 09:29:17 GMT
Location: https://fakaza.me/
Server-Timing: cf-q-config;dur=7.0000000960135e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HysG5yg1BYMPWyleYfQ2wpKwcNwXB%2BMpKAhHmL3tbD0%2F%2BtMP0HHGnsRyeGwBjURWjeVlw14iId8EAdwdIL50H7qSOWCMKMDY6vStvRw%2BRBOJkHWNXrEXweE01I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f7e148ae1d0b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15786
Expires: Thu, 26 Jan 2023 12:52:23 GMT
Date: Thu, 26 Jan 2023 08:29:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8548
Expires: Thu, 26 Jan 2023 10:51:45 GMT
Date: Thu, 26 Jan 2023 08:29:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5487
Expires: Thu, 26 Jan 2023 10:00:44 GMT
Date: Thu, 26 Jan 2023 08:29:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 07:42:52 GMT
content-type: application/json
age: 2785
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f2pDbi+Q+QgaCYSqBqpFadxtn97kamM4NEKntlnMBPOQ9EtNDghdc+VxUBKgWtOGZ7WcGKo+gEI=
x-amz-request-id: GPA26QSGW4H2K6Z5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 07:48:53 GMT
age: 2424
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 950dfada499be9eebf95ec5cdc8ec93d
bc64b17ab19e2fb13a1a62fc752dd90584e6cf12
7579d84385248a001140e5ae7d55d7948253e673925f2349d29ec2b763a5e5df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=154211
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:17 GMT
Etag: "63d1f140-117"
Expires: Sat, 28 Jan 2023 03:19:28 GMT
Last-Modified: Thu, 26 Jan 2023 03:19:28 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:17 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 07:41:40 GMT
age: 2858
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9496
Expires: Thu, 26 Jan 2023 11:07:34 GMT
Date: Thu, 26 Jan 2023 08:29:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 950dfada499be9eebf95ec5cdc8ec93d
bc64b17ab19e2fb13a1a62fc752dd90584e6cf12
7579d84385248a001140e5ae7d55d7948253e673925f2349d29ec2b763a5e5df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=154211
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:18 GMT
Etag: "63d1f140-117"
Expires: Sat, 28 Jan 2023 03:19:29 GMT
Last-Modified: Thu, 26 Jan 2023 03:19:28 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Fri, 26 Jan 2024 08:29:18 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cLEzBeJCrYff+gesiOEOHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hqQc1RaLxrYjy1Bpxvx34cAer/Y=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 90eb95f4c6b098a7db4bdf5a045ea18b
2390704be27f0354795581b30c23a4ba5e172dad
bc934866dc7ff5507e60f726dfcba9cc4410231bcfe05dc033c51585e8ebfab5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC934866DC7FF5507E60F726DFCBA9CC4410231BCFE05DC033C51585E8EBFAB5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2822
Expires: Thu, 26 Jan 2023 09:16:20 GMT
Date: Thu, 26 Jan 2023 08:29:18 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uwoaptee.com/zone?pub=0&zone_id=4699893&is_mobile=false&domain=fakaza.me&var=&ymid=&var_3=
139.45.197.251200 OK 705 B URL HTTP/2 uwoaptee.com/zone?pub=0&zone_id=4699893&is_mobile=false&domain=fakaza.me&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (704)
Hash c8dbe2aeb7d8a88985de2d2f7c5ecb09
2d38d48e27d57a9d05f802d2b37b84a52c78b469
8011a8d71a3c8bff51d60d7e06ea2674cfa497593a86e9a7ded3d8bdc063f2c5
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=4699893&is_mobile=false&domain=fakaza.me&var=&ymid=&var_3= HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: b5b7ac4507ae11570f89befd9f39c55c
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
uwoaptee.com/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
uwoaptee.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Content-Type: application/json
Origin: https://fakaza.me
Content-Length: 355
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5de50e9d3c6de528dda1c46b402da238
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 8.6 kB IP 142.250.74.131:0
Hash 344a848e292a8def6953286f965478cb
79f21ab762aa748ea510123121acc2e8b330fbe4
5b93c6e7cf5a445ad576e5fa0a5ff33c48c1843ebbbded0b8c2980fac2478356
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uwoaptee.com/pfe/current/tag.min.js?z=4699893
139.45.197.251200 OK 6.5 kB URL HTTP/2 uwoaptee.com/pfe/current/tag.min.js?z=4699893
IP 139.45.197.251:0
Hash fbff051441dd2bbb5c48a2d8771a5d3a
c2ee864e59b54fbfdb8fc27093226207ef210648
74555ba2c880dd2b93c4ec2d715a46fd511612cb3a3e8d5a1f5dbe11aa318e6e
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=4699893 HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 14:31:33 GMT
etag: W/"63cfebc5-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/css/jetpack.css
192.0.77.37200 OK 16 kB URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/css/jetpack.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 6a026dfecb8d3db71af31d1568e62aa8
6da3e4c6b220973d2206974c72d912a64c7c2d77
2b925781057ede4ab5a20d201ce5072391aa39603dc277ea67d295f292782d33
GET /p/jetpack/11.7.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 16 Jan 2023 17:26:50 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:18 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sarala/v10/uK_y4riEZv4o1w9hDRcS.woff2
142.250.74.35200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/sarala/v10/uK_y4riEZv4o1w9hDRcS.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17816, version 1.0\012- data
Hash a09d5c9e271b6c7ddfa5b898468657bf
616ed3a9e8b10dae291bf4956987533757e5c9ea
06ddbc7856b40694ab7981a5b14927abd176e7a094404e4a4df00deccc426bba
GET /s/sarala/v10/uK_y4riEZv4o1w9hDRcS.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 16:11:32 GMT
expires: Tue, 23 Jan 2024 16:11:32 GMT
cache-control: public, max-age=31536000
age: 231467
last-modified: Wed, 27 Apr 2022 17:02:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/adamina/v21/j8_r6-DH1bjoc-dwi-3UEA.woff2
142.250.74.35200 OK 29 kB URL HTTP/2 fonts.gstatic.com/s/adamina/v21/j8_r6-DH1bjoc-dwi-3UEA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 29112, version 1.0\012- data
Hash a08d32710fe32c703f88a0c1805b1556
cf51b7d1efb30b3f9b058168f5d86535d367fe41
001e01743c8decedc83106cf24adfa3a97369faaa9377c42f67edf0acac860e4
GET /s/adamina/v21/j8_r6-DH1bjoc-dwi-3UEA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:49:20 GMT
expires: Wed, 24 Jan 2024 18:49:20 GMT
cache-control: public, max-age=31536000
age: 135599
last-modified: Tue, 19 Apr 2022 19:13:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sarala/v10/uK_x4riEZv4o1w9ptjIHPd-Z.woff2
142.250.74.35200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/sarala/v10/uK_x4riEZv4o1w9ptjIHPd-Z.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17988, version 1.0\012- data
Hash e4c58ee3d49fae04eb9af22457c84fd0
0ed2bab0c2369647eaac79553bcb9a2d26266a30
a6c243eef301305bcc4e06bdff3d9c821ffe084758a979338f8d3e72755d2cf4
GET /s/sarala/v10/uK_x4riEZv4o1w9ptjIHPd-Z.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 16:09:08 GMT
expires: Tue, 23 Jan 2024 16:09:08 GMT
cache-control: public, max-age=31536000
age: 231611
last-modified: Wed, 27 Apr 2022 16:05:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/s/requestform.js?siteId=57902&formatId=2
185.76.9.17200 OK 18 kB URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=57902&formatId=2
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
Hash 7d25763e6ce0ead1d26e73a609127a79
2b2115762f9f67a2110371fc3e4c20a2c9fe29ae
8c83958e349fade1ded00d761b7cfc5d56e18b28bbb01639e8e0aed0f1bc2b91
GET /s/requestform.js?siteId=57902&formatId=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1675315033
server: CDN77-Turbo
x-77-nzt: AblMCQ18sCT/Bi0AAA
x-77-nzt-ray: c0a4cc287a876189df39d263b3e27b12
x-cache: HIT
x-age: 11526
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
i0.wp.com/fakaza.me/wp-content/uploads/2019/12/cropped-images-2-1.png?fit=192%2C192&ssl=1
192.0.77.2200 OK 8.5 kB URL HTTP/2 i0.wp.com/fakaza.me/wp-content/uploads/2019/12/cropped-images-2-1.png?fit=192%2C192&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 68af8b72f7edb4ea11378d508eb94265
9a917ddb1d23bf84654ac4e8ac536cbe1d8e3d46
6b7f3942832219dd4dcecbfd983854eadca81447c4e445defba7a650feda2a47
GET /fakaza.me/wp-content/uploads/2019/12/cropped-images-2-1.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: image/webp
content-length: 8460
last-modified: Thu, 29 Dec 2022 20:01:56 GMT
expires: Sun, 29 Dec 2024 08:01:56 GMT
cache-control: public, max-age=63115200
link: <https://fakaza.me/wp-content/uploads/2019/12/cropped-images-2-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "b2f3891b6a022d59"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5130
Expires: Thu, 26 Jan 2023 09:54:49 GMT
Date: Thu, 26 Jan 2023 08:29:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5130
Expires: Thu, 26 Jan 2023 09:54:49 GMT
Date: Thu, 26 Jan 2023 08:29:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 38437
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c331b0423afe4c6888533296b5f275bc
766aba1f8bb596a068f4e611161fa54616f506ed
0551882e8ba5962ca2c3a8634574e75f11321d46f9c901430614a9c73eaeae12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 1c0f08ae-9b11-4c41-a6e9-819343332f34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF-fElWIAMFg8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf838f-6cf92e9d28ec0c9727e7419a;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A9cyJReV84QegjGfuOcBlZ-T6uefiGXXKnIBXIcn3a1x0kRYQ6XI3A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:13:57 GMT
age: 4522
etag: "766aba1f8bb596a068f4e611161fa54616f506ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=2
185.76.9.17200 OK 6.9 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=2
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
Hash e8c393be352459b1cea41a2bf7731048
b4730ede85a130e3cb6ebe6b778bb98cbf1005dd
1d512c26f2b295b897fd53475bfbe7d25b642740c8ebc9ad44d24a664ce411aa
GET /s/gen.js?type=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1675314250
server: CDN77-Turbo
x-77-nzt: AblMCQ1C4/D/FTAAAA
x-77-nzt-ray: c0a4cc287a876189df39d26371897312
x-cache: HIT
x-age: 12309
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: df7df0ae-d70e-4b80-9483-2ecd5c8ee4a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqvPEXMoAMF5Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57fa-04193e0514c1c1e85d9d023b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fznabMNG3n9Uo4L1jrrewtL_hJnQv8oR2qggeZtruvOLVzpUpcs7Tw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 17:10:40 GMT
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
age: 55119
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0617a6db-4b92-4745-b454-37fcbea9f1e0.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0617a6db-4b92-4745-b454-37fcbea9f1e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4aaca9804bfc17f83d66373ce67c0dc
9d0a0f828e312f615ddaa342522ab2ff7872beac
6871737d359006f7eb3086f488b1576283385000fd4ad66718f73faafbcf77ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0617a6db-4b92-4745-b454-37fcbea9f1e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2869
x-amzn-requestid: aaa2e4cd-1f31-4be2-b498-6bf758387859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOiraEF0oAMF1Dw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf4b15-4a250a9e5486c22112b28239;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 03:05:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g0c8aXRRDp_Poq7SqDtnvOvUEyM2tO4PdmCcG_i4yvN9KKn7_8JSrw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 05:26:10 GMT
age: 10989
etag: "9d0a0f828e312f615ddaa342522ab2ff7872beac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74736a6-2e9e-46aa-9c09-e96ce23f160c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74736a6-2e9e-46aa-9c09-e96ce23f160c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13fa7641221298b50dd96428df4a60a7
8f306f479049964b44288c97919e3abf3196f785
c5063d45d5222aaf0bf9ddd3a5a24c9856d2684e3c7650e48cd1e9f90d365295
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74736a6-2e9e-46aa-9c09-e96ce23f160c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4774
x-amzn-requestid: 280effa4-1bf4-4c89-9831-e1982ff23153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSYeyG6voAMFzAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d45e-0db1bd5e44404c964dec763a;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:03:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bE-O-xdBLQ_A14Me54-PoMs5VDqRYTdIHCUglJuMIKDV-pPdRY703g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:34:51 GMT
age: 3268
etag: "8f306f479049964b44288c97919e3abf3196f785"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
uwoaptee.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Content-Type: application/json
Origin: https://fakaza.me
Content-Length: 722
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0f5128fb18645f8e977558e2c9514ca8
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=167302913&post=0&tz=1&srv=fakaza.me&j=1%3A11.7.1&host=fakaza.me&ref=&fcp=1651&rand=0.9811150283826435
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=167302913&post=0&tz=1&srv=fakaza.me&j=1%3A11.7.1&host=fakaza.me&ref=&fcp=1651&rand=0.9811150283826435
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=167302913&post=0&tz=1&srv=fakaza.me&j=1%3A11.7.1&host=fakaza.me&ref=&fcp=1651&rand=0.9811150283826435 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/fakaza.me/wp-content/uploads/2022/12/Wanitwa-Mos-Master-KG-Nkosazana-Daughter-Makhadzi-Lowsheen-%E2%80%93-Mali.jpg?resize=326%2C240&ssl=1
192.0.77.2200 OK 11 kB URL HTTP/2 i0.wp.com/fakaza.me/wp-content/uploads/2022/12/Wanitwa-Mos-Master-KG-Nkosazana-Daughter-Makhadzi-Lowsheen-%E2%80%93-Mali.jpg?resize=326%2C240&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4a72c090498498e254b7f2d60e34dc9
359619e680b922c5ccfc3566a94025b0f9cfe47b
d50def6e23003a81d20ddcee314cf97a605328d90735bcebec831096754ea92c
GET /fakaza.me/wp-content/uploads/2022/12/Wanitwa-Mos-Master-KG-Nkosazana-Daughter-Makhadzi-Lowsheen-%E2%80%93-Mali.jpg?resize=326%2C240&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: image/webp
content-length: 11010
last-modified: Tue, 10 Jan 2023 23:18:26 GMT
expires: Fri, 10 Jan 2025 11:18:26 GMT
cache-control: public, max-age=63115200
link: <https://fakaza.me/wp-content/uploads/2022/12/Wanitwa-Mos-Master-KG-Nkosazana-Daughter-Makhadzi-Lowsheen-%E2%80%93-Mali.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "70fefef606409a9f"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
uwoaptee.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Content-Type: application/json
Origin: https://fakaza.me
Content-Length: 742
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 51b178f5db2b1fdcbc3ae44e95d94526
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
i0.wp.com/fakaza.me/wp-content/uploads/2022/12/ALBUM-Kelvin-Momo-%E2%80%93-Amukelani.jpg?resize=326%2C220&ssl=1
192.0.77.2200 OK 4.9 kB URL HTTP/2 i0.wp.com/fakaza.me/wp-content/uploads/2022/12/ALBUM-Kelvin-Momo-%E2%80%93-Amukelani.jpg?resize=326%2C220&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 241540490823ff3796e0502abd84b958
64a02c047ff68d383d8a81eed8557486c7b00add
d06f99b0c49cab8020734734699d67b323e9ec9e55dd196b254e641919d08420
GET /fakaza.me/wp-content/uploads/2022/12/ALBUM-Kelvin-Momo-%E2%80%93-Amukelani.jpg?resize=326%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: image/webp
content-length: 4948
last-modified: Tue, 10 Jan 2023 23:18:26 GMT
expires: Fri, 10 Jan 2025 11:18:26 GMT
cache-control: public, max-age=63115200
link: <https://fakaza.me/wp-content/uploads/2022/12/ALBUM-Kelvin-Momo-%E2%80%93-Amukelani.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "13e2eabeb00ecfb7"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/fakaza.me/wp-content/uploads/2022/10/DJ-Maphorisa-Visca-%E2%80%93-Ba-Straata-ft.-2woshort-RSA-Stompiiey-Shaunmusiq-Ftears-Madumane-.jpg?resize=326%2C220&ssl=1
192.0.77.2200 OK 4.0 kB URL HTTP/2 i0.wp.com/fakaza.me/wp-content/uploads/2022/10/DJ-Maphorisa-Visca-%E2%80%93-Ba-Straata-ft.-2woshort-RSA-Stompiiey-Shaunmusiq-Ftears-Madumane-.jpg?resize=326%2C220&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0fe2940935920fb7cd27ede031850f8f
c6b65947d1c06ac411b0f1525272eb276551bed1
98800013d08dfec77000da0641fa0d5c1dfc8aedd85e74929e925dbf54732dc8
GET /fakaza.me/wp-content/uploads/2022/10/DJ-Maphorisa-Visca-%E2%80%93-Ba-Straata-ft.-2woshort-RSA-Stompiiey-Shaunmusiq-Ftears-Madumane-.jpg?resize=326%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: image/webp
content-length: 3986
last-modified: Sun, 08 Jan 2023 12:03:21 GMT
expires: Wed, 08 Jan 2025 00:03:21 GMT
cache-control: public, max-age=63115200
link: <https://fakaza.me/wp-content/uploads/2022/10/DJ-Maphorisa-Visca-%E2%80%93-Ba-Straata-ft.-2woshort-RSA-Stompiiey-Shaunmusiq-Ftears-Madumane-.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3dc2d06867303e64"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/fakaza.me/wp-content/uploads/2022/08/K.O-%E2%80%93-SETE-ft.-Young-Stunna-Blxckie-.jpg?resize=326%2C220&ssl=1
192.0.77.2200 OK 11 kB URL HTTP/2 i0.wp.com/fakaza.me/wp-content/uploads/2022/08/K.O-%E2%80%93-SETE-ft.-Young-Stunna-Blxckie-.jpg?resize=326%2C220&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 882984f8d4382859357252a40059ed59
938e26fa08923ebc8b0b9a96fecfd0f16345969c
96ce398860cd4cb2fcc04e3813dfed9123f31ab431375d11af7a17f3621bc889
GET /fakaza.me/wp-content/uploads/2022/08/K.O-%E2%80%93-SETE-ft.-Young-Stunna-Blxckie-.jpg?resize=326%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: image/webp
content-length: 11442
last-modified: Fri, 19 Aug 2022 08:38:12 GMT
expires: Sun, 18 Aug 2024 20:38:12 GMT
cache-control: public, max-age=63115200
link: <https://fakaza.me/wp-content/uploads/2022/08/K.O-%E2%80%93-SETE-ft.-Young-Stunna-Blxckie-.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1e20acc352a5917f"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/fakaza.me/wp-content/uploads/2023/01/AndileAndy.jpg?resize=326%2C245&ssl=1
192.0.77.2200 OK 11 kB URL HTTP/2 i0.wp.com/fakaza.me/wp-content/uploads/2023/01/AndileAndy.jpg?resize=326%2C245&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x245, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 39a4d7547d70e6154347f791e0b1fe60
e76cb51e74ae430265e7bde7a97a90c4b85fa6ab
62ca34c70e8e7779803b84b2c0c482dee060a31d3e21bab0e4641e30fcf7d9d5
GET /fakaza.me/wp-content/uploads/2023/01/AndileAndy.jpg?resize=326%2C245&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: image/webp
content-length: 11204
last-modified: Thu, 26 Jan 2023 08:24:17 GMT
expires: Sat, 25 Jan 2025 20:24:17 GMT
cache-control: public, max-age=63115200
link: <https://fakaza.me/wp-content/uploads/2023/01/AndileAndy.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f9d09c987f071c2c"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/fakaza.me/wp-content/uploads/2023/01/P1jnwKqT.jpg?resize=326%2C245&ssl=1
192.0.77.2200 OK 8.8 kB URL HTTP/2 i0.wp.com/fakaza.me/wp-content/uploads/2023/01/P1jnwKqT.jpg?resize=326%2C245&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x245, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb168cd36301dc9c38acc3b2bbddd199
c2bc0de4184f8dab3243bc7235c9abdf3e295af4
3665fc41fa4bb6556ff680ebd5f7de390c03436c154f47ac6ecbb410f756b928
GET /fakaza.me/wp-content/uploads/2023/01/P1jnwKqT.jpg?resize=326%2C245&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: image/webp
content-length: 8838
last-modified: Thu, 26 Jan 2023 08:10:58 GMT
expires: Sat, 25 Jan 2025 20:10:58 GMT
cache-control: public, max-age=63115200
link: <https://fakaza.me/wp-content/uploads/2023/01/P1jnwKqT.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a9be502de8d1a11f"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 78c78c20e49cafa32f831ae42efadcde
18cc6aa47c131a028d9142b6ab5df3fb785d40df
4f4246a13210946bf3c993faf8d3c9d7d641da2515c5a13d737e2b5b8ed04f83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1909
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:20 GMT
Last-Modified: Thu, 26 Jan 2023 07:57:31 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 312
ads.themoneytizer.com/IIQUniversalID.js
185.76.9.17200 OK 12 kB URL HTTP/2 ads.themoneytizer.com/IIQUniversalID.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (52687), with no line terminators
Hash 8b92c73a7caa0bea29a6977e6383ec5d
1e9830bbc7fabc28fe2df902889b974f57c80714
846d9de97320f255fc3faf023677b7487506c68f7a6c667556c53f04f0657f60
GET /IIQUniversalID.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 18:48:43 GMT
expires: Fri, 27 Jan 2023 05:04:10 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1674795850
server: CDN77-Turbo
x-77-nzt: AblMCQ3kU7f/FjAAAA
x-77-nzt-ray: c0a4cc287a876189e039d2630d3e2508
x-cache: HIT
x-age: 12310
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybid7_28/build_noconsent/dist/prebid.js
185.76.9.17200 OK 183 kB URL HTTP/2 ads.themoneytizer.com/moneybid7_28/build_noconsent/dist/prebid.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
Size 183 kB (183043 bytes)
Hash 740e3c17fc93286064f3e425087760ae
d813f84d796183637274fdd9c0bf0ca070d14ba1
5ff4bcee35395a285c227b0687b26ca6a5974ea1cdacf0b4ea8d04662e315cb2
GET /moneybid7_28/build_noconsent/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/javascript
last-modified: Tue, 17 Jan 2023 14:41:11 GMT
expires: Fri, 27 Jan 2023 05:04:18 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1674795858
server: CDN77-Turbo
x-77-nzt: AblMCQ3tJ67/DjAAAA
x-77-nzt-ray: c0a4cc287a876189e039d2633f1e5d0b
x-cache: HIT
x-age: 12302
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4d6c2bca61e52882a328e139903dc175
8b2dfc825954f646290cf426d78cfbd00468d253
51e102b83fcd26bfbb121d509241699f6a31f879bdc5bb32488adc49171604b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51E102B83FCD26BFBB121D509241699F6A31F879BDC5BB32488ADC49171604B3"
Last-Modified: Tue, 24 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7178
Expires: Thu, 26 Jan 2023 10:28:58 GMT
Date: Thu, 26 Jan 2023 08:29:20 GMT
Connection: keep-alive
c.tmyzer.com/c/?s=57902&f=2&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=57902&f=2&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=57902&f=2&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:160D_36264064:01BB_63D239E0_73754:2A92D
X-IPLB-Instance: 41595
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e2d4d6ce7f7429d82966d6d9dc16356b
fcd4edfef113db414c102864a1a4e3a38c23e9c9
97f329ca52876a991e1bd435d8841a0a0f7b657e5c6312390421f236d6cd3b90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 20:45:24 GMT
Expires: Wed, 01 Feb 2023 20:45:23 GMT
Etag: "fcd4edfef113db414c102864a1a4e3a38c23e9c9"
Cache-Control: max-age=561962,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f7e15a2b8e1c02-OSL
tag.leadplace.fr/libJsLP.js
145.239.192.166200 OK 5.5 kB URL HTTP/1.1 tag.leadplace.fr/libJsLP.js
IP 145.239.192.166:0
Hash a0c24f993bc0901cfe62d1e801cb2b45
7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 14 Oct 2021 07:27:53 GMT
ETag: "6167dbf9-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:A690_91EFC0A6:01BB_63D239E0_639E4052:6040
X-IPLB-Instance: 30196
p.cpx.to/p/12763/px.js
34.252.124.99200 OK 2.0 kB IP 34.252.124.99:0
File type ASCII text, with very long lines (1990), with no line terminators
Hash 040d580a48229902c683623ac1d066a1
be6ca2aa413481fd7350c5c6cf5658c65dccb513
6e7ec1538f64f09356d095457fa3387b84619a8f32db7708a4a21957e7d33a3d
GET /p/12763/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2419200, public
Content-Type: application/javascript; charset=UTF-8
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Length: 1990
Connection: keep-alive
script.4dex.io/localstore.js
104.26.9.169200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1177222
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIeFgpPfkouzrcfbodtumChGsdr5kPtLdqzoBdq2mpKR2NM5xYiqwPp9AmoUHkFltTE9wZa%2BB%2F9eDMmlDYwJmp%2FXjU%2BhHEoU4EdpXdANCEYXysd6ec0%2BvbZdjlJFXsa1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78f7e15afcd9b524-OSL
Content-Encoding: br
tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Ffakaza.me%2F&id=MTIZ
145.239.192.166200 OK 0 B URL HTTP/1.1 tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Ffakaza.me%2F&id=MTIZ
IP 145.239.192.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wckr.php?ref=https%3A%2F%2Ffakaza.me%2F&id=MTIZ HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5B5A2A9A:A690_91EFC0A6:01BB_63D239E0_639E405C:6040
X-IPLB-Instance: 30196
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d80f05847356c48aad673a796b772afd
8f4ae86bf7a572c5b674a27efccd5120f36b06d0
78dc859ac3ef69b8e258b776230a61a4617865023997d21341a7a664a8fbc55f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78DC859AC3EF69B8E258B776230A61A4617865023997D21341A7A664A8FBC55F"
Last-Modified: Wed, 25 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11801
Expires: Thu, 26 Jan 2023 11:46:01 GMT
Date: Thu, 26 Jan 2023 08:29:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 04fb584bf5028a3fb1f115ed9f529ace
22f06ccfe863a5c8a695d23de11681dc3d4835e9
c7243dabf66c180561ecc8e8a49ae109768641b51357bff356d0bb5331930b19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1190
Cache-Control: max-age=99938
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:20 GMT
Etag: "63d1189c-139"
Expires: Fri, 27 Jan 2023 12:14:58 GMT
Last-Modified: Wed, 25 Jan 2023 11:55:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 04fb584bf5028a3fb1f115ed9f529ace
22f06ccfe863a5c8a695d23de11681dc3d4835e9
c7243dabf66c180561ecc8e8a49ae109768641b51357bff356d0bb5331930b19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1190
Cache-Control: max-age=99938
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:20 GMT
Etag: "63d1189c-139"
Expires: Fri, 27 Jan 2023 12:14:58 GMT
Last-Modified: Wed, 25 Jan 2023 11:55:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
id5-sync.com/api/config/prebid
162.19.138.83200 134 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99be75395b3c89cdd6781761e5a85ad2
225a8b587c3545be2581aa9ac2b630b51679d7be
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 26 Jan 2023 08:29:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
script.4dex.io/adagio.js
104.26.9.169200 OK 23 kB IP 104.26.9.169:0
File type ASCII text, with very long lines (65354)
Hash 0ffb2c9b6dd933ae18ab7dc729d58e69
bb88b2f3fc47452873348d1cdcb7ea3d4a2bbc10
0cd0e55fa43693dfe4b04a225bf7774eb3f66e232828f8d661547728475a12f2
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 391124
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdXGrqXXye3e4yUn6Yy4v9YS3xENx0PH6mLxpWnT5%2FZ%2Bq%2Bz4AMqqRTOchswhw98X16mTrEfKX7qJAynI8%2B0OTGHuGTVKP4IiP5dXVz%2Bo1dzpuRkolSLriegeoPYac8KE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78f7e15b9b54b4f7-OSL
Content-Encoding: br
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4e5500e08c4b44cbba5be3e242406824
2718638e7b187cce12c578760e2d8bd69083ae5a
8be786b207b7e368b67d89201146dac434655c290466a60432f73c3632279054
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BE786B207B7E368B67D89201146DAC434655C290466A60432F73C3632279054"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11746
Expires: Thu, 26 Jan 2023 11:45:06 GMT
Date: Thu, 26 Jan 2023 08:29:20 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash fa93de4eac1575e97e7c659385c9e4c5
4a7f159e9e55bae746738f409e5342813f5be6db
161676b12b5e45d900caa8ac71073d0aa71ffd3627bb767c02b4cb8ce1f0c110
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 07:14:51 GMT
Expires: Mon, 30 Jan 2023 07:14:50 GMT
Etag: "4a7f159e9e55bae746738f409e5342813f5be6db"
Cache-Control: max-age=340529,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f7e15bbdae1c02-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1bfee606b5fbe6c68d7e3da85bb03e83
f12260b417ba4fc02ccb4a2bc61f9890d49ca76e
28857c1d3846846439b16c61bdc246d67bd6ec177c1d8c498da1fa13d7398187
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28857C1D3846846439B16C61BDC246D67BD6EC177C1D8C498DA1FA13D7398187"
Last-Modified: Wed, 25 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11777
Expires: Thu, 26 Jan 2023 11:45:37 GMT
Date: Thu, 26 Jan 2023 08:29:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 726f79ed38626e3b7ea4f051cfddd9ce
018c66d36d3db07220b55c1c41b973b3d5cd99aa
4b75473f5c012f09c9ed5303a179cbf3fd526043913687ba1977b223daf73b0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6574
Cache-Control: max-age=111399
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:20 GMT
Etag: "63d13059-13a"
Expires: Fri, 27 Jan 2023 15:25:59 GMT
Last-Modified: Wed, 25 Jan 2023 13:36:25 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Ffakaza.me%2F&hn_ver=40&fid=3b59d720-2252-4502-bc3c-478f610fc337
54.76.123.252200 OK 645 B URL HTTP/1.1 s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Ffakaza.me%2F&hn_ver=40&fid=3b59d720-2252-4502-bc3c-478f610fc337
IP 54.76.123.252:0
File type ASCII text, with very long lines (645), with no line terminators
Hash 046d37201553a5ae9508422727158e13
4b9312284bb6e3df096bef9a83f8e28027bf4c27
8b829284f8c798077d08403f22ba0b06f2c54d3f3ea74d4b9dc12726a492a45a
GET /fire.js?pid=12763&ref=&url=https%3A%2F%2Ffakaza.me%2F&hn_ver=40&fid=3b59d720-2252-4502-bc3c-478f610fc337 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 645
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
p3p: CP="NOI DEV ADM"
expires: Wed, 18 Jan 2023 19:28:40 UTC
set-cookie: cpSess=8c4621288a6080e; Expires=Fri, 26 Jan 2024 08:29:20 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
lb.eu-1-id5-sync.com/lb/v1
141.95.98.64200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 85f09c84f70d54e9a66a82ba65fcb588
8bd85d9822ca9e7a14898e1d87f79ce82bdeff92
53707042d1bbf3fa753ba9271f14791150fabf4733f5dda1a0edaecc6dc0054c
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://fakaza.me
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 26 Jan 2023 08:29:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Ffakaza.me%2F
51.158.28.82200 OK 793 B URL HTTP/1.1 kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Ffakaza.me%2F
IP 51.158.28.82:0
File type JSON data\012- , ASCII text, with very long lines (1875), with no line terminators
Hash d3cbb006cafc71be4ad7ef60b1fbe972
4e045bd40dc60ef8018c34524d92e58354b6532c
7c2deb76508b00aaa3d9cb14f0a27d45523ecb756b9e03ac083b824e0bb255dc
GET /api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Ffakaza.me%2F HTTP/1.1
Host: kvt.sddan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://fakaza.me
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=F9szj180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l2MU14dG5TTnBtRkQxVll4RXlNN2JNeWZ5cmdZVXNQRWVkSlozcU5JMzU; expires=Tue, 20 Feb 2024 08:29:20 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://fakaza.me
server-processing-duration-in-ticks: 292815
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ed472d73982816fceaabd6cd9b69cdd1
624d9b1c50cddf45639dbe3b3d5a565716b94cc1
5a346785f15fed26419440c07810a8d5b630119ab99d44de0b55b14037fa00a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A346785F15FED26419440C07810A8D5B630119AB99D44DE0B55B14037FA00A1"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5726
Expires: Thu, 26 Jan 2023 10:04:46 GMT
Date: Thu, 26 Jan 2023 08:29:20 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffakaza.me%2F&domain=fakaza.me&cw=1&lsw=1
178.250.0.157200 OK 525 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffakaza.me%2F&domain=fakaza.me&cw=1&lsw=1
IP 178.250.0.157:0
Hash 6ea1d29671f3c6bed17e11168f449fec
7784dda0ab885d6c98362916c4c6422d2ee2d1e8
7d906fca4bf10f43ba704b224e2737e68733df2d679910ef8d4c8992aa621a83
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ffakaza.me%2F&domain=fakaza.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fakaza.me
server-processing-duration-in-ticks: 297403
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.254200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2172
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://fakaza.me
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
id5-sync.com/g/v2/12.json
162.19.138.83200 216 B URL HTTP/1.1 id5-sync.com/g/v2/12.json
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 62c678c0a60bca8ceb0075631cf9a4f9
3bef1da7a9d1418fcb01f943a3c0dae9be09a69b
56a7b426197c561c70034c5c8757c9070f4384e446e8de9f4b42b2968a81b055
POST /g/v2/12.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 219
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Thu, 26 Jan 2023 08:29:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
abdurantom.com/apu.php?zoneid=3390734
139.45.197.236200 OK 968 B URL HTTP/2 abdurantom.com/apu.php?zoneid=3390734
IP 139.45.197.236:0
File type ASCII text, with very long lines (801)
Hash 0233b68fef265e1f8ccbc663712267f9
701c395b5ed44181fe0529fd13e077b655a1397a
9010c3be3a50f97169c2a13592ea5529213e46c5662dd54c048a56eaa6a642a2
GET /apu.php?zoneid=3390734 HTTP/1.1
Host: abdurantom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 2d37cac9d1951966edd69df2c65c2fd9
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=2f0b93e8d3dc47d69ccb079fa19e1e3f; expires=Fri, 26 Jan 2024 08:29:20 GMT; path=/; secure; SameSite=None
oaidts=1674721760; expires=Fri, 26 Jan 2024 08:29:20 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4b6f1fe73c602849948cb76e03d3b66f
659f2322c1f6043d5448f37ec115d600a6f21de3
0a6421010380753d4475a82aba9aebf169dc8395df25f70a0f225e99778ee194
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A6421010380753D4475A82ABA9AEBF169DC8395DF25F70A0F225E99778EE194"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9426
Expires: Thu, 26 Jan 2023 11:06:26 GMT
Date: Thu, 26 Jan 2023 08:29:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d8e8f355f121d919bbfe4663fe88300e
7fc1bab2b86d7e4d01a06c8a549de6176e46d868
e268397b631471ada6d823a4d83de0516a2bc81079fc84c9f9330840501085f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E268397B631471ADA6D823A4D83DE0516A2BC81079FC84C9F9330840501085F0"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13966
Expires: Thu, 26 Jan 2023 12:22:06 GMT
Date: Thu, 26 Jan 2023 08:29:20 GMT
Connection: keep-alive
ads.themoneytizer.com/bidder1/moneybid.js?siteid=57902&adid=3&formatid=26323&size=desktop
185.76.9.17200 OK 429 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=57902&adid=3&formatid=26323&size=desktop
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
File type JSON data\012- HTML document, ASCII text, with very long lines (622), with no line terminators
Hash 4d6c74423b8ed8c70e7bdc92db285d08
139d573951d731885396cc4700f7b35be1803ccc
05ee5e607781e03035befcce4bbeb0ed40a4ffb22b95867e552a80808d89191c
GET /bidder1/moneybid.js?siteid=57902&adid=3&formatid=26323&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fakaza.me
cache-control: max-age=604800
x-accel-expires: @1675321271
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCQ2oSIf/qRQAAA
x-77-nzt-ray: c0a4cc287a876189e039d263586cfd2a
x-cache: HIT
x-age: 5289
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1efa8c61f9db8e0ec1774f0b1baecdea
08ba8067d89579803e286e5b7ae649b8cfc6db2e
5b08ce2e19047ede80f7ea622c2e1785e5ee8fb2400e88682229cd82dfb3c95a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B08CE2E19047EDE80F7EA622C2E1785E5EE8FB2400E88682229CD82DFB3C95A"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7470
Expires: Thu, 26 Jan 2023 10:33:50 GMT
Date: Thu, 26 Jan 2023 08:29:20 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7d356edd48bf05fba9a8fcdc9037c2a6
de672418fb6b1082b35935a23947a55b31229044
8b03bac05eefb5307769151d38462b0d8a4317aee20793e6c708f8110af51c26
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 02:03:25 GMT
Expires: Wed, 01 Feb 2023 02:03:24 GMT
Etag: "de672418fb6b1082b35935a23947a55b31229044"
Cache-Control: max-age=494643,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f7e15d8ff61c02-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b0c19a60568399f6b50342e1f9853366
2b7ccc94b92b382451202043bfd634dc38938446
a2600a50d1e84cf7b3743eba0dda593908694b271c51349216de6907f6b0125a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3767
Cache-Control: max-age=146788
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:20 GMT
Etag: "63d1c58d-1d7"
Expires: Sat, 28 Jan 2023 01:15:48 GMT
Last-Modified: Thu, 26 Jan 2023 00:13:01 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
pbjs.e-planning.net/hb/1/2a156/1/fakaza.me/ROS?ct=1&r=pbjs&rnd=0.07927961121997096&e=39287%3A970x250%2C970x90%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Ffakaza.me%2F&pbv=7.28.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Ffakaza.me%2F&e_criteoId=g6luml9lWFNQdUJsb1J2YyUyQnF1Nnc4dGVxbFAwNnlRRE1QUHpkNzdXQmZENGN1MkpTVkIlMkYxZWkyaWYlMkYlMkYyeFRhakJ0d0IlMkIlMkZqdWZPa2k0aFFHSHN4NDU4NyUyRlFBJTNEJTNE&e_pubcid=3a74c2f7-cbca-48c3-bc70-fbc5b14892f9
185.172.90.252200 OK 87 B URL HTTP/2 pbjs.e-planning.net/hb/1/2a156/1/fakaza.me/ROS?ct=1&r=pbjs&rnd=0.07927961121997096&e=39287%3A970x250%2C970x90%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Ffakaza.me%2F&pbv=7.28.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Ffakaza.me%2F&e_criteoId=g6luml9lWFNQdUJsb1J2YyUyQnF1Nnc4dGVxbFAwNnlRRE1QUHpkNzdXQmZENGN1MkpTVkIlMkYxZWkyaWYlMkYlMkYyeFRhakJ0d0IlMkIlMkZqdWZPa2k0aFFHSHN4NDU4NyUyRlFBJTNEJTNE&e_pubcid=3a74c2f7-cbca-48c3-bc70-fbc5b14892f9
IP 185.172.90.252:0
ASN #49981 WorldStream B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 074be84eef1e42b76b0e796d925e7b70
737e65bde0153ad9f2285816a10c8a02abcdd0b3
62f31e7a32b46e1336d1baec23b89a757a6d7ee794977956f6a8f31b8948c211
GET /hb/1/2a156/1/fakaza.me/ROS?ct=1&r=pbjs&rnd=0.07927961121997096&e=39287%3A970x250%2C970x90%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Ffakaza.me%2F&pbv=7.28.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Ffakaza.me%2F&e_criteoId=g6luml9lWFNQdUJsb1J2YyUyQnF1Nnc4dGVxbFAwNnlRRE1QUHpkNzdXQmZENGN1MkpTVkIlMkYxZWkyaWYlMkYlMkYyeFRhakJ0d0IlMkIlMkZqdWZPa2k0aFFHSHN4NDU4NyUyRlFBJTNEJTNE&e_pubcid=3a74c2f7-cbca-48c3-bc70-fbc5b14892f9 HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fakaza.me
Content-Type: text/plain
Referer: https://fakaza.me/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
expires: Thu, 26 Jan 2023 08:29:20 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-length: 87
x-sid: AMS-928
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b0c19a60568399f6b50342e1f9853366
2b7ccc94b92b382451202043bfd634dc38938446
a2600a50d1e84cf7b3743eba0dda593908694b271c51349216de6907f6b0125a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3767
Cache-Control: max-age=146788
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:20 GMT
Etag: "63d1c58d-1d7"
Expires: Sat, 28 Jan 2023 01:15:48 GMT
Last-Modified: Thu, 26 Jan 2023 00:13:01 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ea9199aaec46951d1fa294d57f55ad55
4ffaa896188dfe6cc0116f0bf064177509f37891
8a74726b691d759c061d10c4b0939586c117accefe9cd5308e839d76dcfccc40
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7d406d59a1ab41bfa384c310d75e264f; expires=Fri, 26 Jan 2024 08:29:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba29b005457e6831f3a43d78c80ef578
8b0e15017d40644195f616a7dacc63ac56b90d06
a17e5664b1001f051eb8fd9b3642056871308a696d9343a0f0e62298e2fda524
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5649
Cache-Control: max-age=92167
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:20 GMT
Etag: "63d0e8d6-1d7"
Expires: Fri, 27 Jan 2023 10:05:27 GMT
Last-Modified: Wed, 25 Jan 2023 08:31:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba29b005457e6831f3a43d78c80ef578
8b0e15017d40644195f616a7dacc63ac56b90d06
a17e5664b1001f051eb8fd9b3642056871308a696d9343a0f0e62298e2fda524
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5649
Cache-Control: max-age=92167
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:20 GMT
Etag: "63d0e8d6-1d7"
Expires: Fri, 27 Jan 2023 10:05:27 GMT
Last-Modified: Wed, 25 Jan 2023 08:31:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8d8c78e0f8489123b947ef59de71c4e9
0e2522b86720a568ef6e22672be698f5f52d1f54
90e0d90736d59a7b885b91c0ca566731deceba8b97c6a09682ebb04a78cb6045
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 08:29:20 GMT
Last-Modified: Thu, 26 Jan 2023 07:52:27 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DVVbQoav-QCz19aHFCYb9qW3pNxR7zVHNyoWSr2awXiny0veALOwow==
Age: 2213
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 4b4d556361d4b33b10e6a298b8b04231
b2fc8f6cba942967f609b46486e0d63d66daadc8
3eaa5cea118a9e6580c0355d86939e7e4afcdbe1dc442674c7ecad366a8bf294
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 08:29:20 GMT
Last-Modified: Thu, 26 Jan 2023 07:02:23 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fR52vdFaNReTLDcM26OMPpJXKHKSyAwEVuj3E_S36L-eUQBzz4YonQ==
Age: 5217
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
ad.360yield.com/pb
18.158.114.168204 No Content 0 B IP 18.158.114.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pb HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1566
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 08:29:20 GMT
access-control-allow-origin: https://fakaza.me
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-credentials: true
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash dade54663ec89044907acd891e2cdc3c
289f6e8f318b73eac0c0e7440263fd1760dede43
8347427970b7a13bd9a1110ae881cb6724c300d86ab7f9a83241adf973bdd6f5
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1064
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b89f822d4ed7bb082f8880b323e4644c
5134fb017672392c7d85a0fb7ffe3ea13bca54d7
cdcc77e1544031d16f21a32a77dbbba28aedf8c8daa80442a11635f99154cbd5
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1155
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=7.28.0&referrer=https%3A%2F%2Ffakaza.me%2F&tmax=3000
18.196.123.254200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.28.0&referrer=https%3A%2F%2Ffakaza.me%2F&tmax=3000
IP 18.196.123.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.28.0&referrer=https%3A%2F%2Ffakaza.me%2F&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1238
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 93826397f930ab618cc018a25be2b99f
aec7e83db1de9bc6513211793819440ae68d3335
e14d2778617757846325ee00d0f399e4e45b0c1a255f9982291a00c04df9fc03
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1066
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7b88a15db1d8dc25300caa2e1e1dd040
e311c25d742a92308bea370f6ea96d491f27a3dc
3984993fab752764bf197ccd298ff7701d599d4dd5076adcad10b309a3e0828e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Last-Modified: Thu, 26 Jan 2023 07:21:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f8e9b871ca0e83a911bbad69cd369dd
3ec67a8b0fa439d8f2b5529c5de01b812505bffc
a1bf81e8219136621b3ac0697c35e68ce0cf56b0b019634329441c5baa105849
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 03:11:55 GMT
Expires: Wed, 01 Feb 2023 03:11:54 GMT
Etag: "3ec67a8b0fa439d8f2b5529c5de01b812505bffc"
Cache-Control: max-age=498752,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f7e15db9260b61-OSL
vianoivernom.com/500/3224468?excludes=&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 vianoivernom.com/500/3224468?excludes=&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/3224468?excludes=&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: vianoivernom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:21 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=57902&adid=31&formatid=39287&size=desktop
185.76.9.17200 OK 969 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=57902&adid=31&formatid=39287&size=desktop
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
Hash 245e8b63fe5193b4a700e043240bbe4d
2eb247d7b982d1adbe8b4c682dbc7d95acbe90e5
aec4403dbbd258c5323686dd39796f2494ce89a3d728204f55176cfef781b4e2
GET /bidder1/moneybid.js?siteid=57902&adid=31&formatid=39287&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fakaza.me
cache-control: max-age=604800
x-accel-expires: @1675321271
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCQ1tWYr/qRQAAA
x-77-nzt-ray: c0a4cc287a876189e039d2635755f42a
x-cache: HIT
x-age: 5289
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/27/7032fd23f7825e75f6f79a3de91ed077
139.45.197.239200 OK 130 kB URL HTTP/2 cdn.uponelectabuzzor.club/27/7032fd23f7825e75f6f79a3de91ed077
IP 139.45.197.239:0
File type ASCII text, with very long lines (65523)
Size 130 kB (129810 bytes)
Hash 4a07955ea1dd310ff3285d084d9a99d5
c238dee8e8cf38445c303a9c657073382654f6b8
8d0b84e8f308ff6fee685c7a7c3e5d814fd31746c8b4b10ef34f68c12ce7b128
GET /27/7032fd23f7825e75f6f79a3de91ed077 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Cookie: scm=1; OAID=56da66dc62bf46ad948d94786e67c961; oaidts=1674721760
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Tue, 24 Jan 2023 07:37:20 GMT
expires: Tue, 23 Feb 2083 07:37:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=4495713&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Ffakaza.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=7d406d59a1ab41bfa384c310d75e264f
139.45.197.239200 OK 7 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=4495713&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Ffakaza.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=7d406d59a1ab41bfa384c310d75e264f
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
POST /9?z=4495713&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Ffakaza.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=7d406d59a1ab41bfa384c310d75e264f HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 277
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Cookie: scm=1; OAID=56da66dc62bf46ad948d94786e67c961; oaidts=1674721760
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: a880387fa58cb8205dd734213d9dbd09
access-control-expose-headers: X-Sc
set-cookie: OAID=7d406d59a1ab41bfa384c310d75e264f; expires=Fri, 26 Jan 2024 08:29:21 GMT; secure; SameSite=None
oaidts=1674721760; expires=Fri, 26 Jan 2024 08:29:21 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
b1h.zemanta.com/api/bidder/prebid/bid/
64.74.236.255204 No Content 0 B URL HTTP/1.1 b1h.zemanta.com/api/bidder/prebid/bid/
IP 64.74.236.255:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 840
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://fakaza.me
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d49cf0a2dc8f3dd6b5e4730d50cb1f8a
973d6fd723abbad6bcdde56b95cff0b956aeb3d0
ac3accfa00116f3f8c98e66aeefa227f1575b1279eaea5fee34cc6620af9eb81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4191
Cache-Control: max-age=150447
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Etag: "63d1d231-117"
Expires: Sat, 28 Jan 2023 02:16:48 GMT
Last-Modified: Thu, 26 Jan 2023 01:06:57 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
vianoivernom.com/500/3224468?excludes=&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 78 kB URL HTTP/2 vianoivernom.com/500/3224468?excludes=&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 6e568e8e3c72e00d5122b2ba6fc46410
a766c8b6ed045e9e08b735363515e91778a98f8a
75e6ea94f4f8a1ce6b093d4846cf7f95ead40bae007cc1e8c5ab204785ea025e
Analyzer Verdict Alert quad9 Sinkholed
GET /500/3224468?excludes=&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: vianoivernom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Cookie: OAID=587d92698939438eac63e14e4cf86bba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/javascript
x-trace-id: 70c2c58274b560b53fc4df8f66f3ddef
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://fakaza.me
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=7d406d59a1ab41bfa384c310d75e264f; expires=Fri, 26 Jan 2024 08:29:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=57902&f=2&fi=0
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=57902&f=2&fi=0
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=57902&f=2&fi=0 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Jan 2023 08:29:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:160D_36264064:01BB_63D239E0_7375A:2A92D
X-IPLB-Instance: 41595
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
54.230.245.166200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 54.230.245.166:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Thu, 26 Jan 2023 03:45:34 GMT
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9D8atOIKu-Lwx5ayf1PbN-PveABEFB8KGJgy1cWoezra2AjmwqlQfw==
Age: 17049
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
162.19.138.83200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP 162.19.138.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 26-Jan-2023 08:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Thu, 26-Jan-2023 08:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Thu, 26-Jan-2023 08:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Thu, 26-Jan-2023 08:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Thu, 26-Jan-2023 08:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Thu, 26-Jan-2023 08:34:21 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Thu, 26 Jan 2023 08:29:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ced.sascdn.com/tag/1097/smart.js
95.101.10.83200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 95.101.10.83:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash ab5d7bcba6f9bbe86e71d3f75061efc8
bf137eb7dc8285e29d986f6b8f3272f6f979bc0e
a973cdadddcd9ba18f6e262f602d39e091090e4a94ac036b3fc4f7428e5b84e6
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32964
Cache-Control: public, max-age=7200
Expires: Thu, 26 Jan 2023 10:29:21 GMT
Date: Thu, 26 Jan 2023 08:29:21 GMT
Connection: keep-alive
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 9.3 kB URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
Hash ecb3cff12181cf289b81c048911cf317
97b0fdfa362690dad96de0849c8816f738c9ad27
17fdfbf62d7b88bde8c9e09ebaccbd64c1f59ba1ba200cb20976850a039bd15f
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 709228
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dda854cb90cda40c6a6dbc19eb186eca
0d23775c5af739aac0a41844d09c704ab850a1bd
7c432d209fcf9dde0ca59bf93f76526d98aab474041f19b2d6fe79942ed3a7e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d97122742133f124ebe9ec5c50ada96f
bbba8c7969d6523f56dfe7d27aa994c009e1a644
fcc9d9d23c2d229605890553ee7a73ceb33523487f652635f982b6ed14b485e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5790
Cache-Control: max-age=126835
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Etag: "63d16fb7-1d7"
Expires: Fri, 27 Jan 2023 19:43:16 GMT
Last-Modified: Wed, 25 Jan 2023 18:06:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://fakaza.me
server-processing-duration-in-ticks: 936469
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1531981ef9429a92d7d8b4f1cbfbf422
f8de480a953b7ea586424919c5d7cb0f4850d257
31972e06370f524818209ead030c043155d5271bca62836b9f2ef097607cbc90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5938
Cache-Control: max-age=96365
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Etag: "63d0f81c-1d7"
Expires: Fri, 27 Jan 2023 11:15:26 GMT
Last-Modified: Wed, 25 Jan 2023 09:36:28 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337
142.250.74.162302 Found 341 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8f9fc3c0c2a299ca97274f0da4b9d2ae
6e004c704c988d6c781b4112ab21af04e7edced8
d4395f3d5163c9502ccbdf0b0307c83b1c131b645b898074caf6f6647fd60c69
GET /pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337&google_tc=
date: Thu, 26 Jan 2023 08:29:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 341
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 08:44:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258
142.250.74.162302 Found 447 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 393c268cee6a8bfba2b49deaaa579205
8938a3a758f743d9159f9631154a6d7acc383058
08c267bd5049a47add9e0fcc986e6a938e9cb68f16c18be64496e63980c8a14a
GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258&google_tc=
date: Thu, 26 Jan 2023 08:29:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 08:44:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
216.58.207.202200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (32034)
Hash c54aac7ef64c39b4f384e0d5771d3b46
d3e059104378a3844862a5ed12a13f5d423e86b6
3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 18:53:18 GMT
expires: Sun, 21 Jan 2024 18:53:18 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 394563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Ffakaza.me%252F%26hn_ver%3D40%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337
185.89.210.46307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Ffakaza.me%252F%26hn_ver%3D40%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Ffakaza.me%252F%26hn_ver%3D40%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 26 Jan 2023 08:29:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12763%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Ffakaza.me%25252F%2526hn_ver%253D40%2526fid%253D3b59d720-2252-4502-bc3c-478f610fc337
AN-X-Request-Uuid: acdb1b66-3dc6-454d-bce4-edb2801634cb
Set-Cookie: uuid2=6004949914568351654; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 26-Apr-2023 08:29:21 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash f0c61c1d29820684364893ec04cfeed6
0216fa0091f97302456ff3de73cf5660d08590d9
725385d4373d359b0d503191967e65e0ec5c7ea98edd9e4c152bf0cb6ea6e19d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 30 Jan 2023 06:07:22 GMT
ETag: "0216fa0091f97302456ff3de73cf5660d08590d9"
Last-Modified: Thu, 26 Jan 2023 06:07:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 896
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f7e161bbe4b51b-OSL
gum.criteo.com/syncframe?origin=rtus&topUrl=fakaza.me
178.250.0.157200 OK 5.5 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=fakaza.me
IP 178.250.0.157:0
Hash e471b8d70cc2d6b2ce0a586c63448d48
5fa3a7ead78952e595ab271653a7795cc0394688
b3f6aeaa5b7d161f14ee97986995aa14e29fccb8ec878264f094574ec9671249
GET /syncframe?origin=rtus&topUrl=fakaza.me HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=b383ff2a-8430-4c1a-b533-f220f211891e; expires=Tue, 20 Feb 2024 08:29:20 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 554013
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337&google_tc=
142.250.74.162302 Found 292 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ea92f3a57242308759cf483029719684
dc4e6b6837ed008854887066fa7a496e053a6749
f7debe2bf34f22bd38cbf3b8a2b36d1d290fee74e4bec981fdc6c94b8695940c
GET /pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://s.cpx.to/ca.png?dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337&google_error=3
date: Thu, 26 Jan 2023 08:29:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258&google_tc=
142.250.74.162302 Found 437 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 087185b7b9da00572b6ffb500678a383
8a6c5e46802532488b99e17b4001a0658c21ceeb
cdebf3052849848ec0fdd901bd53bf426592f91ddf27665491ebf59f9cadc0c5
GET /pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258&google_error=3
date: Thu, 26 Jan 2023 08:29:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
52.223.40.198200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
IP 52.223.40.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c3fa0acd495f7caf6e73cd7d11915aa1
68214131a41d142e3f8cb2fc73fbc9a0d7ab5040
d343cb2efb8921f99f1acef382f5296d9f582fb8ad8d79b80d49e23bd7606a8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6386
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Last-Modified: Thu, 26 Jan 2023 06:42:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c3fa0acd495f7caf6e73cd7d11915aa1
68214131a41d142e3f8cb2fc73fbc9a0d7ab5040
d343cb2efb8921f99f1acef382f5296d9f582fb8ad8d79b80d49e23bd7606a8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6424
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Last-Modified: Thu, 26 Jan 2023 06:42:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 8.8 kB URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
File type C source, ASCII text, with very long lines (29466)
Hash 7481bc2e2bafe0042d9afbdf65196888
b9f54ff581c9072151378f839b436852b6c90d25
f84de7431267ad020c8d5bb72a4a05d9a25d6b0a8dae1d5151db5d70ab334df9
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
x-crto-bundle: ASMO6F9GJTJCTkhHQUFQRGRBTW5maHRGTnJkeXhkdEk5dDJhcmVvaXRDYXNQN2RBeUVRcUEzaGRLbTRYOHdaMnRZSnpaSlRpZEZLdTVGN2l0OGU0eDdjcnZLOXhvV0tDS2FBV0I0VGVqempUYUNQTWVONmV3SUVqVjR5dnNCaEcxQ0dQS2dV
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://fakaza.me
server-processing-duration-in-ticks: 1509575
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
s.cpx.to/ca.png?dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337&google_error=3
54.76.123.252200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337&google_error=3
IP 54.76.123.252:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?dsp=dbm&fid=3b59d720-2252-4502-bc3c-478f610fc337&google_error=3 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Connection: keep-alive
Cookie: cpSess=8c4621288a6080e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 08:29:21 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=8c4621288a6080e; Expires=Fri, 26 Jan 2024 08:29:21 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
cdn.uponelectabuzzor.club/1?z=4495713
139.45.197.239200 OK 7.2 kB URL HTTP/2 cdn.uponelectabuzzor.club/1?z=4495713
IP 139.45.197.239:0
Hash 81953ba804f9c505607191f75e9b2ea3
2d90f3893f78e08001ae14f53794e195efc8ed72
735d484d7dce290498d0d75b6e059ea65acd8fdb1cab4383a519497610593fd3
GET /1?z=4495713 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: c28a3980ac32e3d82fde06e66bebfaa0
access-control-expose-headers: X-Sc
x-sc: 1tW7HRTqZrMYvHVTUodfJ1FAbhH2TFnFwfv9pXGDjATcekRlfTpWpNgU5OwGVHmzTNELAVOqyxk6ncH0WoTvabGGaeg=
set-cookie: scm=1; expires=Fri, 26 Jan 2024 08:29:20 GMT; secure; SameSite=None
OAID=56da66dc62bf46ad948d94786e67c961; expires=Fri, 26 Jan 2024 08:29:20 GMT; secure; SameSite=None
oaidts=1674721760; expires=Fri, 26 Jan 2024 08:29:20 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258&google_error=3
172.67.13.182200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258&google_error=3
IP 172.67.13.182:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7026377d-8d2c-4aa7-580e-a28321fdf92c&reqId=bae1a3fa-2fbe-42bd-4e51-65ddef19c3de&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Connection: keep-alive
Cookie: zc=7026377d-8d2c-4aa7-580e-a28321fdf92c; zsc=%EE%3F%B6%DC%E0%EE%F1%B37%8C%A6%F2%0D%A9M%1Fj4%B5%81Dy%A9%D1i%13%1F%0BH%FE%9DQ2%CB%A3%D4%CCF%7F5%C3%F2%F7%B2%A1%D5%25%CA%18%C4%5C%19V%0CYe%F1f%28%A2N%7B%06-%FE%81%B9%E8%9CK%F3%DCi%BE%2C%E9i%05%A5%C6%89zr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://fakaza.me
set-cookie: zc=7026377d-8d2c-4aa7-580e-a28321fdf92c; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f7e1625e960b4d-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash b243472c702b87ec10737db445a1b5f6
e08e9155d4f4cb20d4b7d51d15e9888b42540e01
08dbb363e5124647d48af8e2ff8ab7d69816e402c1bfa320e640b38273635645
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2161
Cache-Control: max-age=137606
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Etag: "63d1a7f6-13a"
Expires: Fri, 27 Jan 2023 22:42:47 GMT
Last-Modified: Wed, 25 Jan 2023 22:06:46 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
vianoivernom.com/400/3224468
139.45.197.237200 OK 32 kB URL HTTP/2 vianoivernom.com/400/3224468
IP 139.45.197.237:0
Hash 4478216971e99ff66405c644670c98ff
1e73d5948f10d3ca43032f80405514d372176d9f
890dae9bdc71cbd5b984c4fa1e2657ad62a737d2ca45474e9ea685711b34b5a9
Analyzer Verdict Alert quad9 Sinkholed
GET /400/3224468 HTTP/1.1
Host: vianoivernom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/javascript
x-trace-id: 1c404909c0342974cb991e4bf391808b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=587d92698939438eac63e14e4cf86bba; expires=Fri, 26 Jan 2024 08:29:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=fakaza.me&sn=FirefoxSyncframe&so=3&topUrl=fakaza.me&bundle=ASMO6F9GJTJCTkhHQUFQRGRBTW5maHRGTnJkeXhkdEk5dDJhcmVvaXRDYXNQN2RBeUVRcUEzaGRLbTRYOHdaMnRZSnpaSlRpZEZLdTVGN2l0OGU0eDdjcnZLOXhvV0tDS2FBV0I0VGVqempUYUNQTWVONmV3SUVqVjR5dnNCaEcxQ0dQS2dV&info=P0uViV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l2MU14dG5TTnBtRkQxVll4RXlNN2F1RFIlMkJBNFY0TU02Znc0YUpmVGlRbA&idsd=-2060415147,-1322199911&cw=1&rtusCallerId=147&lsw=1
178.250.0.157200 OK 361 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=fakaza.me&sn=FirefoxSyncframe&so=3&topUrl=fakaza.me&bundle=ASMO6F9GJTJCTkhHQUFQRGRBTW5maHRGTnJkeXhkdEk5dDJhcmVvaXRDYXNQN2RBeUVRcUEzaGRLbTRYOHdaMnRZSnpaSlRpZEZLdTVGN2l0OGU0eDdjcnZLOXhvV0tDS2FBV0I0VGVqempUYUNQTWVONmV3SUVqVjR5dnNCaEcxQ0dQS2dV&info=P0uViV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l2MU14dG5TTnBtRkQxVll4RXlNN2F1RFIlMkJBNFY0TU02Znc0YUpmVGlRbA&idsd=-2060415147,-1322199911&cw=1&rtusCallerId=147&lsw=1
IP 178.250.0.157:0
Hash 6914b2a206780fea1c86cf85e8c1dea6
b65c5dc8c4efb4c7967b938a245515697bc98ea1
d0d37b8d882c848306f464612de8663c9ed85ec4431804c0fa3630bcf1431b59
GET /sid/json?origin=rtus&domain=fakaza.me&sn=FirefoxSyncframe&so=3&topUrl=fakaza.me&bundle=ASMO6F9GJTJCTkhHQUFQRGRBTW5maHRGTnJkeXhkdEk5dDJhcmVvaXRDYXNQN2RBeUVRcUEzaGRLbTRYOHdaMnRZSnpaSlRpZEZLdTVGN2l0OGU0eDdjcnZLOXhvV0tDS2FBV0I0VGVqempUYUNQTWVONmV3SUVqVjR5dnNCaEcxQ0dQS2dV&info=P0uViV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l2MU14dG5TTnBtRkQxVll4RXlNN2F1RFIlMkJBNFY0TU02Znc0YUpmVGlRbA&idsd=-2060415147,-1322199911&cw=1&rtusCallerId=147&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1474353
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
172.67.13.182200 OK 239 B URL HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 172.67.13.182:0
File type ASCII text, with no line terminators
Hash 6daf93b8c7241d853e98016e6ad864e7
2f2f38bf4f54ea79c873cda12da6f9a9733a8391
2348ab042c9b528e4fca29c5162b25bfea8775100b8e81cab54ea619b1f3f72c
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://fakaza.me
set-cookie: zc=7026377d-8d2c-4aa7-580e-a28321fdf92c; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=%EE%3F%B6%DC%E0%EE%F1%B37%8C%A6%F2%0D%A9M%1Fj4%B5%81Dy%A9%D1i%13%1F%0BH%FE%9DQ2%CB%A3%D4%CCF%7F5%C3%F2%F7%B2%A1%D5%25%CA%18%C4%5C%19V%0CYe%F1f%28%A2N%7B%06-%FE%81%B9%E8%9CK%F3%DCi%BE%2C%E9i%05%A5%C6%89zr; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f7e159fdb70b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337
185.64.190.80200 OK 334 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337
IP 185.64.190.80:0
Hash 374e5089f746c2eba3da96bb94cc1c6b
14e675079369c957fcdcfaf75bdd0235446b2f0e
aa5c2f3ee50bb0736510e0902b6228fb460b445cfacd95a71374c94d5ce0cfb6
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash fd24e4c840142708f190e1d34e058b5b
9ed1b3016ba7e1bde49bbcc7d6f429d4684e04d1
9ca431179732c2cfe118a16d17acf8da93f401ed10eadb207d717fc67b8bc2f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5404
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:21 GMT
Last-Modified: Thu, 26 Jan 2023 06:59:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash c1f48d76ab26ab81ea51c0e54b0658f6
299bec36fb52baab04f633571872aded9368e461
9ef779bcd2e796b0d76800053bdbdd24156476ebb822e3f46c6485d10d59fce9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135228
Date: Thu, 26 Jan 2023 08:29:21 GMT
Etag: "63d1902f-1d7"
Expires: Fri, 27 Jan 2023 22:03:09 GMT
Last-Modified: Wed, 25 Jan 2023 20:25:19 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AqfdCOm7Dw5Q_gseHYqmTVUSBFvqa8Sn4Wc4A9ueML6d0WbQ-m9Jdg==
Age: 5870
ww1097.smartadserver.com/genericpost
81.17.55.113204 No Content 0 B URL HTTP/1.1 ww1097.smartadserver.com/genericpost
IP 81.17.55.113:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /genericpost HTTP/1.1
Host: ww1097.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Thu, 26 Jan 2023 08:29:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://fakaza.me
vary: Origin
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
108.128.16.246200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 108.128.16.246:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://fakaza.me
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Thu, 26 Jan 2023 08:29:21 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 26 Jan 2023 08:29:21 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
ww1097.smartadserver.com/genericpost
81.17.55.113200 OK 279 B URL HTTP/1.1 ww1097.smartadserver.com/genericpost
IP 81.17.55.113:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (563), with no line terminators
Hash eba34f85877350f6b0a671a4412f1c77
8e9e4a1f4bee1656baa55d1dbd3e078b9be2c5ab
95b8c90c93a3acca79a397f5f6211332c9c08f69274de5541f6451c94e684b3a
POST /genericpost HTTP/1.1
Host: ww1097.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/javascript
Content-Length: 845
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 26 Jan 2023 08:29:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://fakaza.me
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024; expires=Fri, 26 Jan 2024 08:29:21 GMT; domain=.smartadserver.com; path=/
vs=343705=5295389; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 26 Jan 2024 08:29:21 GMT; domain=.smartadserver.com; path=/
pid=8156820516802633093; expires=Fri, 26 Jan 2024 08:29:21 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638103185618663352&o=1; expires=Fri, 27 Jan 2023 08:29:21 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Fri, 27 Jan 2023 08:29:21 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ads.themoneytizer.com/lib_watermark.js
185.76.9.17200 OK 1.6 kB URL HTTP/2 ads.themoneytizer.com/lib_watermark.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
Hash fff1805fcef9773dece3552c1ac0feaa
14fd38403d453a54bf037016af021644f05c069d
62f54670956833b9bce2198316b52ba9814c4561098e6efc123dfa17799432f9
GET /lib_watermark.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 16:37:11 GMT
expires: Fri, 27 Jan 2023 05:04:11 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1674795851
server: CDN77-Turbo
x-77-nzt: AblMCQ1oRnj/FjAAAA
x-77-nzt-ray: c0a4cc287a876189e139d2636f507f39
x-cache: HIT
x-age: 12310
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.taboola.com/shared/tbframe.js
151.101.1.44200 OK 3.9 kB URL HTTP/2 cdn.taboola.com/shared/tbframe.js
IP 151.101.1.44:0
File type HTML document text\012- HTML document, ASCII text
Hash fb01aa2871441406b1ba014b6d7d1090
d21f6039f7382e52eae90b4d13c2d64f19b0570d
98b77c0a2e61d0279e64ab3f782d9f714898c8b1c5192be627ff8bef3a1333ca
GET /shared/tbframe.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MN9XaM/M+h/Qp9BPyRJeb340G4Pucv6Y4Pcowpb3egHjmCFs9+VVxhILfloP4UjJ7UdOXKHX+G0=
x-amz-request-id: DM4HTT2F4X9ZCD58
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-type: application/x-javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 08:29:22 GMT
via: 1.1 varnish
age: 3648
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 367
x-timer: S1674721762.107106,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 47
content-length: 3897
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/themonetizer-network/loader.js
151.101.1.44200 OK 315 kB URL HTTP/2 cdn.taboola.com/libtrc/themonetizer-network/loader.js
IP 151.101.1.44:0
File type ASCII text, with very long lines (64972)
Size 315 kB (314973 bytes)
Hash d1422104c4e2d2fb538de51f97e30d9b
9ba1c101e63fb9ea24472201ef1320dd6befd3fe
999082c4dae1f67455c4479362dead1925aa4fd33efd9d83fa1ee7731a12c09c
GET /libtrc/themonetizer-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
etag: "227c8faf2d95b79538cc058c0ffdb3a5ce95a478"
last-modified: Wed, 25 Jan 2023 17:40:41 UTC
x-amz-id-2: lHZHg/6e59acWrQHNPWmsDpfgjRwppcQuArIqdzczRA+C4cH+Zf+UVzsP415D0d/hJzkiWaKp60=
x-amz-request-id: YD50TG1PQYW1Y7BN
x-amz-version-id: sGsQEYvtQ8IhclSUgMTEb.L6wxC6qoWn
x-from-cache: 1
x-envoy-upstream-service-time: 15
accept-ranges: bytes
date: Thu, 26 Jan 2023 08:29:22 GMT
via: 1.1 varnish
age: 10067
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674721762.152776,VS0,VE1
cache-control: private,max-age=14400
vary: Accept-Encoding, Accept-Encoding
abp: 20
content-length: 314973
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/tr5?abgroup=aa_test_for_monitoring_ctrl
151.101.1.44200 OK 3 B URL HTTP/2 cdn.taboola.com/libtrc/tr5?abgroup=aa_test_for_monitoring_ctrl
IP 151.101.1.44:0
File type ASCII text, with no line terminators
Hash cf1731f1eadf52f064e6059d699e7615
816201b65af045985cf47b5c7c58089759d00a45
2e34af284c28bf285781a36241b6e00ec74c81e6ae6858d52bdede5ebf7e37c1
GET /libtrc/tr5?abgroup=aa_test_for_monitoring_ctrl HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Varnish
retry-after: 0
content-type: text/html
accept-ranges: bytes
date: Thu, 26 Jan 2023 08:29:22 GMT
via: 1.1 varnish
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1674721762.346688,VS0,VE0
cache-control: private,max-age=14400
content-length: 3
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/impl.20230125-20-RELEASE.js
151.101.1.44200 OK 155 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20230125-20-RELEASE.js
IP 151.101.1.44:0
File type ASCII text, with very long lines (65508)
Size 155 kB (154901 bytes)
Hash 821da2ae649fcbcd6095d4256327d4e4
41f791d9832a3b00caceb7109815f54c77fdea3e
de4284e16d3ad6dc9cda9ad5902b41d5cb92c0285ed0e9754aff4da9425b21d3
GET /libtrc/impl.20230125-20-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c/49/iUAbxzmwoWRhTYNi9bEMqGSrh3EtnIPiYNGh2NMOX9GF2Y2jDd2wLfiCx7+7DpI/P/nP2A=
x-amz-request-id: 909RKYD0X4NEXQD7
last-modified: Wed, 25 Jan 2023 14:13:03 GMT
etag: "821da2ae649fcbcd6095d4256327d4e4"
content-encoding: br
x-amz-version-id: pJOHOALZk3tqGRtDPOi7EGP8eWuCUp.w
content-type: application/javascript
accept-ranges: bytes
date: Thu, 26 Jan 2023 08:29:22 GMT
via: 1.1 varnish
age: 8070
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 5497
x-timer: S1674721762.348076,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 47
server: AmazonS3-br
content-length: 154901
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://fakaza.me
server-processing-duration-in-ticks: 593647
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 8.9 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
Hash a81dcb01bee547101c8869223050be47
b44098d7ea8f697bd31e3377ac17f5e3bb2814a5
14e96a5228d09f9efcf07b583ad7be9cf4d285890a06eae82d2504d6cc129c60
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
x-crto-bundle: 74El3V9zT05PeVg5SVR5ZldDY1VaSGdQZGFhVkhBSG8wZ3N1NTlodWVOam80WVZVWHdERHIxRDByTkRETmNwMnB4dGRWJTJCJTJGWUFBMFlaelp2RyUyQmhjRWtjRXFhOEZFZXpBOWVQNk5tS09KUGcwdXRzb2I4V0JOaTlRWVMyZ2hzczV6JTJGJTJCNU9mdDZrbFBYMFFFQlVmYUpuSlh1a29nJTNEJTNE
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://fakaza.me
server-processing-duration-in-ticks: 1996547
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 128 B IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ac8169207ecb8a571dc471ffe915095c
647fe22818834dcdb05567063af3094e675deb10
b491556652208ecf77c16d46f977e0f252ee2a6b4d622d0a063a5b9dd896518a
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=F9szj180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l2MU14dG5TTnBtRkQxVll4RXlNN2JNeWZ5cmdZVXNQRWVkSlozcU5JMzU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=P0uViV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l2MU14dG5TTnBtRkQxVll4RXlNN2F1RFIlMkJBNFY0TU02Znc0YUpmVGlRbA; expires=Tue, 20 Feb 2024 08:29:21 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 334936
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.507&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=8047&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.507&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=8047&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.507&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=8047&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 08:29:22 GMT
x-fastly-to-nlb-rtt: 22229
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.507&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=4475&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.507&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=4475&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.507&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=4475&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 08:29:22 GMT
x-fastly-to-nlb-rtt: 22229
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.385&type=info&msg=%7B%22publisher%22%3A%22themonetizer-network%22%2C%22mode%22%3A%22thumbnails-b%22%2C%22container%22%3A%22tbl_widget_container%22%2C%22placement%22%3A%22-PAVE%20HAUT%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=8338&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.385&type=info&msg=%7B%22publisher%22%3A%22themonetizer-network%22%2C%22mode%22%3A%22thumbnails-b%22%2C%22container%22%3A%22tbl_widget_container%22%2C%22placement%22%3A%22-PAVE%20HAUT%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=8338&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.385&type=info&msg=%7B%22publisher%22%3A%22themonetizer-network%22%2C%22mode%22%3A%22thumbnails-b%22%2C%22container%22%3A%22tbl_widget_container%22%2C%22placement%22%3A%22-PAVE%20HAUT%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=8338&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 08:29:22 GMT
x-fastly-to-nlb-rtt: 22229
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.383&type=info&msg=https%3A%2F%2Ffakaza.me%2F&llvl=2&id=8723&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.383&type=info&msg=https%3A%2F%2Ffakaza.me%2F&llvl=2&id=8723&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.383&type=info&msg=https%3A%2F%2Ffakaza.me%2F&llvl=2&id=8723&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 08:29:22 GMT
x-fastly-to-nlb-rtt: 22229
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.384&type=usage&msg=rtus&llvl=2&id=7323&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.384&type=usage&msg=rtus&llvl=2&id=7323&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-fakazame/log/2/debug?tim=08%3A29%3A20.384&type=usage&msg=rtus&llvl=2&id=7323&cv=20230125-20-RELEASE<=aa_test_for_monitoring_ctrl&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 08:29:22 GMT
x-fastly-to-nlb-rtt: 22229
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc.taboola.com/themonetizer-fakazame/trc/3/json?tim=08%3A29%3A20.388<i=aa_test_for_monitoring_ctrl&data=%7B%22id%22%3A51%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1674657346350%2C%22vi%22%3A1674721760387%2C%22cv%22%3A%2220230125-20-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffakaza.me%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A8050%2C%22btv%22%3A%220%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Ffakaza.me%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22-PAVE%20HAUT%22%2C%22orig_uip%22%3A%22-PAVE%20HAUT%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C-PAVE%20HAUT%3Dthumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22aa_test_for_monitoring_ctrl%22%7D&llvl=2
151.101.1.44200 OK 51 B URL HTTP/2 trc.taboola.com/themonetizer-fakazame/trc/3/json?tim=08%3A29%3A20.388<i=aa_test_for_monitoring_ctrl&data=%7B%22id%22%3A51%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1674657346350%2C%22vi%22%3A1674721760387%2C%22cv%22%3A%2220230125-20-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffakaza.me%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A8050%2C%22btv%22%3A%220%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Ffakaza.me%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22-PAVE%20HAUT%22%2C%22orig_uip%22%3A%22-PAVE%20HAUT%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C-PAVE%20HAUT%3Dthumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22aa_test_for_monitoring_ctrl%22%7D&llvl=2
IP 151.101.1.44:0
Hash 1f9f8b016574c02586f426ddd4548048
5b1af0f1720bfd3999044880988d903c9de7a0e4
0514ad3e92993b93125cbef7a3de057a39ebb0a7a2c44eedec6924b6e8a2c7cc
GET /themonetizer-fakazame/trc/3/json?tim=08%3A29%3A20.388<i=aa_test_for_monitoring_ctrl&data=%7B%22id%22%3A51%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1674657346350%2C%22vi%22%3A1674721760387%2C%22cv%22%3A%2220230125-20-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffakaza.me%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A8050%2C%22btv%22%3A%220%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Ffakaza.me%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22-PAVE%20HAUT%22%2C%22orig_uip%22%3A%22-PAVE%20HAUT%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2C-PAVE%20HAUT%3Dthumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22aa_test_for_monitoring_ctrl%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/plain;charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 08:29:22 GMT
via: 1.1 varnish
x-served-by: cache-bma1628-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674721763.518383,VS0,VE87
vary: Accept-Encoding
x-vcl-time-ms: 87
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 528 B IP 178.250.2.146:0
Hash 01bf67737811d4745765ccb8be384862
157852f63ab09b7466dbee4de9db6320a211eda4
959b27e171341dfd0b03255596ff92cd300a299887caacdd4d1eaf73d8e17dc5
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=P0uViV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l2MU14dG5TTnBtRkQxVll4RXlNN2F1RFIlMkJBNFY0TU02Znc0YUpmVGlRbA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:22 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=m9HxOl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3l2MU14dG5TTnBtRkQxVll4RXlNN1kwJTJGdllQUmVJWHlpaHh3ZDhsa1pPcg; expires=Tue, 20 Feb 2024 08:29:22 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 335736
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
vianoivernom.com/impression/Q5WuMqpBLWnPf7Y1jEpLnryVsPwci9fceL9hUzFU0MUy06FDZ52R9bo-RjTwLjv7L97GbGFfPQy8_irgfIlQR6NqbMlIhst8kbxQPPrIKMerjPRURrtGn-BMqS6FS5446e3s_FJAZ9rsJ51WO7ijIGYlh8msxeCBecWHkE2ifYyZLP9LdRjmzSLyHo6QjmPIu_EVHdsZ-ANBTBox-b1MZ7HP47w5WvAtW9ajX294yWEkhYcgAXCXymmUoc9SkSKR80h6Y28UiddoMgokO7qZuN9bU8vn8txBWNbHkrJLYKkGvuhQZ-pOVU8aP1IaTA36zz5_wu-LPGwVDnQ2NrNVSE9I45lWIy0dTv9FnsqFe4nvFAUBhx-GVjNBrGfj1vJJfi06SJl3YuWFNKs127Ct1ax6M3T53S6nFLIFnXCwge8l-y65yo805n3moiCy1mEPVF0LIGBYDyws6LHjuz5P3i3-q7b4OREeKN0IzIhQhoqJW1BZXzZUHQC9SmrcyLk7V40zNp48INudJSX2K7OlT3pltCATIvGTsRf4mKYzkMeRxE5krMgjpZnmzBByQZ4mBYSwMYrDh27jStvG2enLM9MJKOTmAh4RFdcEbdp1LlguXPLFZB813wYtfylu_GpeMfZe76UxFtl0AuJ03eu7Ow==?_z=3224468&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 vianoivernom.com/impression/Q5WuMqpBLWnPf7Y1jEpLnryVsPwci9fceL9hUzFU0MUy06FDZ52R9bo-RjTwLjv7L97GbGFfPQy8_irgfIlQR6NqbMlIhst8kbxQPPrIKMerjPRURrtGn-BMqS6FS5446e3s_FJAZ9rsJ51WO7ijIGYlh8msxeCBecWHkE2ifYyZLP9LdRjmzSLyHo6QjmPIu_EVHdsZ-ANBTBox-b1MZ7HP47w5WvAtW9ajX294yWEkhYcgAXCXymmUoc9SkSKR80h6Y28UiddoMgokO7qZuN9bU8vn8txBWNbHkrJLYKkGvuhQZ-pOVU8aP1IaTA36zz5_wu-LPGwVDnQ2NrNVSE9I45lWIy0dTv9FnsqFe4nvFAUBhx-GVjNBrGfj1vJJfi06SJl3YuWFNKs127Ct1ax6M3T53S6nFLIFnXCwge8l-y65yo805n3moiCy1mEPVF0LIGBYDyws6LHjuz5P3i3-q7b4OREeKN0IzIhQhoqJW1BZXzZUHQC9SmrcyLk7V40zNp48INudJSX2K7OlT3pltCATIvGTsRf4mKYzkMeRxE5krMgjpZnmzBByQZ4mBYSwMYrDh27jStvG2enLM9MJKOTmAh4RFdcEbdp1LlguXPLFZB813wYtfylu_GpeMfZe76UxFtl0AuJ03eu7Ow==?_z=3224468&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/Q5WuMqpBLWnPf7Y1jEpLnryVsPwci9fceL9hUzFU0MUy06FDZ52R9bo-RjTwLjv7L97GbGFfPQy8_irgfIlQR6NqbMlIhst8kbxQPPrIKMerjPRURrtGn-BMqS6FS5446e3s_FJAZ9rsJ51WO7ijIGYlh8msxeCBecWHkE2ifYyZLP9LdRjmzSLyHo6QjmPIu_EVHdsZ-ANBTBox-b1MZ7HP47w5WvAtW9ajX294yWEkhYcgAXCXymmUoc9SkSKR80h6Y28UiddoMgokO7qZuN9bU8vn8txBWNbHkrJLYKkGvuhQZ-pOVU8aP1IaTA36zz5_wu-LPGwVDnQ2NrNVSE9I45lWIy0dTv9FnsqFe4nvFAUBhx-GVjNBrGfj1vJJfi06SJl3YuWFNKs127Ct1ax6M3T53S6nFLIFnXCwge8l-y65yo805n3moiCy1mEPVF0LIGBYDyws6LHjuz5P3i3-q7b4OREeKN0IzIhQhoqJW1BZXzZUHQC9SmrcyLk7V40zNp48INudJSX2K7OlT3pltCATIvGTsRf4mKYzkMeRxE5krMgjpZnmzBByQZ4mBYSwMYrDh27jStvG2enLM9MJKOTmAh4RFdcEbdp1LlguXPLFZB813wYtfylu_GpeMfZe76UxFtl0AuJ03eu7Ow==?_z=3224468&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: vianoivernom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Cookie: OAID=7d406d59a1ab41bfa384c310d75e264f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:23 GMT
content-type: image/gif
content-length: 43
x-trace-id: 626e3b67974eba52af469cf219b19141
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
vianoivernom.com/500/3224468?excludes=16526539&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 vianoivernom.com/500/3224468?excludes=16526539&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/3224468?excludes=16526539&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: vianoivernom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:23 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
vianoivernom.com/500/3224468?excludes=16526539&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 21 kB URL HTTP/2 vianoivernom.com/500/3224468?excludes=16526539&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 5a439d9a9813a1978525c03c30863771
45170641da8551ed01bbf2ccc7a625bada33466a
d4d404aac194e4ed2096da5452939c28efa22c53e6a5cb3658c5bd8ec5760f59
Analyzer Verdict Alert quad9 Sinkholed
GET /500/3224468?excludes=16526539&oaid=7d406d59a1ab41bfa384c310d75e264f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: vianoivernom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Cookie: OAID=7d406d59a1ab41bfa384c310d75e264f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:23 GMT
content-type: application/javascript
x-trace-id: 2b1dbb1b776f2206ad946139fdadedc6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://fakaza.me
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=7d406d59a1ab41bfa384c310d75e264f; expires=Fri, 26 Jan 2024 08:29:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1674721758680
51.89.9.254204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1674721758680
IP 51.89.9.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1674721758680 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:24 GMT; Path=/; Domain=.betweendigital.com
tuuid=40e2e438-321b-521a-92f4-d04af126e9ae; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:24 GMT; Path=/; Domain=.betweendigital.com
ut=Y9I55AALeYAS7TCtwVMZQRogjWMT-WnynYqE4w==; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:24 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.191.196200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:24 GMT; Path=/; Domain=.betweendigital.com
tuuid=d25dabcb-2b8d-521a-b863-5ddedbb1643a; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:24 GMT; Path=/; Domain=.betweendigital.com
ut=Y9I55AADvQjoH-BwLKuifQ95__aHXr9LYKY8iw==; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:24 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 1.0 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 52af7f80c75a7aed778aeba4ffdb4eed
df7b70c60dc1390b8376f893545a3dd95188e6c9
a7f78fffba9f579f8da1202ab569f90fe4448d17e8a2622682f3551f8993663d
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:18 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 30 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65447)
Hash 0f1a7e96475d9d0ba2440a84f27ce0f8
15596e312dbc459e7cc7dc0030b4783dd1fa8fd8
a5ee7f399801c0c68a9ccad1783561966d5f9a6238f0727049e720396d410304
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:19 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 2.8 kB IP 192.124.249.23:0
Hash 307ca2b82100026b934602f341e01043
c04ee3d0ccc2a2eeb42d7f2948a1ba4d88d67690
3f644775d6050231288e7be591d1584a64b7ca5a152f8e5dedcf54d0d2ea4da7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 26 Jan 2023 08:29:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 25 Jan 2023 21:27:27 GMT
Expires: Thu, 26 Jan 2023 21:27:27 GMT
ETag: "1b1be4664586b20986d0f290a21101f8166b915a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
216.52.2.48204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 26 Jan 2023 08:29:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap5ams1
ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
95.101.10.8302 Moved Temporarily 0 B URL HTTP/1.1 ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
IP 95.101.10.8:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-matching?id=3602&gdpr=0&gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Content-Length: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1674721764694024-429
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/d7de37c49bbe527ca3f83e877192a27?gdpr_consent=&gdpr=0
Expires: Thu, 26 Jan 2023 08:29:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 26 Jan 2023 08:29:24 GMT
Connection: keep-alive
Set-Cookie: UID=d7de37c49bbe527ca3f83e877192a27; Domain=ads.stickyadstv.com; Expires=Sat, 25-Feb-2023 08:29:24 GMT; Path=/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a909f3f70a923e3377e43eaa20d019d0
248f2ba7ae1e1dd48a0af68b2bfe3600063a60d8
7f5be378f1da5231df469d1534ff2ca6fc25eb4b2981c1afdc288b8ec681baf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5394
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:24 GMT
Last-Modified: Thu, 26 Jan 2023 06:59:30 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 3e023abb96478bac24867312ee9da943
00a35b1d6f21d4871fdb50c5109f250e608a6586
fd7c69a9a21a5d849cf7d9d8cafb291120ea37e935a3ce172ccf2871494bd314
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162565
Date: Thu, 26 Jan 2023 08:29:24 GMT
Etag: "63d208fb-1d7"
Expires: Sat, 28 Jan 2023 05:38:49 GMT
Last-Modified: Thu, 26 Jan 2023 05:00:43 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _zLIgAiB2G_Zh2VXwUSHLNQx1TYbmaS8NCoxgvhmNKtcbW5mlBEElg==
Age: 2286
creativecdn.com/cm-notify?pi=smilewanted
185.184.8.90302 Found 0 B URL HTTP/2 creativecdn.com/cm-notify?pi=smilewanted
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm-notify?pi=smilewanted HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 08:29:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=UE0DXxd9qPPVhk0iAj79;Path=/;Domain=.creativecdn.com;Expires=Fri, 26-Jan-2024 08:29:24 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1674721764;Path=/;Domain=.creativecdn.com;Expires=Fri, 26-Jan-2024 08:29:24 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
content-length: 0
X-Firefox-Spdy: h2
fakaza.me/
104.21.64.43200 OK 30 kB IP 104.21.64.43:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 0908bc514a59a3a9bbc8033175e4790f
d94938eb1c247468bc7be995280abd072e59df5d
480b5c3a2722a794a594b1b6d20c35bb350be764510ea9751e46c9b86b4e3fbb
GET / HTTP/1.1
Host: fakaza.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
last-modified: Thu, 26 Jan 2023 08:24:16 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhQq1GygRskqYaaYa4tGqZckaF0Dfe5qyoEUOcOkzdLPmdviny6g3FUGxSbV0%2FuRxkOHf61pmjXzh0NYBfqiUSpsFE%2BtNKkFPKsPwteyR2Dg1Q%2BD7lRIwTKQdjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f7e14ada06b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creativecdn.com/cm-notify?pi=smilewanted&tc=1
185.184.8.90200 OK 42 B URL HTTP/2 creativecdn.com/cm-notify?pi=smilewanted&tc=1
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm-notify?pi=smilewanted&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:24 GMT
content-type: image/gif
content-length: 42
X-Firefox-Spdy: h2
csync.smilewanted.com/drop_cookie_sw.php
104.22.69.131200 OK 68 B URL HTTP/2 csync.smilewanted.com/drop_cookie_sw.php
IP 104.22.69.131:0
Hash fde8545f2ff7225fc56848bea09596fa
3f0357036d42b6449c80205052b136fa6f4d199e
647828c3d5e306222e363f4b2bf465e45a69510ee22c36a9d5fb6238af47e8fb
GET /drop_cookie_sw.php HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sw_user_params_infos=8sdRREvsw7LjLys0YvGw8zQIsvJikFGmVM%2FTZx%2BPdUvALm8WSpKRTuIK2VOPjTYWF3ISO5oP%2BWQTKI2c2d%2BP%2FwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6ZW34odAzDEI3UGc9%2FcZFYA%3D%3D; expires=Fri, 26-Jan-2024 14:18:36 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f7e173dd1a2d89-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 2fdcf97ebb7e4c2f80b33da45abcfc70
43bb3ab1bf1d3beac46f8f63977e31453eef17b1
d124c388e1bfa3af3be9efd0df892f74ec66e3d2fc964cb2e792506642d49877
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 26 Jan 2023 08:29:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 25 Jan 2023 20:53:41 GMT
Expires: Thu, 26 Jan 2023 20:53:41 GMT
ETag: "43bb3ab1bf1d3beac46f8f63977e31453eef17b1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
18.158.114.168302 Found 0 B URL HTTP/2 ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
IP 18.158.114.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 26 Jan 2023 08:29:24 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
set-cookie: tuuid=bebc89a6-0854-4a14-accb-d817ad8dea05; Expires=Wed, 26 Apr 2023 08:29:24 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1674721764; Expires=Wed, 26 Apr 2023 08:29:24 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
csync.smilewanted.com/set_partner_userid_get/freewheel/d7de37c49bbe527ca3f83e877192a27?gdpr_consent=&gdpr=0
104.22.69.131200 OK 68 B URL HTTP/2 csync.smilewanted.com/set_partner_userid_get/freewheel/d7de37c49bbe527ca3f83e877192a27?gdpr_consent=&gdpr=0
IP 104.22.69.131:0
Hash aeff6ce9a8e2d025d554d24b05a97245
70abd3f41477b5c6cec794ffdc5fe36fddc34e90
5182bb6d53e6c432bfb93d9361de16b123fbda799fe5b1549575c70e02080b91
GET /set_partner_userid_get/freewheel/d7de37c49bbe527ca3f83e877192a27?gdpr_consent=&gdpr=0 HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Cookie: sw_user_params_infos=8sdRREvsw7LjLys0YvGw8zQIsvJikFGmVM%2FTZx%2BPdUvALm8WSpKRTuIK2VOPjTYWF3ISO5oP%2BWQTKI2c2d%2BP%2FwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6ZW34odAzDEI3UGc9%2FcZFYA%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sw_user_params_infos=pCxawHHtahhRWVXPSJLFKXMHR5n0GzsOHO8cjfinMBOXHNcAQwGa2mNQPAgMr1ScUk2M3q1EifLAYNqAXoPBSctN5z8wSnU69FIVljlYMA2fazcJrLVsXTAJBV1AZIeL%2FjSI8zRmih%2BIDQV14lF%2BRi1NjVwc7U91CMNEpQfI3gJ0AbTFB%2FfU7dg7LmLjI1tBugOXblB5YjMiWSdSoOh3XA%3D%3D; expires=Fri, 26-Jan-2024 14:18:36 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f7e1759e772d89-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 6.2 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
File type ASCII text, with very long lines (17031), with no line terminators
Hash dfd1fdd9197381188d9240427038f970
85135c355457345ea5c9d08ef12a7f872cdb363b
c6307b7ecc7e28db203c3ba4660652eaa799fc238bd8b810374c9f4cd162e549
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f7e1500c2a0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
8.2.108.175204 No Content 0 B URL HTTP/1.1 us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
IP 8.2.108.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP/1.1
Host: us.ck-ie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 26 Jan 2023 08:29:24 GMT
Content-Type: text/plain
Connection: keep-alive
sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
185.86.137.133200 OK 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
IP 185.86.137.133:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
date: Thu, 26 Jan 2023 08:29:24 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ea2565480c02d9e75d9f35791f38c610
17b82d3c1dc70536188da112defa5208736387a6
26c8b0ebc4ac6b62ba6bc40807261a64aed265aad5e2cb23833f1aa52ff2bb98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 71
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 08:29:25 GMT
Last-Modified: Thu, 26 Jan 2023 08:28:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Content-Type: image/gif
vianoivernom.com/impression/1pKLvgzkmHef-zDX8awvZdD1BERvY_ioX4ZfPkGeLRNL9boHph8ZsgmXE-1mDqrrPmgtSLkoufRY2OXHwDBlT5njjtQ1pdVG-PFn85fvXIXUCtkrUKmin4tZnJ8dvBY3RYL8axCCs5dNXvr5c4_p27vjPtf-dsxfvp4CUBjZggzJAdvAozMAo1n3cjrP7QXHVdKYoKij06pSs_Wy6QmXZpZOWZcvGmX1NYOmLjL0fZmZHHPH5DOMtNG4NS1ZNC3Kgdc1YPlo099epOuApEkTgQq6Tn0U5ZQrj0BoidQHV15KNX2LkQ5ncLd_XNv6PJLmvNxr6Pjr2S333Kd3DhJmUbjoahTdMhFxKqaYmt6o7Jf_ogww1cLbB1_7t73HCnwxfKeiEbeMBSIQF1yMnp9VTituMIt40EnWuD6qyH1hOVH2YvqILIzbhP5BzQcLtHpI3sDMyfJOI6C2WGtlJB-_MFBLDhdmtXqn2UWaysalkmGti-EAcmiWy9G3g1SRlrzoVdivbFCpGbDDklpGLm1FZZBjcDUSo2WwyoGYjgTabqM=?_z=3224468&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=10&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 vianoivernom.com/impression/1pKLvgzkmHef-zDX8awvZdD1BERvY_ioX4ZfPkGeLRNL9boHph8ZsgmXE-1mDqrrPmgtSLkoufRY2OXHwDBlT5njjtQ1pdVG-PFn85fvXIXUCtkrUKmin4tZnJ8dvBY3RYL8axCCs5dNXvr5c4_p27vjPtf-dsxfvp4CUBjZggzJAdvAozMAo1n3cjrP7QXHVdKYoKij06pSs_Wy6QmXZpZOWZcvGmX1NYOmLjL0fZmZHHPH5DOMtNG4NS1ZNC3Kgdc1YPlo099epOuApEkTgQq6Tn0U5ZQrj0BoidQHV15KNX2LkQ5ncLd_XNv6PJLmvNxr6Pjr2S333Kd3DhJmUbjoahTdMhFxKqaYmt6o7Jf_ogww1cLbB1_7t73HCnwxfKeiEbeMBSIQF1yMnp9VTituMIt40EnWuD6qyH1hOVH2YvqILIzbhP5BzQcLtHpI3sDMyfJOI6C2WGtlJB-_MFBLDhdmtXqn2UWaysalkmGti-EAcmiWy9G3g1SRlrzoVdivbFCpGbDDklpGLm1FZZBjcDUSo2WwyoGYjgTabqM=?_z=3224468&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=10&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/1pKLvgzkmHef-zDX8awvZdD1BERvY_ioX4ZfPkGeLRNL9boHph8ZsgmXE-1mDqrrPmgtSLkoufRY2OXHwDBlT5njjtQ1pdVG-PFn85fvXIXUCtkrUKmin4tZnJ8dvBY3RYL8axCCs5dNXvr5c4_p27vjPtf-dsxfvp4CUBjZggzJAdvAozMAo1n3cjrP7QXHVdKYoKij06pSs_Wy6QmXZpZOWZcvGmX1NYOmLjL0fZmZHHPH5DOMtNG4NS1ZNC3Kgdc1YPlo099epOuApEkTgQq6Tn0U5ZQrj0BoidQHV15KNX2LkQ5ncLd_XNv6PJLmvNxr6Pjr2S333Kd3DhJmUbjoahTdMhFxKqaYmt6o7Jf_ogww1cLbB1_7t73HCnwxfKeiEbeMBSIQF1yMnp9VTituMIt40EnWuD6qyH1hOVH2YvqILIzbhP5BzQcLtHpI3sDMyfJOI6C2WGtlJB-_MFBLDhdmtXqn2UWaysalkmGti-EAcmiWy9G3g1SRlrzoVdivbFCpGbDDklpGLm1FZZBjcDUSo2WwyoGYjgTabqM=?_z=3224468&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=10&pl=https%3A%2F%2Ffakaza.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: vianoivernom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Cookie: OAID=7d406d59a1ab41bfa384c310d75e264f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:26 GMT
content-type: image/gif
content-length: 43
x-trace-id: 080e8430be3c1aa0da5e0e475181cd77
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=4f71c68c13db491c9b6a52540c07d769&zoneId=4699893&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=4f71c68c13db491c9b6a52540c07d769&zoneId=4699893&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ea9199aaec46951d1fa294d57f55ad55
4ffaa896188dfe6cc0116f0bf064177509f37891
8a74726b691d759c061d10c4b0939586c117accefe9cd5308e839d76dcfccc40
GET /gid.js?pub=0&userId=4f71c68c13db491c9b6a52540c07d769&zoneId=4699893&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Cookie: ID=7d406d59a1ab41bfa384c310d75e264f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://fakaza.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7d406d59a1ab41bfa384c310d75e264f; expires=Fri, 26 Jan 2024 08:29:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
stats.wp.com/e-202304.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202304.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 11 Dec 2023 21:09:59 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffakaza.me%2F&domain=fakaza.me&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffakaza.me%2F&domain=fakaza.me&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ffakaza.me%2F&domain=fakaza.me&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://fakaza.me
server-processing-duration-in-ticks: 1458225
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
prebid.smilewanted.com/
104.22.69.131403 Forbidden 0 B IP 104.22.69.131:0
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 398
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f7e15d0ac02d89-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 743995
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
uwoaptee.com/pfe/current/universal.min.js?v=3.1.413
139.45.197.251200 OK 0 B URL HTTP/2 uwoaptee.com/pfe/current/universal.min.js?v=3.1.413
IP 139.45.197.251:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.413 HTTP/1.1
Host: uwoaptee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fakaza.me/
Origin: https://fakaza.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 14:31:33 GMT
etag: W/"63cfebc5-18c6c"
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybile.js
185.76.9.17200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Fri, 27 Jan 2023 05:04:10 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1674795850
server: CDN77-Turbo
x-77-nzt: AblMCQ24yRD/FjAAAA
x-77-nzt-ray: c0a4cc287a876189e039d263bca63808
x-cache: HIT
x-age: 12310
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
prebid.smilewanted.com/
104.22.69.131403 Forbidden 0 B IP 104.22.69.131:0
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 309
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f7e15d0aca2d89-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:18 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:19 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelement-and-player.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelement-and-player.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelement-and-player.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 29 Sep 2022 14:21:11 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:19 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5445816556
162.55.233.29200 OK 0 B URL HTTP/2 sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5445816556
IP 162.55.233.29:0
ASN #24940 Hetzner Online GmbH
GET /dcf3528a0b8aa83634892d50e91c306e/?ord=5445816556 HTTP/1.1
Host: sync.richaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 26 Jan 2023 08:29:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.2200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.2:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 51306
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:18 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:18 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelement-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelement-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:19 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
172.67.8.174200 OK 0 B URL HTTP/2 cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
IP 172.67.8.174:0
GET /connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F HTTP/1.1
Host: cdn.connectad.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3600
cf-cache-status: HIT
age: 338
last-modified: Thu, 26 Jan 2023 08:23:46 GMT
server: cloudflare
cf-ray: 78f7e175ccea1c0a-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337
185.64.190.80302 Found 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337
IP 185.64.190.80:0
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 26 Jan 2023 08:29:21 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Wed, 26-Apr-2023 08:29:21 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3b59d720-2252-4502-bc3c-478f610fc337
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=57902&adid=2&formatid=26300&size=desktop
185.76.9.17200 OK 0 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=57902&adid=2&formatid=26300&size=desktop
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /bidder1/moneybid.js?siteid=57902&adid=2&formatid=26300&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fakaza.me
cache-control: max-age=604800
x-accel-expires: @1675321271
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCQ0I3CH/qRQAAA
x-77-nzt-ray: c0a4cc287a876189e039d2636207182b
x-cache: HIT
x-age: 5289
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
shb.richaudience.com/hb/
162.55.101.208200 OK 0 B IP 162.55.101.208:0
ASN #24940 Hetzner Online GmbH
POST /hb/ HTTP/1.1
Host: shb.richaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 683
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 26 Jan 2023 08:29:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.251200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.251:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:21 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "OVi4z6W4qM+KoQEZlRgh5w=="
expires: Thu, 02 Feb 2023 08:29:21 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/_inc/build/photon/photon.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.7.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 08:29:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 08:29:19 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.smilewanted.com/js/decode_consent/decode_consent.js
104.22.69.131200 OK 0 B URL HTTP/2 static.smilewanted.com/js/decode_consent/decode_consent.js
IP 104.22.69.131:0
GET /js/decode_consent/decode_consent.js HTTP/1.1
Host: static.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:24 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
etag: W/"607873db-c1ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 553567
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f7e1739cbc2d89-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.214200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.214:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 86797
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Sarala:400,700%7cAdamina:400
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Sarala:400,700%7cAdamina:400
IP 142.250.74.74:0
GET /css?family=Sarala:400,700%7cAdamina:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 08:29:18 GMT
date: Thu, 26 Jan 2023 08:29:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
prebid.smilewanted.com/
104.22.69.131403 Forbidden 0 B IP 104.22.69.131:0
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 310
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f7e15d1ad12d89-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
pbjs.e-planning.net/pbjs/1/2a156/1/fakaza.me/ROS?rnd=0.07927961121997096&e=39287%3A970x250%2C970x90%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Ffakaza.me%2F&pbv=7.28.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Ffakaza.me%2F&e_criteoId=g6luml9lWFNQdUJsb1J2YyUyQnF1Nnc4dGVxbFAwNnlRRE1QUHpkNzdXQmZENGN1MkpTVkIlMkYxZWkyaWYlMkYlMkYyeFRhakJ0d0IlMkIlMkZqdWZPa2k0aFFHSHN4NDU4NyUyRlFBJTNEJTNE&e_pubcid=3a74c2f7-cbca-48c3-bc70-fbc5b14892f9
185.172.90.252302 Found 0 B URL HTTP/2 pbjs.e-planning.net/pbjs/1/2a156/1/fakaza.me/ROS?rnd=0.07927961121997096&e=39287%3A970x250%2C970x90%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Ffakaza.me%2F&pbv=7.28.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Ffakaza.me%2F&e_criteoId=g6luml9lWFNQdUJsb1J2YyUyQnF1Nnc4dGVxbFAwNnlRRE1QUHpkNzdXQmZENGN1MkpTVkIlMkYxZWkyaWYlMkYlMkYyeFRhakJ0d0IlMkIlMkZqdWZPa2k0aFFHSHN4NDU4NyUyRlFBJTNEJTNE&e_pubcid=3a74c2f7-cbca-48c3-bc70-fbc5b14892f9
IP 185.172.90.252:0
ASN #49981 WorldStream B.V.
GET /pbjs/1/2a156/1/fakaza.me/ROS?rnd=0.07927961121997096&e=39287%3A970x250%2C970x90%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Ffakaza.me%2F&pbv=7.28.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Ffakaza.me%2F&e_criteoId=g6luml9lWFNQdUJsb1J2YyUyQnF1Nnc4dGVxbFAwNnlRRE1QUHpkNzdXQmZENGN1MkpTVkIlMkYxZWkyaWYlMkYlMkYyeFRhakJ0d0IlMkIlMkZqdWZPa2k0aFFHSHN4NDU4NyUyRlFBJTNEJTNE&e_pubcid=3a74c2f7-cbca-48c3-bc70-fbc5b14892f9 HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Thu, 26 Jan 2023 08:29:20 GMT
content-type: text/html; charset=iso-8859-1
location: /hb/1/2a156/1/fakaza.me/ROS?ct=1&r=pbjs&rnd=0.07927961121997096&e=39287%3A970x250%2C970x90%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168&ur=https%3A%2F%2Ffakaza.me%2F&pbv=7.28.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Ffakaza.me%2F&e_criteoId=g6luml9lWFNQdUJsb1J2YyUyQnF1Nnc4dGVxbFAwNnlRRE1QUHpkNzdXQmZENGN1MkpTVkIlMkYxZWkyaWYlMkYlMkYyeFRhakJ0d0IlMkIlMkZqdWZPa2k0aFFHSHN4NDU4NyUyRlFBJTNEJTNE&e_pubcid=3a74c2f7-cbca-48c3-bc70-fbc5b14892f9
set-cookie: CT=1; path=/; SameSite=None; Secure
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-sid: AMS-928
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
188.42.191.196200 OK 0 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.191.196:0
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1756
Origin: https://fakaza.me
Connection: keep-alive
Referer: https://fakaza.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://fakaza.me
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:21 GMT; Path=/; Domain=.betweendigital.com
tuuid=dddd1a05-15fa-521a-9091-199cf343207d; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:21 GMT; Path=/; Domain=.betweendigital.com
ut=Y9I54QAGZLiiNF3yOwChByQDi2sQJK_NZimbww==; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:21 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Fri, 26 Jan 2024 08:29:21 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.2200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.2:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 08:29:22 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 123381
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2