| r10.o.lencr.org/ |  23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc3d1bfb12515d2f23214f980f7a18b8c 24cc3d9048888cc7e1f4ff42b8fdc1c16c9feb46 35a446cea345dbdb2c297726a3d6cc5f1088f4f9a3f65904c3b9655056efda06
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "35A446CEA345DBDB2C297726A3D6CC5F1088F4F9A3F65904C3B9655056EFDA06"
Last-Modified: Thu, 29 Aug 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3431
Expires: Sat, 31 Aug 2024 17:56:05 GMT
Date: Sat, 31 Aug 2024 16:58:54 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash404e3e4520c09fcce1358b1a21f6b171 040aa03460f3d7ec6f75cae0bf5a462a4bb9798d f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A"
Last-Modified: Sat, 31 Aug 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20017
Expires: Sat, 31 Aug 2024 22:32:31 GMT
Date: Sat, 31 Aug 2024 16:58:54 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha69a40edecaf5262aa4492b7259eb1dd 8241174bc1b8840baf20b3ce2950114dbb539871 a89a6e1e8de96ae61eb24e9a672d112a1b8f8f28f583a5335bc744a6b43fc7ac
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A89A6E1E8DE96AE61EB24E9A672D112A1B8F8F28F583A5335BC744A6B43FC7AC"
Last-Modified: Sat, 31 Aug 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2937
Expires: Sat, 31 Aug 2024 17:47:52 GMT
Date: Sat, 31 Aug 2024 16:58:55 GMT
Connection: keep-alive
|
|
| o.pki.goog/wr2 |  142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashe29c6b7502d56da7472a053839669971 fbb2bff28ced450ba346fc2aff09688b5b3c5358 a42b5126baefd27e31cb0001fff43b836d232437bc9b3c5de441568e5b878ca8
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9d2c063731a46a7e1548540195080de0 dd1924ebf7697509a10f3f07604f28f96b4fc498 0d414ed4850119c53fae9ddd19ee1dd95783fd08f7389c3e8ec95215023e298e
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0D414ED4850119C53FAE9DDD19EE1DD95783FD08F7389C3E8EC95215023E298E"
Last-Modified: Sat, 31 Aug 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2661
Expires: Sat, 31 Aug 2024 17:43:16 GMT
Date: Sat, 31 Aug 2024 16:58:55 GMT
Connection: keep-alive
|
|
| sofiahalbofanimeworld.blogspot.tw/ | 216.58.207.193 | 302 Found | 208 B |
URL User Request GET HTTP/2sofiahalbofanimeworld.blogspot.tw/ IP216.58.207.193:443
CertificateIssuerGoogle Trust Services Subjectmisc-sni.blogspot.com Fingerprint19:1A:AB:37:46:A3:1F:05:55:E6:DD:6B:99:D8:A7:EB:F7:F6:D5:E1 ValidityMon, 05 Aug 2024 06:59:20 GMT - Mon, 28 Oct 2024 06:59:19 GMT
File typeHTML document, ASCII text Hash7a0adbaf7873135a7491c969d115c2cc 03c8bad489492afa56d2e57cd0fed15e1fba7aff 69d4a5bc1eef97a62af9468ba4df5c2f690c42c5efdce3704e5d8aa248914406
GET / HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://sofiahalbofanimeworld.blogspot.com/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 31 Aug 2024 16:58:56 GMT
expires: Sat, 31 Aug 2024 16:58:56 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 208
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashe29c6b7502d56da7472a053839669971 fbb2bff28ced450ba346fc2aff09688b5b3c5358 a42b5126baefd27e31cb0001fff43b836d232437bc9b3c5de441568e5b878ca8
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashe29c6b7502d56da7472a053839669971 fbb2bff28ced450ba346fc2aff09688b5b3c5358 a42b5126baefd27e31cb0001fff43b836d232437bc9b3c5de441568e5b878ca8
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| sofiahalbofanimeworld.blogspot.com/ | 216.58.207.193 | | 16 kB |
URL sofiahalbofanimeworld.blogspot.com/ IP216.58.207.193:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (8483) Hash8c47bf2a2cf0a7a914dba12576dab9db a83deb44a204c001560ffedb4a56ad07414362ee c5f88f91dd0f5a784ef438beabb5e959c50e0cd73ae444a64dd0478b477bd2b3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 31 Aug 2024 16:58:56 GMT
date: Sat, 31 Aug 2024 16:58:56 GMT
cache-control: private, max-age=0
last-modified: Sun, 25 Aug 2024 18:14:46 GMT
etag: W/"e17977b52bdd0a621448f62835cc3b0c56be75d44349539aaa142eac79732e66"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15951
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sofiahalbofanimeworld.blogspot.com/js/cookienotice.js | 216.58.207.193 | | 2.0 kB |
URL sofiahalbofanimeworld.blogspot.com/js/cookienotice.js IP216.58.207.193:0
File typeJavaScript source, ASCII text Hasha705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/cookienotice.js HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 31 Aug 2024 16:58:57 GMT
expires: Sat, 07 Sep 2024 16:58:57 GMT
cache-control: public, max-age=604800
last-modified: Sat, 31 Aug 2024 11:55:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hashf4e07321a2e1decf6903a3f89f5204e8 b12f2f6c6764268d2c34eefa827236e6bf1ef578 4a0a5c603f808fe115a6f6c6bee308e6244e04b1dc0289b196c8533c286242d1
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109 | 142.250.74.34 | | 52 kB |
URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109 IP142.250.74.34:0
File typeJavaScript source, ASCII text, with very long lines (3967) Hasheeb6b87537e9ce0baad15da79a9172c5 95522a95bba442243f5e71d4dd756542c8049e15 7a590bae8c00fad502834896e213592292edbdf68ac12776b6e95f206f5dc68f
GET /pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sofiahalbofanimeworld.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:58:57 GMT
expires: Sat, 31 Aug 2024 16:58:57 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 1450340837455337842
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash1900e73cdcc02bede7242d709e8b9598 bb799f2039a394d2b487660860d4ebd0e035d864 8d912610a6cb07a85c6aca9d23b25d2d318971dcb90216ca9859b462626e135b
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash867e9e1f0661bcebc69207097daa53e0 eec433fcd15fbab80c2bf89e3329eaf373879e47 77b7be7e0dffd83fbe4df2558d4a64585d46746a940ebc35fcee889bea6b351e
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash14e44fbc79fff9130149a02877dfe5c1 507161302b283d352b59ce0a97a6f00ff3b1eaa5 44b13c462fa1e4aaa47b5f91bbebe2c37f42c788a0d10e814614ea9f1f23cedb
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hashc89d87f6f314e605db657aa731e5dad7 b39563f5cddef7b394daa5b186bad33f8909b38c df5c49c5ccd8aaab23bb8470154711b6a6dabc8ca26a29393059321f8f858389
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hashd8d089e036937a9cb9d0c11873f0ed06 e15c1bbaad00e9ff2f95e420c50ee735b46aea0b 19cf23c0aedac6b69385598dc707f7d5d33a0f6f81bc840ab08c65a521ca5775
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css | 216.58.207.233 | | 7.8 kB |
URL www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css IP216.58.207.233:0
File typeASCII text, with very long lines (35959) Hash1e32420a7b6ddbdcb7def8b3141c4d1e a1be54d42ff1f95244c9653539f90318f5bc0580 a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 03:48:19 GMT
expires: Sat, 30 Aug 2025 03:48:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Aug 2024 23:56:19 GMT
content-type: text/css
vary: Accept-Encoding
age: 133838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| resources.blogblog.com/img/icon18_email.gif | 216.58.207.233 | | 164 B |
URL resources.blogblog.com/img/icon18_email.gif IP216.58.207.233:0
File typeGIF image data, version 89a, 18 x 13 Hash36b9f993db1b953f3b9b08040aaf9af4 18248661b307586dc291fd2dff4bb59cf7579475 1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 11:05:23 GMT
expires: Fri, 06 Sep 2024 11:05:23 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Aug 2024 03:56:59 GMT
content-type: image/gif
age: 107614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apis.google.com/js/platform.js | 142.250.74.46 | | 25 kB |
URL apis.google.com/js/platform.js IP142.250.74.46:0
File typeJavaScript source, ASCII text, with very long lines (2774) Hash9c971144141aa4a6599b9f0954210340 e0592bc9344b1917a2f37f0b4d163eb2a73bcdac fd147b07bdeee3792d9bf29d77d72396488b3bef3c1ef3a185f343192db704fa
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 24573
date: Sat, 31 Aug 2024 16:58:57 GMT
expires: Sat, 31 Aug 2024 16:58:57 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "155b010c76c0be57"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| resources.blogblog.com/img/icon18_edit_allbkg.gif | 216.58.207.233 | | 162 B |
URL resources.blogblog.com/img/icon18_edit_allbkg.gif IP216.58.207.233:0
File typeGIF image data, version 89a, 18 x 18 Hashc991641178ff05adf0d004298b5eafa9 d8f6ce8ecd92b86d49849360f6b81ceb10b4c941 ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 03:28:34 GMT
expires: Fri, 06 Sep 2024 03:28:34 GMT
cache-control: public, max-age=604800
last-modified: Thu, 29 Aug 2024 23:56:19 GMT
content-type: image/gif
age: 135023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.blogger.com/static/v1/widgets/2430006334-widgets.js | 216.58.207.233 | | 51 kB |
URL www.blogger.com/static/v1/widgets/2430006334-widgets.js IP216.58.207.233:0
File typeJavaScript source, ASCII text, with very long lines (3242) Hashd02b3f75b2d267ff21d74390f3c2f482 fedebac5d02a3864bb3a419756afb7a8318d0674 19ac01ff785059f6e4cd94f3caa0193f48e19086f8a3d0484cb573f2d08b5b23
GET /static/v1/widgets/2430006334-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 02:14:03 GMT
expires: Fri, 29 Aug 2025 02:14:03 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 23:58:23 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 225894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash20c9eec1ed6a0f3c730b021493b9e3ec 9f241af1cf1513631da05ffbaede6bcd16e93571 0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3391
Expires: Sat, 31 Aug 2024 17:55:29 GMT
Date: Sat, 31 Aug 2024 16:58:58 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash20c9eec1ed6a0f3c730b021493b9e3ec 9f241af1cf1513631da05ffbaede6bcd16e93571 0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3391
Expires: Sat, 31 Aug 2024 17:55:29 GMT
Date: Sat, 31 Aug 2024 16:58:58 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash20c9eec1ed6a0f3c730b021493b9e3ec 9f241af1cf1513631da05ffbaede6bcd16e93571 0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3391
Expires: Sat, 31 Aug 2024 17:55:29 GMT
Date: Sat, 31 Aug 2024 16:58:58 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash20c9eec1ed6a0f3c730b021493b9e3ec 9f241af1cf1513631da05ffbaede6bcd16e93571 0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3391
Expires: Sat, 31 Aug 2024 17:55:29 GMT
Date: Sat, 31 Aug 2024 16:58:58 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash20c9eec1ed6a0f3c730b021493b9e3ec 9f241af1cf1513631da05ffbaede6bcd16e93571 0b2e4962ad211e7e6f6382c7fd9e05fcfc046cad9d26eccd1ef9c7d94ce3cfcf
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B2E4962AD211E7E6F6382C7FD9E05FCFC046CAD9D26ECCD1EF9C7D94CE3CFCF"
Last-Modified: Sat, 31 Aug 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3391
Expires: Sat, 31 Aug 2024 17:55:29 GMT
Date: Sat, 31 Aug 2024 16:58:58 GMT
Connection: keep-alive
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs | 142.250.74.46 | | 62 kB |
URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs IP142.250.74.46:0
File typeJavaScript source, ASCII text, with very long lines (2681) Hash02e3e24f15adc2bbba68bea7f59e9a3b eea8aefec8154ccb3b509e327c86ddb832f985c6 745dd4aacb59a3e1fd1dc80632d738a62dc5658ca57e8fe9a9fc921a824444fd
GET /_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 62532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 07:56:47 GMT
expires: Sat, 30 Aug 2025 07:56:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Aug 2024 21:32:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 118931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2982e7793bc1b6e88534b26d5506cb88 25c733ccaaff2bf377eb9451545ea13120e6ddc0 7cddd77543a7c5fb79246488d2d9a37185d321db4863a31fa5de6d286b823753
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "7CDDD77543A7C5FB79246488D2D9A37185D321DB4863A31FA5DE6D286B823753"
Last-Modified: Sat, 31 Aug 2024 05:35:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12475
Expires: Sat, 31 Aug 2024 20:26:53 GMT
Date: Sat, 31 Aug 2024 16:58:58 GMT
Connection: keep-alive
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hashf4e07321a2e1decf6903a3f89f5204e8 b12f2f6c6764268d2c34eefa827236e6bf1ef578 4a0a5c603f808fe115a6f6c6bee308e6244e04b1dc0289b196c8533c286242d1
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| resources.blogblog.com/blogblog/data/1kt/ethereal/white-fade.png | 216.58.207.233 | | 144 B |
URL resources.blogblog.com/blogblog/data/1kt/ethereal/white-fade.png IP216.58.207.233:0
File typePNG image data, 1 x 590, 8-bit/color RGBA, non-interlaced Hash4ba06844286b94adfc8ad7bc8a8fde94 9e1fa0c37abf7c05300b90f8938dd2458409a35e 909a47a95386ffd0420ff44c0f1278a3259b918b1bc8213afa97ad6a4bb5bb58
GET /blogblog/data/1kt/ethereal/white-fade.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 23:58:09 GMT
expires: Thu, 05 Sep 2024 23:58:09 GMT
cache-control: public, max-age=604800
last-modified: Thu, 29 Aug 2024 23:56:19 GMT
content-type: image/png
age: 147649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.blogger.com/img/share_buttons_20_3.png | 216.58.207.233 | | 5.1 kB |
URL www.blogger.com/img/share_buttons_20_3.png IP216.58.207.233:0
File typePNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced Hashad9999106d5f550920b586e8e1704e5a 93fd02c51166402a41f96509cd0ca3fb917877dd 3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 18:44:05 GMT
expires: Fri, 06 Sep 2024 18:44:05 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Aug 2024 14:56:32 GMT
content-type: image/png
age: 80093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hashcdaa0625886c7685b044289712135a97 b11bf259f57a233651f5081b34a17e00cbbee40d 2823cc074f408495432232bcc41278624afe853c5f4dd2aa5b92f4aa65f86fd3
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3 | 142.250.74.97 | | 43 kB |
URL themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3 IP142.250.74.97:0
File typePNG image data, 1515 x 971, 8-bit/color RGBA, non-interlaced Hash05d2738b4dc90530c7cfab2ec6a780bd f156f3f4d6b41803bcb8704a01e38623098f09af 919e34ec42b0b8a6f9754b9e33f9faba1c20a79bc151cc03009fc0e2bb17a922
GET /image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 42869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash14e44fbc79fff9130149a02877dfe5c1 507161302b283d352b59ce0a97a6f00ff3b1eaa5 44b13c462fa1e4aaa47b5f91bbebe2c37f42c788a0d10e814614ea9f1f23cedb
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash1900e73cdcc02bede7242d709e8b9598 bb799f2039a394d2b487660860d4ebd0e035d864 8d912610a6cb07a85c6aca9d23b25d2d318971dcb90216ca9859b462626e135b
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pagead2.googlesyndication.com/pagead/js/google_top_exp.js | 142.250.74.34 | | 42 B |
URL pagead2.googlesyndication.com/pagead/js/google_top_exp.js IP142.250.74.34:0
Hash7f5f2be159837d73b72a4b37616bce44 c93d7f25b530b05c26440d3352213b683d03dcc3 ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Sat, 31 Aug 2024 04:51:50 GMT
expires: Sat, 14 Sep 2024 04:51:50 GMT
cache-control: public, max-age=1209600
age: 43628
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com | 142.250.74.34 | | 146 kB |
URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com IP142.250.74.34:0
File typeJavaScript source, ASCII text, with very long lines (1876) Size146 kB (146444 bytes) Hashf6b486c1fda0a19e107c9ce98e94a6fe 5e8ed1911552334fb0a2cfbca7be49f46bd52b7b ceb0b93fccbe4ab0178535e0bc603e3fb327cc100fded8bdd8fb2835d20e12aa
GET /pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:58:58 GMT
expires: Sat, 31 Aug 2024 16:58:58 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 12373892298724324567
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 146444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hashc89d87f6f314e605db657aa731e5dad7 b39563f5cddef7b394daa5b186bad33f8909b38c df5c49c5ccd8aaab23bb8470154711b6a6dabc8ca26a29393059321f8f858389
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.blogger.com/img/logo-16.png | 216.58.207.233 | | 279 B |
URL www.blogger.com/img/logo-16.png IP216.58.207.233:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash5ffecab6c722bb0adc3fce8d83b27993 0e59b05d3da526e82bb4f5d47c5d94e2a318dafb cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 14:41:23 GMT
expires: Fri, 06 Sep 2024 14:41:23 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Aug 2024 03:56:59 GMT
content-type: image/png
age: 94655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html | 142.250.74.34 | | 4.1 kB |
URL pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html IP142.250.74.34:0
File typeHTML document, ASCII text, with very long lines (2331) Hashb054fadc6a5681da390ab036238878df 0d3cbd97e79d4e92b4074316930ee67067501c24 cd4484344d561139196394e13155108ff98c9e264c1292f8289469b423e74eb9
GET /pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4111
x-xss-protection: 0
date: Fri, 30 Aug 2024 21:04:08 GMT
expires: Fri, 13 Sep 2024 21:04:08 GMT
cache-control: public, max-age=1209600
age: 71690
etag: 5947459844715414650
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300 | 162.0.208.108 | | 1.7 kB |
URL ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300 IP162.0.208.108:0
File typeJavaScript source, ASCII text, with very long lines (1162) Hash4533abe7f90ed3591245186770217b60 5918175d2a154555cdc2324b62a12ff1aab2fbb1 981f5caff33f413a29270da6abb0b4737b9f92b95eb50ccd5ed130b40d8ecf39
GET /ad.php?ref=sofiahalbof&width=300 HTTP/1.1
Host: ad2bitcoin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 31 Aug 2024 16:58:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1653
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0 | 142.250.74.34 | | 0 B |
URL pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0 IP142.250.74.34:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 31 Aug 2024 16:58:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7fcYQFvmcsxILGN2A-Klm-89NibSuf47QG-CQO8afqUq-z0N6qgBPvqmkGoglcjDmnAIIl8-msciHEp7TqEFeh65vt1g-VaUvDyR80b6rWOZKpSZ48fnWDMO0pb2fpB4PU07uy42AA3M/s640-rw/20181010-irozuku01-01.jpg | 142.250.74.97 | | 41 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7fcYQFvmcsxILGN2A-Klm-89NibSuf47QG-CQO8afqUq-z0N6qgBPvqmkGoglcjDmnAIIl8-msciHEp7TqEFeh65vt1g-VaUvDyR80b6rWOZKpSZ48fnWDMO0pb2fpB4PU07uy42AA3M/s640-rw/20181010-irozuku01-01.jpg IP142.250.74.97:0
File typeRIFF (little-endian) data, Web/P image Hash1c4adc214668b0e0062dba212a9308a4 5edb78bca0a9de6430767c95fbbdd122edb49a42 801649aeb2ccb54c1bc4cd6bcb070fa5198547584258ae7bbf68fdef2f752ed1
GET /img/b/R29vZ2xl/AVvXsEh7fcYQFvmcsxILGN2A-Klm-89NibSuf47QG-CQO8afqUq-z0N6qgBPvqmkGoglcjDmnAIIl8-msciHEp7TqEFeh65vt1g-VaUvDyR80b6rWOZKpSZ48fnWDMO0pb2fpB4PU07uy42AA3M/s640-rw/20181010-irozuku01-01.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v39b"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="20181010-irozuku01-01.webp"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 40636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg | 142.250.74.97 | | 25 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg IP142.250.74.97:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 500x504, components 3 Hash4112a2265f97c15c59d8c48c0d07e556 0ee3839d780347edf08fd5f4a52388dd46bc3ad2 74477a6ab562eaaf23b770ae8a9bb469444d9e2a09fe75a229c163593e2ad518
GET /img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51c"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (4).jpg"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 24947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsRHI13IP_HvEVuO2q3hg524aRbEUUFMafj4Aqw4fKQI7OWlG-UGmmeV7JBNBaap8pfpQuWebBnlPFaDUYMzSKNr3XAE4TE_AP1qy3LcRWU6PbQhZ7zMUx_P_Fth2WhYeT9BC6z_0U1xU/w640-h640-rw/original+%25282%2529.jpg | 142.250.74.97 | | 36 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhsRHI13IP_HvEVuO2q3hg524aRbEUUFMafj4Aqw4fKQI7OWlG-UGmmeV7JBNBaap8pfpQuWebBnlPFaDUYMzSKNr3XAE4TE_AP1qy3LcRWU6PbQhZ7zMUx_P_Fth2WhYeT9BC6z_0U1xU/w640-h640-rw/original+%25282%2529.jpg IP142.250.74.97:0
File typeRIFF (little-endian) data, Web/P image Hash57a40768bd5f7b9c8cf9c9009ee12ce1 58571f80a773f00b69cb03a86dec5fbd6905f500 db131aa0556ee0441f7353cd28297fab95360293387f7aed4fece7dbdf01e261
GET /img/b/R29vZ2xl/AVvXsEhsRHI13IP_HvEVuO2q3hg524aRbEUUFMafj4Aqw4fKQI7OWlG-UGmmeV7JBNBaap8pfpQuWebBnlPFaDUYMzSKNr3XAE4TE_AP1qy3LcRWU6PbQhZ7zMUx_P_Fth2WhYeT9BC6z_0U1xU/w640-h640-rw/original+%25282%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v50f"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (2).webp"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 36462
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDlyDEDjyxiF96KQfJE8879Q4Qr3I2-pXDF6f2QHMsnUOPmbucZeiWG6uNTjgyWXQw2RnaRjIh0JBTVYHciTDT8qPFXBdsj2vn2vonN6ofQ5iomWcohBHqCZxs1wju2uU8jCHANUerd4k/w400-h319-rw/tumblr_pay8m5quBt1x58jt2o1_500.jpg | 142.250.74.97 | | 22 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDlyDEDjyxiF96KQfJE8879Q4Qr3I2-pXDF6f2QHMsnUOPmbucZeiWG6uNTjgyWXQw2RnaRjIh0JBTVYHciTDT8qPFXBdsj2vn2vonN6ofQ5iomWcohBHqCZxs1wju2uU8jCHANUerd4k/w400-h319-rw/tumblr_pay8m5quBt1x58jt2o1_500.jpg IP142.250.74.97:0
File typeRIFF (little-endian) data, Web/P image Hashaf15e7f1c8524a74490c45c690dceeb3 4da4a90be029c7cb62d1e1542e6f5b169506bb4c a9c1fc9b2035889d12a487b54e55a719b4e54842ae2bac7536ddf95960ec9fa5
GET /img/b/R29vZ2xl/AVvXsEhDlyDEDjyxiF96KQfJE8879Q4Qr3I2-pXDF6f2QHMsnUOPmbucZeiWG6uNTjgyWXQw2RnaRjIh0JBTVYHciTDT8qPFXBdsj2vn2vonN6ofQ5iomWcohBHqCZxs1wju2uU8jCHANUerd4k/w400-h319-rw/tumblr_pay8m5quBt1x58jt2o1_500.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v4ff"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tumblr_pay8m5quBt1x58jt2o1_500.webp"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 22108
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhv3GkMbCi2cLa6Pj31fugnmVFl-uh8tgz7EpqvqMHYy9m5MoCIuW4-6imZLQGhVnGxBJVphcqKigD1Y1rKewQlzF70062HzyBL1JJrAAlugEcRPgm-kwX5Kn1XlrejRNt_EdpU1v_-zKE/w400-h400-rw/original+%25281%2529.jpg | 142.250.74.97 | | 16 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhv3GkMbCi2cLa6Pj31fugnmVFl-uh8tgz7EpqvqMHYy9m5MoCIuW4-6imZLQGhVnGxBJVphcqKigD1Y1rKewQlzF70062HzyBL1JJrAAlugEcRPgm-kwX5Kn1XlrejRNt_EdpU1v_-zKE/w400-h400-rw/original+%25281%2529.jpg IP142.250.74.97:0
File typeRIFF (little-endian) data, Web/P image Hash9e272599de4da47a8cd95a8c7beb9fff 685651b5f69e7b83e36b76c6e88339635d980ea6 53c9da80b7483cd42aaa15da8c206920eec7721d91dec2f17e23aeccbddb6092
GET /img/b/R29vZ2xl/AVvXsEhv3GkMbCi2cLa6Pj31fugnmVFl-uh8tgz7EpqvqMHYy9m5MoCIuW4-6imZLQGhVnGxBJVphcqKigD1Y1rKewQlzF70062HzyBL1JJrAAlugEcRPgm-kwX5Kn1XlrejRNt_EdpU1v_-zKE/w400-h400-rw/original+%25281%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v50d"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (1).webp"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 15706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1724609686&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&dt=1725123537965&bpp=27&bdt=538&idt=646&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4688670749963&frm=20&pv=2&u_tz=0&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086547%2C31086551%2C44798934%2C95331690%2C95338228%2C95338243%2C95341664%2C31086139%2C95340845%2C95341515%2C95341519&oid=2&pvsid=85827468525952&tmod=1481306013&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=709 | 142.250.74.34 | | 46 B |
URL pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1724609686&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&dt=1725123537965&bpp=27&bdt=538&idt=646&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4688670749963&frm=20&pv=2&u_tz=0&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086547%2C31086551%2C44798934%2C95331690%2C95338228%2C95338243%2C95341664%2C31086139%2C95340845%2C95341515%2C95341519&oid=2&pvsid=85827468525952&tmod=1481306013&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=709 IP142.250.74.34:0
File typeHTML document, ASCII text, with very long lines (603), with no line terminators Hash2c739853e3edfa26869416e3d4e5d369 c263dc1c36c954b252bc7e775e6e82865d9b29b8 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
GET /pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1724609686&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&dt=1725123537965&bpp=27&bdt=538&idt=646&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4688670749963&frm=20&pv=2&u_tz=0&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086547%2C31086551%2C44798934%2C95331690%2C95338228%2C95338243%2C95341664%2C31086139%2C95340845%2C95341515%2C95341519&oid=2&pvsid=85827468525952&tmod=1481306013&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=709 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 31 Aug 2024 16:58:58 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640-rw/original+%25284%2529.jpg | 142.250.74.97 | | 24 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640-rw/original+%25284%2529.jpg IP142.250.74.97:0
File typeRIFF (little-endian) data, Web/P image Hash0486a0e5405a90fc0528d411f15bacfb f9bfa4be241b5dcb1d08521f2e450e6b5d60c267 047cafbd80a22fe50f919e0be95c387e2bfb3dab555eeeb1b0b3c59157b61687
GET /img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640-rw/original+%25284%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51c"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (4).webp"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 23620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.blogger.com/dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=7bca273e-c626-4618-a336-4a507e05be1a | 216.58.207.233 | | 21 B |
URL www.blogger.com/dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=7bca273e-c626-4618-a336-4a507e05be1a IP216.58.207.233:0
File typevery short file (no magic) Hash68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=7bca273e-c626-4618-a336-4a507e05be1a HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 31 Aug 2024 16:58:58 GMT
last-modified: Sat, 31 Aug 2024 16:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIL0clAHGELinnu7M0t1a5-wpfD8W0lp4abd01C9FTz7Yg6oX_PTTJGgCDho3cGkN-9z4RwlYCUkSAs4YqA1gnJ4kABh22trTlmeN4BVUqveaebdTBNoJ6Pi0AAkqf98BQCG8Oyjcq2-I/w640-h640-rw/image.png | 142.250.74.97 | 200 OK | 327 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIL0clAHGELinnu7M0t1a5-wpfD8W0lp4abd01C9FTz7Yg6oX_PTTJGgCDho3cGkN-9z4RwlYCUkSAs4YqA1gnJ4kABh22trTlmeN4BVUqveaebdTBNoJ6Pi0AAkqf98BQCG8Oyjcq2-I/w640-h640-rw/image.png IP142.250.74.97:443
Requested byhttps://sofiahalbofanimeworld.blogspot.com/ CertificateIssuerGoogle Trust Services Subject*.googleusercontent.com Fingerprint6C:DD:E8:38:9C:56:23:58:B5:BF:84:3B:D0:2B:24:C7:10:3E:89:C3 ValidityMon, 05 Aug 2024 07:15:31 GMT - Mon, 28 Oct 2024 07:15:30 GMT
File typeRIFF (little-endian) data, Web/P image Size327 kB (327408 bytes) Hashec594b2c5eb1f595e207b48d48619cfb eae8ab412dd779cf3ca5e294d38ed271e2188a0b bf257ae6a2d584b305ec3eb6ec6a64fc86636a0db7c4751e11ba3bea9cb604bb
GET /img/b/R29vZ2xl/AVvXsEiIL0clAHGELinnu7M0t1a5-wpfD8W0lp4abd01C9FTz7Yg6oX_PTTJGgCDho3cGkN-9z4RwlYCUkSAs4YqA1gnJ4kABh22trTlmeN4BVUqveaebdTBNoJ6Pi0AAkqf98BQCG8Oyjcq2-I/w640-h640-rw/image.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v566"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.webp"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 327408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6kaW-7d1n_knS7D0gts1sm7q3GI2VxpDcqirBS3RRkwqLymP9S-CLby0v0mdaLdhNxHeN1PWsRxofb3irqBs7Xb5V53wsWhvxHvd80o4cYfGzJSjvjBUF5Emhf_iCmpHTaWeeTZgpgj0/w640-h464-rw/original.png | 142.250.74.97 | | 356 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6kaW-7d1n_knS7D0gts1sm7q3GI2VxpDcqirBS3RRkwqLymP9S-CLby0v0mdaLdhNxHeN1PWsRxofb3irqBs7Xb5V53wsWhvxHvd80o4cYfGzJSjvjBUF5Emhf_iCmpHTaWeeTZgpgj0/w640-h464-rw/original.png IP142.250.74.97:0
File typeRIFF (little-endian) data, Web/P image Size356 kB (356470 bytes) Hash8cb64aca43dc616fe46f8c460a7f540c 22f08a1dc49e138505a579a221e29ff76e0755f5 3029858fc20d15536338c1d7953414a2169270c68d54bfec10b8c2e2d09b9b47
GET /img/b/R29vZ2xl/AVvXsEh6kaW-7d1n_knS7D0gts1sm7q3GI2VxpDcqirBS3RRkwqLymP9S-CLby0v0mdaLdhNxHeN1PWsRxofb3irqBs7Xb5V53wsWhvxHvd80o4cYfGzJSjvjBUF5Emhf_iCmpHTaWeeTZgpgj0/w640-h464-rw/original.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v511"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original.webp"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 356470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrYCsoyj7mlP_5ylo6DufSU4akzQjLvXINwbrmXsVijd6zWJwNFD5dmJz4xBcwT8qszsuzcMyGOHNoOlJZWwBa2EvDuhkaJE_zsrI77a_NqviG6nEgjEp1BAwBAY3DNHrrPM-UHWyP9KI/w640-h360-rw/image.png | 142.250.74.97 | | 60 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrYCsoyj7mlP_5ylo6DufSU4akzQjLvXINwbrmXsVijd6zWJwNFD5dmJz4xBcwT8qszsuzcMyGOHNoOlJZWwBa2EvDuhkaJE_zsrI77a_NqviG6nEgjEp1BAwBAY3DNHrrPM-UHWyP9KI/w640-h360-rw/image.png IP142.250.74.97:0
File typeRIFF (little-endian) data, Web/P image Hash4791d34db5acdee3f23f4ce9c90d8050 51313b5fdc90360782af7ab287dd84bc9cbd67db eb1e6dcf24de87f677f96b757080d5b3cf1b2d85ace97e4c5a70922669ec86f3
GET /img/b/R29vZ2xl/AVvXsEhrYCsoyj7mlP_5ylo6DufSU4akzQjLvXINwbrmXsVijd6zWJwNFD5dmJz4xBcwT8qszsuzcMyGOHNoOlJZWwBa2EvDuhkaJE_zsrI77a_NqviG6nEgjEp1BAwBAY3DNHrrPM-UHWyP9KI/w640-h360-rw/image.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51e"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.webp"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 60364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cryptocoinsad.com/banner/ads_banner/26888.png |  188.114.97.1 | | 60 kB |
URL cryptocoinsad.com/banner/ads_banner/26888.png IP188.114.97.1:0
File typePNG image data, 300 x 250, 8-bit/color RGB, non-interlaced Hashed2842001de2442fa525c0bb456b0f38 d71a237f6978dbc03d6d5fa572c4f364d7bc0cc4 06f950a84b8b0f0bcaefe8ea8742a3c27bb70162369498b753b3c5b9b9e9971e
GET /banner/ads_banner/26888.png HTTP/1.1
Host: cryptocoinsad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:58:58 GMT
content-type: image/png
content-length: 60280
last-modified: Mon, 11 Sep 2023 20:48:23 GMT
etag: "64ff7d17-eb78"
cache-control: max-age=10800
cf-cache-status: HIT
age: 73
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ir9M7nLQ620jBJYxopJshMzaOneFm82fkG3unGdi%2FrFD9WTJJOoVu5Ns1mbHvSmVNpDGUrWBfCzyJUP37w5aKNuhYzQlw%2FjOATSanZjWvnq65%2FSMDGxyOHuitK6Md76iTMaawQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bbe91862b7a569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png | 142.250.74.97 | | 19 kB |
URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png IP142.250.74.97:0
File typePNG image data, 627 x 348, 8-bit/color RGB, non-interlaced Hash08b8c241415eb845471a6cdc24e86d3d 4a67fd9185985c5eb0f690a81e4723e9fd10991e e20d7cd5eded37c6539062e9a67b2674b0c52f8149c9880c8ea6ca366fe7df00
GET /img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v358"
expires: Sun, 01 Sep 2024 16:58:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tumblr_p9sx9t6ITy1tji7wmo1_640.png"
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:58:58 GMT
server: fife
content-length: 19422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ad2bitcoin.com/adqlt.php?ref=sofiahalbof&keycode=7863 | 162.0.208.108 | | 280 B |
URL ad2bitcoin.com/adqlt.php?ref=sofiahalbof&keycode=7863 IP162.0.208.108:0
File typeASCII text, with very long lines (1059), with no line terminators Hash003a4ed171be98572f9c5c489b9410f7 09cd8431290e248b64aec1f53a785dcc55ebf4bd 89385e54efaf66bbb3dec499ca5ffd581637329f86124374e0802621d6d800e3
GET /adqlt.php?ref=sofiahalbof&keycode=7863 HTTP/1.1
Host: ad2bitcoin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 31 Aug 2024 16:58:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 280
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| unlimitedclix.com/paid.php?u=1443 |  45.84.204.16 | | 986 B |
URL unlimitedclix.com/paid.php?u=1443 IP45.84.204.16:0 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text Hash4dd8b8fe1742b0ecb1877ec33efdcd35 618eed834173af2cba0a7ae214d0396418d7c8e9 c83b06d76cea9d479c8774164acdbc863313e7bee9a65627e1f4e5d0cc21c622
GET /paid.php?u=1443 HTTP/1.1
Host: unlimitedclix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 986
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:58:59 GMT
server: LiteSpeed
cache-control: no-cache,no-store
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| www.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&vt=-5639291567810939189&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en._ShUtMH1OvQ.O%2Fam%3DAABA%2Fd%3D1%2Frs%3DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg%2Fm%3D__features__ | 216.58.207.233 | | 2.2 kB |
URL www.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&vt=-5639291567810939189&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en._ShUtMH1OvQ.O%2Fam%3DAABA%2Fd%3D1%2Frs%3DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg%2Fm%3D__features__ IP216.58.207.233:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1963) Hash745c22718dd8d1846060b7573e612fc6 5a5235ac3a66d8c5b1e53397a57ad66aa86f02e6 07b2ae541cf4808aa1d2ce6a23e8b68ff04368237af532ba233d5471c197a4da
GET /navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&vt=-5639291567810939189&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en._ShUtMH1OvQ.O%2Fam%3DAABA%2Fd%3D1%2Frs%3DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 31 Aug 2024 16:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2188
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash21a55fd0c4a9b80d32e3cc79fae1e43b 0219218c490b0b73d8332df6b7abd4876088f404 a0370bc3ffce574eb723d2156c8d2e10092bd1bd9b526d99cc10ac2d4989c882
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A0370BC3FFCE574EB723D2156C8D2E10092BD1BD9B526D99CC10AC2D4989C882"
Last-Modified: Sat, 31 Aug 2024 02:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5976
Expires: Sat, 31 Aug 2024 18:38:35 GMT
Date: Sat, 31 Aug 2024 16:58:59 GMT
Connection: keep-alive
|
|
| resources.blogblog.com/img/navbar/icons_peach.png | 216.58.207.233 | | 907 B |
URL resources.blogblog.com/img/navbar/icons_peach.png IP216.58.207.233:0
File typePNG image data, 46 x 20, 8-bit colormap, non-interlaced Hash3718077fe5eb689b0ded987a52881d06 f0ce5596ef43f850c400cbbc0556697fb3e7b232 72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
GET /img/navbar/icons_peach.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 907
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 14:49:10 GMT
expires: Fri, 06 Sep 2024 14:49:10 GMT
cache-control: public, max-age=604800
last-modified: Thu, 29 Aug 2024 23:56:19 GMT
content-type: image/png
age: 94189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| resources.blogblog.com/img/navbar/arrows-light.png | 216.58.207.233 | | 117 B |
URL resources.blogblog.com/img/navbar/arrows-light.png IP216.58.207.233:0
File typePNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced Hash25c2b0cfe0ad4dcda4a0e3727d091d80 b9d16f4311e64648b7970baf00cb9841e3c3351b bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
GET /img/navbar/arrows-light.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 09:35:31 GMT
expires: Fri, 06 Sep 2024 09:35:31 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Aug 2024 03:56:59 GMT
content-type: image/png
age: 113008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha7ec179d4b3ab371607d18487d3b757d 85b29ef07f9b5c572c327720ac859161b4d4a279 5106aae25749aedb31adb58afead011840b7790f2eb363f46c923e5e800ca9d4
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5106AAE25749AEDB31ADB58AFEAD011840B7790F2EB363F46C923E5E800CA9D4"
Last-Modified: Sat, 31 Aug 2024 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5405
Expires: Sat, 31 Aug 2024 18:29:04 GMT
Date: Sat, 31 Aug 2024 16:58:59 GMT
Connection: keep-alive
|
|
| apis.google.com/js/platform:gapi.iframes.style.common.js | 142.250.74.46 | | 25 kB |
URL apis.google.com/js/platform:gapi.iframes.style.common.js IP142.250.74.46:0
File typeJavaScript source, ASCII text, with very long lines (2774) Hash1b9ca0f9af3b9abee8176c44ca755b75 f25ce4a3917bf3c41eb470587d5176656689711f b1e8fe91784dadefa5dccced4d2e515b5769e74615d8bd3f98a1621d25e39522
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 24583
date: Sat, 31 Aug 2024 16:58:59 GMT
expires: Sat, 31 Aug 2024 16:58:59 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d9ceb97b6f56e929"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.rotate4all.com/ptp/promote-288272 | 199.85.209.178 | 200 OK | 3.4 kB |
URL GET HTTP/2www.rotate4all.com/ptp/promote-288272 IP199.85.209.178:443
Requested byhttps://ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300 CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeHTML document, ASCII text, with very long lines (3141) Hash0002f264bd1d86a6d2d7c61ba80a17e0 0e347c0acced57e2aa8651925a8b395a472ab2c3 6c8b1b0dca168d0235a18b5a0047702b21483a1dcbac4509c959b42fa9ec8aa4
GET /ptp/promote-288272 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: recog=0fc51b2a0cc979b836b016b6bded84f9; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
real_input=7e8ae422feda0d5c72e756145562455d; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
visit_session=784bacbd8220cecb57458ea65cf8013c1ccf1107; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
referral=BASEL2025; expires=Wed, 30-Oct-2024 16:58:59 GMT; Max-Age=5184000; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; expires=Wed, 30-Oct-2024 16:58:59 GMT; Max-Age=5184000; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; expires=Wed, 30-Oct-2024 16:58:59 GMT; Max-Age=5184000; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 3359
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs | 142.250.74.46 | | 47 kB |
URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs IP142.250.74.46:0
File typeJavaScript source, ASCII text, with very long lines (2681) Hash4651a4bc4ceaf8d1811aea20ab8584cc e9ba2c1e8b5f2391eac8fce3567c920a68391c11 73cbb0b6d9c83a076751991cf4db53e24f0a83a6124d74d5fd66cc1d830ba138
GET /_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 46634
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 22:24:53 GMT
expires: Fri, 29 Aug 2025 22:24:53 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Aug 2024 21:32:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 153246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.rotate4all.com/ptp/promote-288272 | 199.85.209.178 | 200 OK | 3.4 kB |
URL GET HTTP/2www.rotate4all.com/ptp/promote-288272 IP199.85.209.178:443
Requested byhttps://ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300 CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeHTML document, ASCII text, with very long lines (3141) Hashcf308810f31675795fb600865c615094 313fe8739a9726c94d64fbc7262a037e34182a1f 2f77cbc19d3e71e8cc8ea98c8c37a3db3292c35060a4f9be36551240310553b0
GET /ptp/promote-288272 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: recog=29d4440b57d037792ae7673341e26c87; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
real_input=c94d252d8aa91cd92f3ae836df7e0e5d; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
referral=BASEL2025; expires=Wed, 30-Oct-2024 16:58:59 GMT; Max-Age=5184000; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; expires=Wed, 30-Oct-2024 16:58:59 GMT; Max-Age=5184000; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; expires=Wed, 30-Oct-2024 16:58:59 GMT; Max-Age=5184000; path=/; domain=.www.rotate4all.com; HttpOnly; SameSite=None; HTTPOnly; Secure
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 3360
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.cpmrevenuegate.com/yi8pwuj9?key=aadd3f629dc1890e4441daafc30aed34 | 192.243.59.20 | | 1.3 kB |
URL www.cpmrevenuegate.com/yi8pwuj9?key=aadd3f629dc1890e4441daafc30aed34 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeJavaScript source, ASCII text, with very long lines (451) Hasha31137144ca2987cbbc5c64a68efa937 48afb7ddeebe6b7abce54b828896987afa07deeb ca0bd107c65a73da2c29d8ccbd9d3689404accff0fa2abd4d84aee73b1fb389d
GET /yi8pwuj9?key=aadd3f629dc1890e4441daafc30aed34 HTTP/1.1
Host: www.cpmrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 31 Aug 2024 16:58:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=24076309; expires=Sun, 01 Sep 2024 16:58:59 GMT; path=/
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDA3NjMwOSwiayI6ImFhZGQzZjYyOWRjMTg5MGU0NDQxZGFhZmMzMGFlZDM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTExMTM1LCJwaWQiOjIwNjA5NDksImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6InlpOHB3dWo5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2FkMmJpdGNvaW4uY29tLyIsImFyIjpbXX19.AbiPcanEc1CkpUnjqF9fpw0TOtwWEQboLuICEmrOSfc; expires=Sat, 31 Aug 2024 16:59:59 GMT; path=/
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: cd00be429e223a219807753309eb0427
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| teleearnings.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 |  57.128.126.127 | 200 OK | 77 kB |
URL GET HTTP/2teleearnings.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 IP57.128.126.127:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subject*.odoo.com Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1 ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:58:59 GMT
content-type: font/woff2
content-length: 77160
last-modified: Thu, 28 Mar 2024 10:46:03 GMT
etag: "66054a6b-12d68"
expires: Sun, 01 Sep 2024 16:58:59 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e5.o.lencr.org/ | 23.36.76.226 | | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4abb65a2bb0faa6225198b7225cd926a bf7bab33bd356b451f46c65e4cf1afc720e850c3 250cb711fda88dd05e16074853dd4234c68e8412c28e44ff1fe4ad794373ff99
POST / HTTP/1.1
Host: e5.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "250CB711FDA88DD05E16074853DD4234C68E8412C28E44FF1FE4AD794373FF99"
Last-Modified: Sat, 31 Aug 2024 04:15:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5430
Expires: Sat, 31 Aug 2024 18:29:29 GMT
Date: Sat, 31 Aug 2024 16:58:59 GMT
Connection: keep-alive
|
|
| www.rotate4all.com/ptp/assets/css/custom/ptp13.min.css?v=1.02 | 199.85.209.178 | | 3.3 kB |
URL www.rotate4all.com/ptp/assets/css/custom/ptp13.min.css?v=1.02 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeASCII text, with very long lines (12708), with no line terminators Hash52990077763e938cde2284635408b3f4 20db5149d57b8f18544c55be03edb1da58ff8253 02bbdd126d011ab5dd25eddecd12d9bdeadd681887e817a0b4ac0d2b228a51da
GET /ptp/assets/css/custom/ptp13.min.css?v=1.02 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 25 Jul 2021 13:43:41 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 30 Sep 2024 16:58:59 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 3312
content-type: text/css
date: Sat, 31 Aug 2024 16:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.diclotrans.com/sdk/v1/34038/f44ec475425817afcf36eb7dee7c68ba054b45da/lib.js | 188.114.96.1 | | 6.9 kB |
URL cdn.diclotrans.com/sdk/v1/34038/f44ec475425817afcf36eb7dee7c68ba054b45da/lib.js IP188.114.96.1:0
File typeJavaScript source, ASCII text, with very long lines (5983) Hashf54ea9feed1fb7ad8185b4b80c7203a3 0eeb50c3acc1312316a0c2c368332f17f64ba0be d97d152a9b55279da3759c521e09d446ed22330f086bf9a242b9d12f35fe807b
GET /sdk/v1/34038/f44ec475425817afcf36eb7dee7c68ba054b45da/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:58:59 GMT
content-type: text/javascript
content-length: 6861
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 31 Aug 2024 16:58:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=quLuNzQ9ulkzEmvf%2BM64g6bx2xVsc7QrAOcIxAZnDfCJUQ8d4OOG1lgoelcOrDgGn%2BUTMgkdbWi8jn02b6%2FTUb5a3lNvbp8QZ27F3cQ8v2oTLG0rAjhEk9KWFPBbp4sdWpeFdv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe918a7df256ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.diclotrans.com/sdk/v1/34040/bfe500600de169b99e894a281262a95f03f8c19c/lib.js | 188.114.96.1 | | 3.3 kB |
URL cdn.diclotrans.com/sdk/v1/34040/bfe500600de169b99e894a281262a95f03f8c19c/lib.js IP188.114.96.1:0
File typeJavaScript source, ASCII text, with very long lines (5983) Hasheed43e71198db633b64d588957297f3b adc05dce66c0da614a0945029f2f386f3167fc8c 8d7ffe5cbaab4bc11f899c48a778044daf402f321256251720d846f19e556853
GET /sdk/v1/34040/bfe500600de169b99e894a281262a95f03f8c19c/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:58:59 GMT
content-type: text/javascript
content-length: 3268
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 31 Aug 2024 16:58:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dba%2F0UwFpeDlM3awijjR9Mz4UCXFHJ4sCL5UJJrOWOCGeV23pUrsq7aqm91uwtDW1Gc%2B2Jl4h25x3rlxLM%2B4DNIzDO8Hu99i1ZIuFbvXelXECK8wzydbsjb3iareTLaKgKtIHZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe918a7de556ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sofiahalbofanimeworld.blogspot.com/favicon.ico | 216.58.207.193 | 200 OK | 412 B |
URL GET HTTP/3sofiahalbofanimeworld.blogspot.com/favicon.ico IP216.58.207.193:443
Requested byhttps://sofiahalbofanimeworld.blogspot.com/ CertificateIssuerGoogle Trust Services Subjectmisc-sni.blogspot.com Fingerprint19:1A:AB:37:46:A3:1F:05:55:E6:DD:6B:99:D8:A7:EB:F7:F6:D5:E1 ValidityMon, 05 Aug 2024 06:59:20 GMT - Mon, 28 Oct 2024 06:59:19 GMT
File typeMS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel Hash59a0c7b6e4848ccdabcea0636efda02b 30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340 a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sat, 31 Aug 2024 16:58:59 GMT
date: Sat, 31 Aug 2024 16:58:59 GMT
cache-control: private, max-age=86400
last-modified: Sun, 25 Aug 2024 18:14:46 GMT
etag: W/"e17977b52bdd0a621448f62835cc3b0c56be75d44349539aaa142eac79732e66"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.diclotrans.com/sdk/v1/33992/40152f9ed9185918187b08d034756019fef063c2/lib.js | 188.114.96.1 | | 4.7 kB |
URL cdn.diclotrans.com/sdk/v1/33992/40152f9ed9185918187b08d034756019fef063c2/lib.js IP188.114.96.1:0
File typeJavaScript source, ASCII text, with very long lines (5987) Hash6bff7483c7c92ccb7523ae1137a435fa 64aac52e5b3f9c9cd9c5da5f243c0710e20fc131 5b0b147aa8b5a5ca83072ea1f01dcf3129e8db1f10b3b6e487ba570227688f8e
GET /sdk/v1/33992/40152f9ed9185918187b08d034756019fef063c2/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:58:59 GMT
content-type: text/javascript
content-length: 4650
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 31 Aug 2024 16:58:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FevvAUdmfI97TDsrX2gWOhudN4wXFOQl%2FzxRGLtPo8JeH484tloqsz1Ez4htGv1B%2BdmwLFHjHQkMLLLZrGWtdtzqIBkB2M1MkMEftL2JUlLV%2BplKo%2FcT5DcvDhek9g%2Fm%2FVjh72U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe918a7dec56ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.diclotrans.com/sdk/v1/34045/622f648149ab241e1e0effb6e0e5ee7c936137be/lib.js | 188.114.96.1 | | 9.5 kB |
URL cdn.diclotrans.com/sdk/v1/34045/622f648149ab241e1e0effb6e0e5ee7c936137be/lib.js IP188.114.96.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (5983) Hash2931d1f73f6c11fad0aba178fb31ec1e b0424bb32a304e68074ea0ee289a41ef4be6507b f6ad7d4cc53fa75a38e754de7736295d2b0c4a5b382461a11d84d81749ff85d2
GET /sdk/v1/34045/622f648149ab241e1e0effb6e0e5ee7c936137be/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:58:59 GMT
content-type: text/javascript
content-length: 9540
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 31 Aug 2024 16:58:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FstLsFlN%2Bd153el8aZ49iDR6o3de7qOanL7awro2agsc9PekjmQJvMpHq7fPhHrYYDxRBJxt53B66G0%2F7xMyLGBtUJzlW3ygEzLfAK2YAV065VrbUQE04VdshsMlgLbtjMMQhN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe918a9e0c56ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/ptp/assets/js/custom/combined_ptp.js?v1.10 | 199.85.209.178 | | 34 kB |
URL www.rotate4all.com/ptp/assets/js/custom/combined_ptp.js?v1.10 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65443), with CRLF line terminators Hash95f159130e232a25e98ac6babc3ec796 fcc12de7dc1f2c7973cb5ffdbb8acdb5e366d1e2 e04d379538da8a110a0a912077bb55eb8329b3bf37ebf997cd22e01faa502a30
GET /ptp/assets/js/custom/combined_ptp.js?v1.10 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 02 Jun 2024 08:34:00 GMT
accept-ranges: bytes
cache-control: max-age=1296000
expires: Sun, 15 Sep 2024 16:58:59 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 34294
content-type: application/javascript
date: Sat, 31 Aug 2024 16:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/ptp/assets/js/custom/combined_ptp.js?v1.10 | 199.85.209.178 | | 34 kB |
URL www.rotate4all.com/ptp/assets/js/custom/combined_ptp.js?v1.10 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65443), with CRLF line terminators Hash95f159130e232a25e98ac6babc3ec796 fcc12de7dc1f2c7973cb5ffdbb8acdb5e366d1e2 e04d379538da8a110a0a912077bb55eb8329b3bf37ebf997cd22e01faa502a30
GET /ptp/assets/js/custom/combined_ptp.js?v1.10 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 02 Jun 2024 08:34:00 GMT
accept-ranges: bytes
cache-control: max-age=1296000
expires: Sun, 15 Sep 2024 16:58:59 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 34294
content-type: application/javascript
date: Sat, 31 Aug 2024 16:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| code.adclickppc.com/7s-popunder.js | 89.117.21.238 | | 452 B |
URL code.adclickppc.com/7s-popunder.js IP89.117.21.238:0
File typeASCII text, with very long lines (954) Hasha5cf69ccec9c1bcbf7ac4aa3d2d72219 a0c9ab97af1f1ddbab877a5bbf7222411238f8b6 b821a10dff1987a8fc085343f5ebf352f057f87af77fd36fdde791cce1f6b389
GET /7s-popunder.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "3bb-66586a85-a00960;br"
last-modified: Thu, 30 May 2024 12:01:09 GMT
content-type: text/javascript
content-length: 452
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| code.adclickppc.com/7s-banner-ad.js | 89.117.21.238 | | 3.3 kB |
URL code.adclickppc.com/7s-banner-ad.js IP89.117.21.238:0
File typeASCII text, with very long lines (2609) Hashcd6034e22a4f7f44d9e9542eb63ef3a2 957edce29a53b7759ad94cc19e70ad0149b5b3e8 d3e105989627d75a6aaad54d7088a4800db2378caabcf6e60c044b41999f314b
GET /7s-banner-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "1bd5-669e156d-a0095e;br"
last-modified: Mon, 22 Jul 2024 08:16:45 GMT
content-type: text/javascript
content-length: 3269
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| steemitimages.com/p/2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE?format=match&mode=fit&width=640 |  104.21.234.125 | | 131 kB |
URL steemitimages.com/p/2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE?format=match&mode=fit&width=640 IP104.21.234.125:0
File typeJPEG image data, baseline, precision 8, 600x1071, components 3 Size131 kB (130856 bytes) Hash7b8a37537f5959f0a481a26d89a45d89 abd5b513e7c8ef53ac1aa32997b7fc9979731dd2 bd302330ba6feb5a6a82df519d838f3a8dce0f0207978f89e322be1f46caba01
GET /p/2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE?format=match&mode=fit&width=640 HTTP/1.1
Host: steemitimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sofiahalbofanimeworld.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 31 Aug 2024 16:58:59 GMT
content-type: image/jpeg
x-request-id: Root=1-66d34bd2-534805a46bb8eeda6f74953f
vary: Origin, Accept-Encoding
cache-control: public,max-age=29030400,immutable
cf-cache-status: MISS
last-modified: Sat, 31 Aug 2024 16:58:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWQlHHWbNytHtf6XsAmKAtbKycJdRC02RKque4BkV4wqzgQsrvKKcpbcjbqf5pQsA2MB%2Fc%2Fonmsy6pk8MiX%2Bf0aLwDKLsXPb6XSfNb06KgmQDe5ZM99sr48f3bbP%2BVjCbWrpfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91842da260fb-LHR
alt-svc: h3=":443"; ma=86400
|
|
| teleearnings.odoo.com/ | 57.128.126.127 | | 9.5 kB |
IP57.128.126.127:0
CertificateIssuerLet's Encrypt Subject*.odoo.com Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1 ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT
File typegzip compressed data, max speed, from Unix Hashcb62a22658877e815676a4d54c104d08 a6255c1a70af68f3eb23243e63e7e23416161a45 552218081895705e512c9fc0cdde8049d69582317c9ebb0f381e63b6e9ff8e17
GET / HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:58:59 GMT
content-type: text/html; charset=utf-8
set-cookie: frontend_lang=en_US; Expires=Sun, 31 Aug 2025 16:58:59 GMT; Path=/
session_id=e2905628913f668e020f4f4be8451b06297537fe; Expires=Sun, 31 Aug 2025 16:58:59 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.cpmrevenuegate.com/api/users?token=L3lpOHB3dWo5P2tleT1hYWRkM2Y2MjlkYzE4OTBlNDQ0MWRhYWZjMzBhZWQzNCZwc3Q9MTcyNTEyMzU5OSZyZWZlcj1odHRwcyUzQSUyRiUyRmFkMmJpdGNvaW4uY29tJTJGJnJtdGM9dCZzaHU9ZGE4NDE2YWI4NmRjZDYwNzQ1ZTU4MWU3MmU2MWIxMzc2MTFmZjljMmRjMDM0ZTc5NTNkYmZkNmEzYzFhMmU3ZjYyNDFjN2M2MjFlNWQyMjBkNGUxYzAxNDQyZGI1YWE3MmU0YjhhZDgwMDA1YTVkMDQ2ZWM4YWJlYTg2MjAzMTc5OTQxZDMzNzRkZGUzZWVkMTM3MWNkMTgxMmM2ZmRkY2U0ZmUwNzc3ZjQ2MDI3NDZlZmE4NzIyMTRhYTI1NA&uuid=&pii=true&in=false | 192.243.59.20 | | 0 B |
URL www.cpmrevenuegate.com/api/users?token=L3lpOHB3dWo5P2tleT1hYWRkM2Y2MjlkYzE4OTBlNDQ0MWRhYWZjMzBhZWQzNCZwc3Q9MTcyNTEyMzU5OSZyZWZlcj1odHRwcyUzQSUyRiUyRmFkMmJpdGNvaW4uY29tJTJGJnJtdGM9dCZzaHU9ZGE4NDE2YWI4NmRjZDYwNzQ1ZTU4MWU3MmU2MWIxMzc2MTFmZjljMmRjMDM0ZTc5NTNkYmZkNmEzYzFhMmU3ZjYyNDFjN2M2MjFlNWQyMjBkNGUxYzAxNDQyZGI1YWE3MmU0YjhhZDgwMDA1YTVkMDQ2ZWM4YWJlYTg2MjAzMTc5OTQxZDMzNzRkZGUzZWVkMTM3MWNkMTgxMmM2ZmRkY2U0ZmUwNzc3ZjQ2MDI3NDZlZmE4NzIyMTRhYTI1NA&uuid=&pii=true&in=false IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/users?token=L3lpOHB3dWo5P2tleT1hYWRkM2Y2MjlkYzE4OTBlNDQ0MWRhYWZjMzBhZWQzNCZwc3Q9MTcyNTEyMzU5OSZyZWZlcj1odHRwcyUzQSUyRiUyRmFkMmJpdGNvaW4uY29tJTJGJnJtdGM9dCZzaHU9ZGE4NDE2YWI4NmRjZDYwNzQ1ZTU4MWU3MmU2MWIxMzc2MTFmZjljMmRjMDM0ZTc5NTNkYmZkNmEzYzFhMmU3ZjYyNDFjN2M2MjFlNWQyMjBkNGUxYzAxNDQyZGI1YWE3MmU0YjhhZDgwMDA1YTVkMDQ2ZWM4YWJlYTg2MjAzMTc5OTQxZDMzNzRkZGUzZWVkMTM3MWNkMTgxMmM2ZmRkY2U0ZmUwNzc3ZjQ2MDI3NDZlZmE4NzIyMTRhYTI1NA&uuid=&pii=true&in=false HTTP/1.1
Host: www.cpmrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpmrevenuegate.com/api/users?token=L3lpOHB3dWo5P2tleT1hOTY5Y2E1YzlhZDI2MTE3NjJmMTFiNzlhNTI2ZTJkMiZzdWJtZXRyaWM9MjQwNzYzMDk
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sat, 31 Aug 2024 16:59:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1
Set-Cookie: u_pl=24076309; expires=Sun, 01 Sep 2024 16:59:00 GMT; path=/
pdhtkv=true; expires=Sun, 01 Sep 2024 16:59:00 GMT; path=/
uncs=1; expires=Sun, 01 Sep 2024 16:59:00 GMT; path=/
pdhtkv28=true; expires=Sun, 01 Sep 2024 16:59:00 GMT; path=/
uncs28=1; expires=Sun, 01 Sep 2024 16:59:00 GMT; path=/
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b0be61372ab5107d2f586e5f9daeb058
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash15571cc9f10a26026c5a17b50d541198 4cf04142deae19fd34a93d7c79dd89ca0cc7e7a3 3dc56f06607f97fc8c58daa0d7241f8ec3c902feba7a2286617208728f1bf950
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3DC56F06607F97FC8C58DAA0D7241F8EC3C902FEBA7A2286617208728F1BF950"
Last-Modified: Sat, 31 Aug 2024 04:13:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15523
Expires: Sat, 31 Aug 2024 21:17:43 GMT
Date: Sat, 31 Aug 2024 16:59:00 GMT
Connection: keep-alive
|
|
| code.adclickppc.com/7s-banner-ad.js | 89.117.21.238 | | 3.3 kB |
URL code.adclickppc.com/7s-banner-ad.js IP89.117.21.238:0
File typeASCII text, with very long lines (2609) Hashcd6034e22a4f7f44d9e9542eb63ef3a2 957edce29a53b7759ad94cc19e70ad0149b5b3e8 d3e105989627d75a6aaad54d7088a4800db2378caabcf6e60c044b41999f314b
GET /7s-banner-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: "1bd5-669e156d-a0095e;br"
last-modified: Mon, 22 Jul 2024 08:16:45 GMT
content-type: text/javascript
content-length: 3269
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.194.137 | | 31 kB |
URL code.jquery.com/jquery-3.6.0.min.js IP151.101.194.137:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 31 Aug 2024 16:59:00 GMT
age: 3141286
x-served-by: cache-lga21931-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 759890
x-timer: S1725123540.455440,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.194.137 | | 31 kB |
URL code.jquery.com/jquery-3.6.0.min.js IP151.101.194.137:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 31 Aug 2024 16:59:00 GMT
age: 3141286
x-served-by: cache-lga21931-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 759891
x-timer: S1725123540.460176,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.194.137 | | 31 kB |
URL code.jquery.com/jquery-3.6.0.min.js IP151.101.194.137:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 31 Aug 2024 16:59:00 GMT
age: 3141286
x-served-by: cache-lga21931-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 759892
x-timer: S1725123541.514603,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash61ec3159f66e80109d07888846f14632 fac48dbc7001e753b3c9fd3c8373575a2d53a6bc 5f90759375c19184672a47166dcd2a5ab9284d0ae13742f18c66ee6b609d9343
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5F90759375C19184672A47166DCD2A5AB9284D0AE13742F18C66EE6B609D9343"
Last-Modified: Sat, 31 Aug 2024 03:07:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7532
Expires: Sat, 31 Aug 2024 19:04:32 GMT
Date: Sat, 31 Aug 2024 16:59:00 GMT
Connection: keep-alive
|
|
| reducethehype.com/llps/?r=solarman | 173.254.29.134 | | 1.7 kB |
URL reducethehype.com/llps/?r=solarman IP173.254.29.134:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text Hash2029214b166d4f1fdcfc4eacb4fa302b 937043f8df5fee6237095ff92fea0371b1923567 febbd865cad8781512f0b92f31ff74266d4ea4485a9136ab3e838abf84ac0647
GET /llps/?r=solarman HTTP/1.1
Host: reducethehype.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.rotate4all.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 28 Jul 2020 08:37:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1654
content-type: text/html
date: Sat, 31 Aug 2024 16:59:00 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1 |  194.63.143.61 | | 170 B |
URL press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1 IP194.63.143.61:0 ASN#50113 NTX Technologies s.r.o.
File typeHTML document, ASCII text, with CRLF line terminators Hash4021d77be76fa29d03d6f847ff412f69 c53d5de1975ce58462f226d7ed126e02d8f1f58b bcce206436f00167b33978db90456639dd591199e794f8d2998f3af45ab3591f
GET /e102479204fcec81f6dfb01f2462a2dfa451531d/qq1 HTTP/1.1
Host: press-continue.0hb8kkr81em8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cpmrevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx/1.15.10
Date: Sat, 31 Aug 2024 16:59:00 GMT
Content-Type: text/html
Content-Length: 170
Location: https://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/
Connection: keep-alive
Keep-Alive: timeout=10
|
|
| code.adclickppc.com/7s-banner-ad.js | 89.117.21.238 | | 3.3 kB |
URL code.adclickppc.com/7s-banner-ad.js IP89.117.21.238:0
File typeASCII text, with very long lines (2609) Hashcd6034e22a4f7f44d9e9542eb63ef3a2 957edce29a53b7759ad94cc19e70ad0149b5b3e8 d3e105989627d75a6aaad54d7088a4800db2378caabcf6e60c044b41999f314b
GET /7s-banner-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: "1bd5-669e156d-a0095e;br"
last-modified: Mon, 22 Jul 2024 08:16:45 GMT
content-type: text/javascript
content-length: 3269
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 0 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 0 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 0 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css | 104.17.25.14 | | 4.2 kB |
URL cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css IP104.17.25.14:0
File typeASCII text, with very long lines (65348) Hashc0be8e53226ac34833fd9b5dbc01ebc5 b81ef1b22de26af8a7a4656f565fbc91a69d7518 5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:00 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 310187
expires: Thu, 21 Aug 2025 16:59:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqBWAK4TF9xeti033dC6sOeSkbxiYpfi8qJWyAVAhWoFDve6WZtSiAGouoLx7h5cux3NBKYTEdeHG7YSCp1jmN35uD4TaUC%2Fs7LnPFZq95XtD%2BvVmD7z2reP6QlPyGHZ2xyYkkpL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8bbe9191dea456b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/?edwarddavis | 107.190.135.178 | | 31 kB |
URL www.22centsdailycycler.com/?edwarddavis IP107.190.135.178:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4175), with CRLF, LF line terminators Hashbad9f8c6fdd3622c2f95b45879d11a64 58bb669b8be74fc06142fc37197d789dfcdd7063 bcdab49effddd5b51aa77b8727486f8e4e4e2813e77c67247e1118a0d60ba2c8
GET /?edwarddavis HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.rotate4all.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=f8354b5e6fb0f1ccb649646ce8761d88; path=/
content-length: 31365
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:00 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| unlimitedclix.com/paid.php?u=1443 | 45.84.204.16 | | 986 B |
URL unlimitedclix.com/paid.php?u=1443 IP45.84.204.16:0 ASN#47583 Hostinger International Limited
File typeHTML document, ASCII text Hash4dd8b8fe1742b0ecb1877ec33efdcd35 618eed834173af2cba0a7ae214d0396418d7c8e9 c83b06d76cea9d479c8774164acdbc863313e7bee9a65627e1f4e5d0cc21c622
GET /paid.php?u=1443 HTTP/1.1
Host: unlimitedclix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 986
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
cache-control: no-cache,no-store
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| diclotrans.com/pick?id=34038&auth=f44ec475425817afcf36eb7dee7c68ba054b45da&a=1&b=0&c=true&d=true&e=4&f=false&g=1725123540510&h=&i=1725123540510&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.97.1 | | 0 B |
URL diclotrans.com/pick?id=34038&auth=f44ec475425817afcf36eb7dee7c68ba054b45da&a=1&b=0&c=true&d=true&e=4&f=false&g=1725123540510&h=&i=1725123540510&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=34038&auth=f44ec475425817afcf36eb7dee7c68ba054b45da&a=1&b=0&c=true&d=true&e=4&f=false&g=1725123540510&h=&i=1725123540510&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 31 Aug 2024 16:59:00 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49FsqQ32Zk3Tfe3hfbrIERJuTUHVx%2B%2FBa8scfHE9r9V1SfmXXjxhnHT%2Fgjra08yScg6gwK8EmJXv1hR1y%2BXAtZAWsuXWmPoGUgW0n%2BZDbJzA9yUBI3ODtWheK5oY%2BwAh0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91920a4f5687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| diclotrans.com/pick?id=34045&auth=622f648149ab241e1e0effb6e0e5ee7c936137be&a=1&b=0&c=true&d=true&e=4&f=false&g=1725123540600&h=&i=1725123540600&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.97.1 | | 786 B |
URL diclotrans.com/pick?id=34045&auth=622f648149ab241e1e0effb6e0e5ee7c936137be&a=1&b=0&c=true&d=true&e=4&f=false&g=1725123540600&h=&i=1725123540600&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.97.1:0
Hash7043e06d1ad2b6cfca493ee7f81371b8 45e23d52b4d2bc39934cf9d252ab9acabb8dfdbc e94fa122147d0c36c133e325751fd0ceeb1bddd6cc7bd295a6303be410dfacc3
GET /pick?id=34045&auth=622f648149ab241e1e0effb6e0e5ee7c936137be&a=1&b=0&c=true&d=true&e=4&f=false&g=1725123540600&h=&i=1725123540600&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:00 GMT
content-type: application/json;charset=utf-8
content-length: 786
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eE2sxLYWxhudPaWfwCrHGgUEuzRpHkC70fIbADsoXh0OR0UpoQ5%2FfuNmSEMw4kZDov0OxzNAZbO6ROU2U6xTxPH%2F%2B6wXycGOaT1da8bUl%2BvHKXOEURAPy84di8P3kNzKLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91920a455687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| autofaucet.org/wm/Usmanja200/2 | 104.21.5.68 | | 5.1 kB |
URL autofaucet.org/wm/Usmanja200/2 IP104.21.5.68:0
File typeHTML document, ASCII text, with very long lines (430), with no line terminators Hash5bbc01b40e1ab9e239dbdabdcc8da265 dd181a739d4cab7b9ff51bc044478d7ef394f38d 3ba0f0f82556ca54f549694f31cfcc544b6d2faf86c8ca109d8926b60cab77b2
GET /wm/Usmanja200/2 HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA, ECT, Width, Viewport-Width, Platform-Version, Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: d3GL63S44vVGAv3N5k9x826tAeWsH3thgoY4AKDpHGtdGSPk=0d185c168bdfc87026a2fa10e5c22b58; path=/
d3GL63S44vVGAv3N5k9x826tAeWcH3thgoY4AKDpHGtdGSPk=8ecd9886d2a7a7081a02b79097cd6fee; expires=Thu, 27-Feb-2025 16:59:00 GMT; Max-Age=15552000; path=/; secure; httponly; SameSite=Strict
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wOpN%2FYkbsO98GY3CZZANM8nPmvASdOO6bQOs819I1QFjVhPXFyl4GvE3LWqw0MYz22acv8X0eGakts%2FcAOI5%2BU0pdyx6XH2hDYSq3lW4i%2FjunYyhB%2Fh5hgkaMAvQOVzwlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe918f1eff5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| teleearnings.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2 | 57.128.126.127 | | 6.1 kB |
URL teleearnings.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2 IP57.128.126.127:0
CertificateIssuerLet's Encrypt Subject*.odoo.com Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1 ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 6112, version 1.0 Hashb18bdccc4c54bd33db9669dfa3be3874 0ba2edc62a4f2218dba5db8e7a02d953e75fc38a 3903bc45057173250193d71977e61e1ae200c370be35d3753112b0d7ac57586f
GET /web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2 HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://teleearnings.odoo.com/web/assets/1/115aa17/web.assets_frontend.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:01 GMT
content-type: font/woff2
content-length: 6112
last-modified: Thu, 28 Mar 2024 10:46:03 GMT
etag: "66054a6b-17e0"
expires: Sun, 01 Sep 2024 16:59:01 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| teleearnings.odoo.com/web/static/fonts/twitter_x_only.woff | 57.128.126.127 | 200 OK | 3.3 kB |
URL GET HTTP/2teleearnings.odoo.com/web/static/fonts/twitter_x_only.woff IP57.128.126.127:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subject*.odoo.com Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1 ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT
File typeWeb Open Font Format, TrueType, length 3344, version 1.0 Hashea1f5e2f3b2b3436d0b0d20457edfe7f 90db7b60dcb9104c32aa63ede69047b42eb6b0b5 c2718e868864effe11ef575d59f605d866b457acd29975c279113e9f32fabf8a
GET /web/static/fonts/twitter_x_only.woff HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleearnings.odoo.com/web/assets/1/115aa17/web.assets_frontend.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:01 GMT
content-type: font/woff
content-length: 3344
last-modified: Thu, 28 Mar 2024 10:46:03 GMT
etag: "66054a6b-d10"
expires: Sun, 01 Sep 2024 16:59:01 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 100 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashc778aac1852c0b7b18c56b6094684fe7 8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d
POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 120
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Sat, 31 Aug 2024 16:59:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 100 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashc778aac1852c0b7b18c56b6094684fe7 8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d
POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 120
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Sat, 31 Aug 2024 16:59:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 100 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashc778aac1852c0b7b18c56b6094684fe7 8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d
POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 98
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Sat, 31 Aug 2024 16:59:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash19b5ddc323d19c2c40aeac99710b0dbc b644c6fc9d897e368140e0c77c53d7b0af576f52 d1766589fe4143109d0ea9130f7c184d091f01bd546c6222e645423c654dbddc
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 0 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 0 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.21.5.68 | | 3.9 kB |
URL autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.21.5.68:0
File typeJavaScript source, ASCII text, with very long lines (12331) Hash88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autofaucet.org/wm/Usmanja200/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 31 Aug 2024 16:59:01 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2024 19:10:54 GMT
etag: W/"66ce24be-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=by8QaEv9qZL1X5DYbLltQ%2Fnbor5LdBEmyaj62EjC7TOjsdRIKQgL9UqBLDDbQmA5yiL70AezEyZzDVGDf0gCQNclE6EpZMffjdCvyUqKiIreI%2BWvO9503uRzEazoCMWLGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bbe91939e52b50f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 02 Sep 2024 16:59:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| www.rotate4all.com/ptp/assets/css/custom/fonts/icomoon.ttf | 199.85.209.178 | | 915 B |
URL www.rotate4all.com/ptp/assets/css/custom/fonts/icomoon.ttf IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon Hash5fb7584c8c5ce71dc9c065f57e84dad4 d503a461dcf32a12e3aa1fe10ed7239a983f985c 4e134ed763658f75f57e9ee183c45d3fc35b73db4eab6d944aec7d17fbcc06b9
GET /ptp/assets/css/custom/fonts/icomoon.ttf HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/assets/css/custom/ptp13.min.css?v=1.02
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=61875
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 25 Jul 2021 13:48:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 31 Aug 2025 16:59:01 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 915
content-type: font/ttf
date: Sat, 31 Aug 2024 16:59:01 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/go/ptp | 199.85.209.178 | 302 Found | 1.5 kB |
URL GET HTTP/2www.rotate4all.com/go/ptp IP199.85.209.178:443
Requested byhttps://www.rotate4all.com/ptp/promote-288272 CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
Hasha6150d4b8820c8e43f59161afcbe9df5 48b9c825309044fc1d6051cad42b42c2756bcf85 6b1db4a4a23d697b5d77ea26d9b6f78f823a9c95c5d44674c937b89cd3d7e440
GET /go/ptp HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache
pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: dest_src=61811; path=/; domain=.rotate4all.com; secure; SameSite=None
location: https://reducethehype.com/llps/?r=solarman
vary: User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/ptp/assets/css/custom/fonts/icomoon.ttf | 199.85.209.178 | | 915 B |
URL www.rotate4all.com/ptp/assets/css/custom/fonts/icomoon.ttf IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon Hash5fb7584c8c5ce71dc9c065f57e84dad4 d503a461dcf32a12e3aa1fe10ed7239a983f985c 4e134ed763658f75f57e9ee183c45d3fc35b73db4eab6d944aec7d17fbcc06b9
GET /ptp/assets/css/custom/fonts/icomoon.ttf HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/assets/css/custom/ptp13.min.css?v=1.02
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=61875
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 25 Jul 2021 13:48:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 31 Aug 2025 16:59:01 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 915
content-type: font/ttf
date: Sat, 31 Aug 2024 16:59:01 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| ad.a-ads.com/1110727?size=728x90 |  78.46.174.169 | | 5.5 kB |
URL ad.a-ads.com/1110727?size=728x90 IP78.46.174.169:0 ASN#24940 Hetzner Online GmbH
File typeHTML document, ASCII text, with very long lines (11039) Hash44a8972ac5c1f7d87d4ff18c06715be2 b92c3f2b68f47f18e37b8c83610ba9e661a2bf53 cb4b3335ea27fd86eb6ca7dbb768deefc7ac870470e0e95fcae80d5156e3e5ce
GET /1110727?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:00 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://ad2bitcoin.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dgbmining.online/files/logo/DGB468_60.svg | 188.114.96.1 | 200 OK | 113 kB |
URL GET HTTP/3dgbmining.online/files/logo/DGB468_60.svg IP188.114.96.1:443
Requested byhttps://dgbmining.online/bits-ads.php?type=0&&ids=51 CertificateIssuerGoogle Trust Services Subjectdgbmining.online Fingerprint53:69:2F:46:0F:36:C9:9C:CC:A0:A9:C3:68:20:36:EC:EF:BE:B2:D9 ValiditySat, 03 Aug 2024 03:24:25 GMT - Fri, 01 Nov 2024 03:24:24 GMT
File typeSVG Scalable Vector Graphics image Size113 kB (113425 bytes) Hash81f1d2fd5ad99a8937590340d84e8866 de150a59e69b0771dc4819f7847293dde7ced6bd 4c5258880b47e299d69a8eb2b687c6ef31a7a19c0dc00b523690813c8973bb37
GET /files/logo/DGB468_60.svg HTTP/1.1
Host: dgbmining.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/bits-ads.php?type=0&&ids=51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 31 Aug 2024 16:59:01 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Mon, 02 Sep 2024 07:11:57 GMT
last-modified: Wed, 14 Aug 2024 18:12:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 467223
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VdDU%2FWB0OT9O1PH%2Fe8WXoD6AU4ngz4GrbL6IsHnjqRE902%2B1qnliN2vEHk5sb%2FtQvpgZvlOb7fo%2Ba3Z9YWmF42cEk4g9XfRtfh7%2BbqtMTmKqIQUugvvqicDgStmqr2sOpYf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91954ce30b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash19b5ddc323d19c2c40aeac99710b0dbc b644c6fc9d897e368140e0c77c53d7b0af576f52 d1766589fe4143109d0ea9130f7c184d091f01bd546c6222e645423c654dbddc
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 100 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashc778aac1852c0b7b18c56b6094684fe7 8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d
POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 97
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Sat, 31 Aug 2024 16:59:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| autofaucet.org/wm/Usmanja200/4 | 104.21.5.68 | | 376 B |
URL autofaucet.org/wm/Usmanja200/4 IP104.21.5.68:0
File typeHTML document, ASCII text, with very long lines (430), with no line terminators Hash459de4800d825c7e17cb76df43cb1008 ef1c6e905c36fc7f6b00dab052e9756d88953d1a b8944ae63d1b83a0367d86057584cbe05610a231af0235a8e0916381155275ef
GET /wm/Usmanja200/4 HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA, ECT, Width, Viewport-Width, Platform-Version, Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: d3GL63S44vVGAv3N5k9x826tAeWsH3thgoY4AKDpHGtdGSPk=d4d219951347b53fdaf1d6d4eb4ad729; path=/
d3GL63S44vVGAv3N5k9x826tAeWcH3thgoY4AKDpHGtdGSPk=b4fbb64b59d6d8c107d223b0bff645d4; expires=Thu, 27-Feb-2025 16:59:00 GMT; Max-Age=15552000; path=/; secure; httponly; SameSite=Strict
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gr9asPnZKOINqyeg2T4Jn6q9SOzM9x3hhWffq1ztLuxMsjDXD1dCb0kbq3uIL99V0aW8XhBEo080I6Pqu8XXBeWZmyMA251r5E7zof8%2FQSU1qKSDQ7RhVfO9wNbI6IAG9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe918f3f1f5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| services.7searchppc.com/api/adscript | 149.28.70.94 | 204 No Content | 100 B |
URL OPTIONS HTTP/2services.7searchppc.com/api/adscript IP149.28.70.94:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectservices.7searchppc.com FingerprintB4:8A:A1:88:5A:DA:75:84:72:C4:C5:7A:29:28:21:7E:BC:EB:25:39 ValidityFri, 07 Jun 2024 11:53:40 GMT - Thu, 05 Sep 2024 11:53:39 GMT
Hashc778aac1852c0b7b18c56b6094684fe7 8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d
POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 111
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Sat, 31 Aug 2024 16:59:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| reducethehype.com/llps/background.jpg | 173.254.29.134 | | 80 kB |
URL reducethehype.com/llps/background.jpg IP173.254.29.134:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 640x360, components 3 Hashf6cb2f0356e600e6100badf83b2a07f1 87de29d4e7972e4e1dc4439f34ccbef18187764b 789b732ec17b8d20e0a72b1342c192de30175695a99888948d680104cc867c8c
GET /llps/background.jpg HTTP/1.1
Host: reducethehype.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://reducethehype.com/llps/?r=solarman
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 06 Aug 2019 16:40:07 GMT
accept-ranges: bytes
content-length: 79745
content-type: image/jpeg
date: Sat, 31 Aug 2024 16:59:01 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-195030228-1 | 142.250.74.168 | | 78 kB |
URL www.googletagmanager.com/gtag/js?id=UA-195030228-1 IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (4179) Hash1a746cfd27d0bd01b23ecb73136f8705 797101acfad6ddd9ab2a4d0a905faa462f406cf3 c1987b1bce1bcfc80976c03bad25e28761b02778913c0b3294e687e7ac8d6600
GET /gtag/js?id=UA-195030228-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:59:01 GMT
expires: Sat, 31 Aug 2024 16:59:01 GMT
cache-control: private, max-age=900
last-modified: Sat, 31 Aug 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashafa54ffadefe092aad9db0f091b68742 726b3b8f717af37a0b0cb9e542f4a3dd6faa12b2 c05d1e6b8505ae393ff2334f30d693cdc8037f984d8647c37de48f0a3b438565
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash99ebc1f7938e3e9899561e03c4517e12 57b79bfe44d18a75b3becf12828a6b9f6a356722 420ad5ea4f1a4548be4f4e3fd5d961090804feee0e160f428139136c0a0f1040
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/animate.css | 194.63.143.61 | | 4.9 kB |
URL press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/animate.css IP194.63.143.61:0 ASN#50113 NTX Technologies s.r.o.
Hash97d64faca1f1a0422ecf3ae998026899 61bc4cbfc9fc6e0db503aa67ba92c7c768a4c7e1 d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb
GET /e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/animate.css HTTP/1.1
Host: press-continue.0hb8kkr81em8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Sat, 31 Aug 2024 16:59:01 GMT
Content-Type: text/css
Last-Modified: Mon, 15 Jul 2024 09:33:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
ETag: W/"6694ed07-1361f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash99ebc1f7938e3e9899561e03c4517e12 57b79bfe44d18a75b3becf12828a6b9f6a356722 420ad5ea4f1a4548be4f4e3fd5d961090804feee0e160f428139136c0a0f1040
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| teleearnings.odoo.com/web/assets/1/115aa17/web.assets_frontend.min.css | 57.128.126.127 | | 121 kB |
URL teleearnings.odoo.com/web/assets/1/115aa17/web.assets_frontend.min.css IP57.128.126.127:0
CertificateIssuerLet's Encrypt Subject*.odoo.com Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1 ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT
File typegzip compressed data, max speed, from Unix Size121 kB (120817 bytes) Hash4d3b2f7a3a2f3b81e746573a174b42d3 eefedd06b0eaebc1061290637f9818bf5b6770ce f6cbd80758aea789a739713766f756164f974fee3a83c6ac829a5c62c4fa6652
GET /web/assets/1/115aa17/web.assets_frontend.min.css HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:58:59 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 26 Aug 2024 09:15:33 GMT
content-disposition: inline; filename=web.assets_frontend.min.css
cache-control: public, max-age=31536000, immutable
expires: Sun, 31 Aug 2025 16:58:59 GMT
set-cookie: session_id=84d86c269ea7db401f8951049fdfc5417487d842; Expires=Sun, 31 Aug 2025 16:58:59 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
etag: W/"66cc47b5-a89d4"
content-security-policy: default-src 'none'
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 | 142.250.74.99 | | 48 kB |
URL fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 48444, version 1.0 Hash8e433c0592f77beb6dc527d7b90be120 d7402416753ae1bb4cbd4b10d33a0c10517838bd f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 16:15:58 GMT
expires: Sat, 30 Aug 2025 16:15:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 88983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash22270f1c5f7eb4aeea0a357efa235e45 f831b798e3cddafa36e57bb6921c0e50c0dbdc99 80318e6f8af1b3e826ed446df70ecd4bda1e58bebef797b74da4fc89321d9894
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "80318E6F8AF1B3E826ED446DF70ECD4BDA1E58BEBEF797B74DA4FC89321D9894"
Last-Modified: Sat, 31 Aug 2024 02:50:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14509
Expires: Sat, 31 Aug 2024 21:00:50 GMT
Date: Sat, 31 Aug 2024 16:59:01 GMT
Connection: keep-alive
|
|
| fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 | 142.250.74.99 | | 48 kB |
URL fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 48444, version 1.0 Hash8e433c0592f77beb6dc527d7b90be120 d7402416753ae1bb4cbd4b10d33a0c10517838bd f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 16:15:58 GMT
expires: Sat, 30 Aug 2025 16:15:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 88983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash882be0f03759ef507bd8d0927c9bc574 d936aafa4fc7107e237e09679e633e2aa65889d7 3a0e491122580efbd319bbaa7a06092cde5fca88e9fe3b3dfecda90c649bc5c9
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3A0E491122580EFBD319BBAA7A06092CDE5FCA88E9FE3B3DFECDA90C649BC5C9"
Last-Modified: Thu, 29 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5752
Expires: Sat, 31 Aug 2024 18:34:53 GMT
Date: Sat, 31 Aug 2024 16:59:01 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash882be0f03759ef507bd8d0927c9bc574 d936aafa4fc7107e237e09679e633e2aa65889d7 3a0e491122580efbd319bbaa7a06092cde5fca88e9fe3b3dfecda90c649bc5c9
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3A0E491122580EFBD319BBAA7A06092CDE5FCA88E9FE3B3DFECDA90C649BC5C9"
Last-Modified: Thu, 29 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5752
Expires: Sat, 31 Aug 2024 18:34:53 GMT
Date: Sat, 31 Aug 2024 16:59:01 GMT
Connection: keep-alive
|
|
| www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c | 142.250.74.168 | | 94 kB |
URL www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c IP142.250.74.168:0
File typeJavaScript source, ASCII text, with very long lines (5945) Hash422929fc4b96fdab5043b5ff821e6183 908acf9881b437e64baaf5c7c5fd44bee3c6533f 28b901a25754934cbac6f245b35b370682fb18993df67a2f2b893db2eee7a79c
GET /gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:59:01 GMT
expires: Sat, 31 Aug 2024 16:59:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93814
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| img.diclotrans.com/img/690/630dd4b65a5b2.png | 188.114.96.1 | | 102 kB |
URL img.diclotrans.com/img/690/630dd4b65a5b2.png IP188.114.96.1:0
File typePNG image data, 1600 x 900, 8-bit/color RGB, non-interlaced Size102 kB (102492 bytes) Hash94b361aeaf5ce66812ba3f2a83ed7b14 18fed5b9f98fba5f29732eeb4c2ebb3375e121ab 910f39cad64e2dc3a115c332d8b55264fe666661a7082def527992a9bb2fa9c2
GET /img/690/630dd4b65a5b2.png HTTP/1.1
Host: img.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 31 Aug 2024 16:59:01 GMT
content-type: image/png
content-length: 102492
content-security-policy: block-all-mixed-content
etag: "94b361aeaf5ce66812ba3f2a83ed7b14"
last-modified: Mon, 24 Oct 2022 13:21:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-bucket-region: us-east-1
x-amz-replication-status: COMPLETED
x-amz-request-id: 17E3FA490FDE7DE7
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-version-id: null
x-server: minio
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qI9ucHe7nAJtaHP0%2Bca1HAJDpdLnEdcjg9HQ0Gpn9mePu59uhNOlRCm4ZWaDroW7blfKtGeykgTlv4W%2B1HPPx6ALMxvWmyUbUAQQsbFARH0qw8hs26hAbFXM%2FAZJFNpfv5n%2Ftwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 8bbe9198281e56b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=5&f=false&g=1725123541591&h=&i=1725123541591&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=5&f=false&g=1725123541591&h=&i=1725123541591&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=5&f=false&g=1725123541591&h=&i=1725123541591&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:01 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3xcvG1EnaabhDSwuuDydAlhDkfubmcS%2FuYoYLYh59C4aIrIxziFePV%2Fjj%2BQcQKqUk0920uOaz8d2Qq2Yp4NWKHxiscMlNefQPEGcsvom5i4dTCBRG1hQKgfvyrhjZrhsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe9198485256b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.22centsdailycycler.com/assets/vendors/animate/animate.min.css | 107.190.135.178 | | 84 kB |
URL www.22centsdailycycler.com/assets/vendors/animate/animate.min.css IP107.190.135.178:0
Hash8f6a0d1a63a3efde82d78da75011800a 644d3b12c37f7bc783e15260fd263662761606bb dec0a3fb2183a32d80fb227dfb43d85719e459b0abdc8156659c375fc7eb940d
GET /assets/vendors/animate/animate.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:41 GMT
accept-ranges: bytes
content-length: 83884
content-type: text/css
date: Sat, 31 Aug 2024 16:59:01 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.logwork.com/widget/countdown.js |  54.39.129.172 | | 319 B |
URL cdn.logwork.com/widget/countdown.js IP54.39.129.172:0
File typeJavaScript source, ASCII text, with very long lines (319), with no line terminators Hash54f05ba56c73460db65c002a229f8ab0 8aa869603bcd4f58ece767077684a3546b920af0 cdcf02532052dbd92b93f7a570fdc2eb576b6a1a3f9a169a1a9120b41a03282e
GET /widget/countdown.js HTTP/1.1
Host: cdn.logwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Aug 2024 16:59:01 GMT
Content-Type: application/javascript
Content-Length: 319
Last-Modified: Tue, 27 Apr 2021 11:04:31 GMT
Connection: keep-alive
ETag: "6087efbf-13f"
gzipenable: yes
Accept-Ranges: bytes
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=5&f=false&g=1725123541592&h=&i=1725123541592&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=5&f=false&g=1725123541592&h=&i=1725123541592&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=5&f=false&g=1725123541592&h=&i=1725123541592&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:02 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WwTXcoJtrxN%2Bo3nl3ZEKkJ17tCHaRr5C6deb1L7vFOBn%2B8SAahnElI4dM8riqsKu1uJHcgaHqV2jjhZkIQXNQZuRPGe3XwOjxizoqPjbcqxwef%2FhE3YyG1%2BmiLf8zAeR%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe9198485656b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js | 185.246.188.125 | | 2.8 kB |
URL loadingscripts.com/progress_p/pwa_links/default_scripts/notification.js IP185.246.188.125:0
File typeJavaScript source, ASCII text, with very long lines (2801), with no line terminators Hash01a2c61eb40ce8e341a0801f78da7735 1cb39b0674bc20c3208c16c53c131e74704759ed 03d593cbf7b72d3c70caedac0c0259330ce8b1a45b708e92e3f19245b6ca9929
GET /progress_p/pwa_links/default_scripts/notification.js HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: application/javascript
Content-Length: 2801
Last-Modified: Fri, 24 Mar 2023 17:31:52 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "641dde88-af1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/style.css | 185.246.188.125 | | 1.1 kB |
URL loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/style.css IP185.246.188.125:0
File typeASCII text, with CRLF line terminators Hash79d9dfa9f91948462f9069fd3e5f61ae 6c8c5a83d3c8180a16dd7e6c3065c81ad38bcc94 8c8549291722875346b6e050a092cdda6088d579aba282a66304299616c55871
GET /progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/style.css HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: text/css
Last-Modified: Thu, 25 May 2023 12:41:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
ETag: W/"646f577b-fe7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
|
|
| loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js | 185.246.188.125 | 200 OK | 1.8 kB |
URL GET HTTP/1.1loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js IP185.246.188.125:443
Requested byhttps://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/ CertificateIssuerLet's Encrypt Subjectloadingscripts.com FingerprintBB:33:30:CB:FF:8D:E5:D7:F0:FA:90:BB:39:8C:4B:25:7C:B8:57:1A ValidityWed, 21 Aug 2024 05:44:18 GMT - Tue, 19 Nov 2024 05:44:17 GMT
File typeASCII text, with CRLF line terminators Hash8dc402b92b1ed0b13627e2ba1b928cc7 35d1e71cdea9a15b778c6137baaaac1eda4aabb3 b1d3e86c81061bd76770790bf5e2f0ffa7b45f2c4e3fc3400a7142bf9b3a53fb
GET /progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/pwa_custom.js HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: application/javascript
Content-Length: 1801
Last-Modified: Thu, 25 May 2023 12:47:54 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "646f58fa-709"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/new_free.svg | 194.63.140.103 | | 1.5 kB |
URL press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/new_free.svg IP194.63.140.103:0 ASN#50113 NTX Technologies s.r.o.
File typeSVG Scalable Vector Graphics image Hashadd28f2b5b2a568a5d5b49bd7b40ec03 66ad7a5ce73b4f84f2f54e5e6150cd5cc923d25e 89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e
GET /e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/new_free.svg HTTP/1.1
Host: press-continue.0hb8kkr81em8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: image/svg+xml
Content-Length: 1545
Last-Modified: Mon, 15 Jul 2024 09:34:01 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "6694ed09-609"
Accept-Ranges: bytes
|
|
| press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/loading.svg | 194.63.143.61 | | 386 B |
URL press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/loading.svg IP194.63.143.61:0 ASN#50113 NTX Technologies s.r.o.
File typeSVG Scalable Vector Graphics image Hash484f8bcb59050331f28ec35ae84c3ef0 e083f687af91382e8485515369daffde1899a12a d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451
GET /e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/loading.svg HTTP/1.1
Host: press-continue.0hb8kkr81em8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.15.10
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: image/svg+xml
Content-Length: 386
Last-Modified: Mon, 15 Jul 2024 09:34:01 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "6694ed09-182"
Accept-Ranges: bytes
|
|
| press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/qr2.png | 194.63.140.103 | | 7.2 kB |
URL press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/qr2.png IP194.63.140.103:0 ASN#50113 NTX Technologies s.r.o.
File typePNG image data, 1160 x 1160, 8-bit/color RGB, non-interlaced Hashe8f6261c7f1f8a7621aa7f2fa7e1ba8e f149d15d01844eacf10330c9663961e84d233f28 bbb8033431308d56b3ca1ca801be7c56eb232aae77d2226bf2884dcf68aecd8f
GET /e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/qr2.png HTTP/1.1
Host: press-continue.0hb8kkr81em8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: image/png
Content-Length: 7192
Last-Modified: Mon, 15 Jul 2024 09:34:01 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "6694ed09-1c18"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashfd0cba0be026b652bbffe7b1677f7a50 14e043560f93c989426b59a5ce88ba1758ef3d1f ec79b16ec123b0034a02b557ad26892d404fcd5c573f516ead9bcc3f585702b9
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/1.png | 194.63.140.103 | | 50 kB |
URL press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/1.png IP194.63.140.103:0 ASN#50113 NTX Technologies s.r.o.
File typePNG image data, 980 x 980, 8-bit/color RGBA, non-interlaced Hash1143a7b3bc5051147099facc8dc1432e 3a01609fb60f785d3233a788dff4351a1d79d4c9 ff708dfd7d816c51832a47cebfaf051422ddd0ab0d96588b55a1a2b89c1f3f73
GET /e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/1.png HTTP/1.1
Host: press-continue.0hb8kkr81em8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: image/png
Content-Length: 49867
Last-Modified: Mon, 15 Jul 2024 09:33:59 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "6694ed07-c2cb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| www.22centsdailycycler.com/assets/vendors/bootstrap/css/bootstrap.min.css | 107.190.135.178 | | 156 kB |
URL www.22centsdailycycler.com/assets/vendors/bootstrap/css/bootstrap.min.css IP107.190.135.178:0
File typeUnicode text, UTF-8 text, with very long lines (65306) Size156 kB (155773 bytes) Hash2dd041c0f9a77b29b7ddf8873f23863d 7e8e4f1e84ad4eb080161636b1c04d35b6f8de5e 42596d895f890f38ba128eb1cc98aec3c19d6ed0bf5394761105cd055f185fe4
GET /assets/vendors/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 08:15:11 GMT
accept-ranges: bytes
content-length: 155773
content-type: text/css
date: Sat, 31 Aug 2024 16:59:01 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css | 107.190.135.178 | | 171 kB |
URL www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css IP107.190.135.178:0
File typeASCII text, with very long lines (65393) Size171 kB (170590 bytes) Hashc28a3dbd51a1eecb99e1ecd64afd39f0 c938ac7e0856a9f863d45d6882addb25659fdc04 8f1c246b40732c10a564ee391854c195705ccfd18c6c8f44383e9d434170dfd6
GET /assets/vendors/fontawesome/css/all.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:50 GMT
accept-ranges: bytes
content-length: 170590
content-type: text/css
date: Sat, 31 Aug 2024 16:59:01 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/assets/owl.theme.default.min.css | 107.190.135.178 | | 1.0 kB |
URL www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/assets/owl.theme.default.min.css IP107.190.135.178:0
File typeASCII text, with very long lines (846) Hash594b81805a98b267e47c70a8fad30d9f 684d84ec40b305ca14efc88c91f12972cb6342b4 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
GET /assets/vendors/owl-carousel/dist/assets/owl.theme.default.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:06 GMT
accept-ranges: bytes
content-length: 1013
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-magnific-popup/jquery.magnific-popup.css | 107.190.135.178 | | 7.0 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-magnific-popup/jquery.magnific-popup.css IP107.190.135.178:0
Hash30b593b71d7672658f89bfea0ab360c9 d6963db6faa9294387bb3175813a61bc3f859437 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
GET /assets/vendors/jquery-magnific-popup/jquery.magnific-popup.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:49 GMT
accept-ranges: bytes
content-length: 6951
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/bootstrap-datepicker/css/bootstrap-datepicker.min.css | 107.190.135.178 | | 16 kB |
URL www.22centsdailycycler.com/assets/vendors/bootstrap-datepicker/css/bootstrap-datepicker.min.css IP107.190.135.178:0
File typeASCII text, with very long lines (15543) Hashe69cf988c1f5545e1b1317154f356951 ac8766175bda564718ad37cc2c8b435e4b7e2988 b22c8ea45fe905650f8087108b5ed32c1923bcd80d400adc9b0241f18be40208
GET /assets/vendors/bootstrap-datepicker/css/bootstrap-datepicker.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:41 GMT
accept-ranges: bytes
content-length: 15731
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| diclotrans.com/impr/is/as/CInvgMuaMhIeMTIzNTI4NTE1Mi0zNDA0NS0xNzI1MTIzNTQwODczGk0KBAj9iQISRQoWCP___________wEQ____________ARIrCgQI_IkCEiMKBwifFRDol3kSGAoLCP___________wESCQoHCKggEOiXeSocc3M6NTEwZDAwYzdhNzZjYTgwMS0yODc1MjA1OTIDV0VC/au/1235285152-34045-1725123540873?ori=58x | 188.114.96.1 | | 0 B |
URL diclotrans.com/impr/is/as/CInvgMuaMhIeMTIzNTI4NTE1Mi0zNDA0NS0xNzI1MTIzNTQwODczGk0KBAj9iQISRQoWCP___________wEQ____________ARIrCgQI_IkCEiMKBwifFRDol3kSGAoLCP___________wESCQoHCKggEOiXeSocc3M6NTEwZDAwYzdhNzZjYTgwMS0yODc1MjA1OTIDV0VC/au/1235285152-34045-1725123540873?ori=58x IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impr/is/as/CInvgMuaMhIeMTIzNTI4NTE1Mi0zNDA0NS0xNzI1MTIzNTQwODczGk0KBAj9iQISRQoWCP___________wEQ____________ARIrCgQI_IkCEiMKBwifFRDol3kSGAoLCP___________wESCQoHCKggEOiXeSocc3M6NTEwZDAwYzdhNzZjYTgwMS0yODc1MjA1OTIDV0VC/au/1235285152-34045-1725123540873?ori=58x HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 31 Aug 2024 16:59:02 GMT
content-length: 0
location: https://img.diclotrans.com/img/690/630dd4b68903d.png
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=daIpczL3A0LKick%2BEdt6XLgv0h%2BFJjbXt0zJm1tMW0up7mwjHgaNvzUDDAXWfUyMl08Z%2FUhE7h942Dz078z3p7AtVibiuX2InwM6WsO%2BmUO5Bp1oChbfsdnp3RVaK15lSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe919aeb6456b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/assets/owl.carousel.min.css | 107.190.135.178 | | 3.4 kB |
URL www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/assets/owl.carousel.min.css IP107.190.135.178:0
File typeASCII text, with very long lines (3184) Hashb2752a850d44f50036628eeaef3bfcfa fba46353cf90450ef3d362a123f1e7af3e8c561e 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
GET /assets/vendors/owl-carousel/dist/assets/owl.carousel.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:05 GMT
accept-ranges: bytes
content-length: 3351
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/close.svg | 185.246.188.125 | | 1.3 kB |
URL loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/close.svg IP185.246.188.125:0
File typeSVG Scalable Vector Graphics image Hash369850b9873659adf0951d845f57dba1 a64257186daa33b6b318943a457b6cf8d80b26b6 9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21
GET /progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/close.svg HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: image/svg+xml
Content-Length: 1279
Last-Modified: Wed, 24 May 2023 13:06:32 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "646e0bd8-4ff"
Accept-Ranges: bytes
|
|
| www.22centsdailycycler.com/assets/vendors/ion.rangeSlider/css/ion.rangeSlider.min.css | 107.190.135.178 | | 11 kB |
URL www.22centsdailycycler.com/assets/vendors/ion.rangeSlider/css/ion.rangeSlider.min.css IP107.190.135.178:0
File typeUnicode text, UTF-8 text, with very long lines (11083), with no line terminators Hash2b4160a5466fe5914370b6795e7a8b77 79aeb3848b7b6620b743781ab3b614fc9c727870 83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca
GET /assets/vendors/ion.rangeSlider/css/ion.rangeSlider.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:38 GMT
accept-ranges: bytes
content-length: 11084
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-nice-select/css/nice-select.css | 107.190.135.178 | | 4.0 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-nice-select/css/nice-select.css IP107.190.135.178:0
Hasha7ace323b9fc8a831a6e64feb23fa0b9 9317ad29306bc72eb3fa92981be8141fcd394e7c c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d
GET /assets/vendors/jquery-nice-select/css/nice-select.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:52 GMT
accept-ranges: bytes
content-length: 4007
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/js/ie-emulation-modes-warning.js | 107.190.135.178 | | 2.1 kB |
URL www.22centsdailycycler.com/assets/js/ie-emulation-modes-warning.js IP107.190.135.178:0
File typeJavaScript source, ASCII text Hasha40552917752e3b9dbf39a67177f8dc1 8f5d06d7f8d9594e65a694d0d2b0776946954210 6d7c9f6ece6c8ae31d4ac7728f3db3813364d31b8e2ca8ee816bc57d20d46aea
GET /assets/js/ie-emulation-modes-warning.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 Nov 2015 16:37:04 GMT
accept-ranges: bytes
content-length: 2130
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/just5cycler-icons/flaticon_just5cycler.css | 107.190.135.178 | 200 OK | 2.6 kB |
URL GET HTTP/2www.22centsdailycycler.com/assets/vendors/just5cycler-icons/flaticon_just5cycler.css IP107.190.135.178:443
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
Hash901930f73836b06e1c6aef5fbd7d2e8e 0da04f26e80920cd2c5e3c344b5fc6addbe5f9ad 6803493d9e41c845aec2e7c9de79b36df82b8938dd6aa31fe1afe3e40de3c378
GET /assets/vendors/just5cycler-icons/flaticon_just5cycler.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:54 GMT
accept-ranges: bytes
content-length: 2623
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/logo-light.png | 107.190.135.178 | | 8.7 kB |
URL GET www.22centsdailycycler.com/assets/images/logo-light.png IP107.190.135.178:0
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typePNG image data, 263 x 47, 8-bit/color RGBA, non-interlaced Hash6b3096a2642b25b147adc88f3077e6ae afe0082ab305474332e48af50d9b76f5bfd3747c 9763cef9557ad8c608830017c389706fb2fba4197bfc5047af8a89245d829d66
GET /assets/images/logo-light.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 09:32:32 GMT
accept-ranges: bytes
content-length: 8680
content-type: image/png
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-nice-select/js/jquery.nice-select.min.js | 107.190.135.178 | | 2.9 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-nice-select/js/jquery.nice-select.min.js IP107.190.135.178:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2822) Hashd13462ec489f9f0c309a811f85feb3d6 d9545f8b139eae5b387de1a60a84abe949c7e88f 66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
GET /assets/vendors/jquery-nice-select/js/jquery.nice-select.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:53 GMT
accept-ranges: bytes
content-length: 2942
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/wow/wow.js | 107.190.135.178 | | 6.3 kB |
URL GET www.22centsdailycycler.com/assets/vendors/wow/wow.js IP107.190.135.178:0
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6269) Hash105fb3799fcf14f1ea8fcff23f2686dc 00a8a01378a8259b38cba29dc69ddf761450053f 704ae255ab62df5481884eb0db69b552c686e7094b21581b1cbc86a9b6c3800b
GET /assets/vendors/wow/wow.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:10 GMT
accept-ranges: bytes
content-length: 6299
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/youtube-popup/youtube-popup.jquery.js | 107.190.135.178 | | 2.8 kB |
URL www.22centsdailycycler.com/assets/vendors/youtube-popup/youtube-popup.jquery.js IP107.190.135.178:0
File typeJavaScript source, ASCII text Hashe228eaaba52fa71b2009df8830a2493b 6a828b731ee22c969d8b9907abc6e9e82fea2ab7 08107dab454ad85916d0816b605712daf4b53099f29239899438972f2bf9dce2
GET /assets/vendors/youtube-popup/youtube-popup.jquery.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:12 GMT
accept-ranges: bytes
content-length: 2805
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-appear/jquery.appear.min.js | 107.190.135.178 | | 1.3 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-appear/jquery.appear.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (1266), with no line terminators Hash64531fe766285a4f78a602f316d52d48 9a0ace71a45e5546e2d3464f3439f563d865aed4 7212f627fb02a6e5780ddae7870b9b06906e322ba57b33a137444994f5fafb15
GET /assets/vendors/jquery-appear/jquery.appear.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:45 GMT
accept-ranges: bytes
content-length: 1266
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/js/just5cycler.js | 107.190.135.178 | | 11 kB |
URL www.22centsdailycycler.com/assets/js/just5cycler.js IP107.190.135.178:0
File typeJavaScript source, ASCII text Hash1398f5b7e0c1fb88c9d0daf27ffef9f1 a19f7761f8d3dfb71ace1d39daed1fae32ef342f d474c55f0bf3bdd4417512e4adf4337bd3949c0bc2f472f74b9b579604aa9ba8
GET /assets/js/just5cycler.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:48:34 GMT
accept-ranges: bytes
content-length: 11024
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/css/just5cycler.css | 107.190.135.178 | | 299 kB |
URL www.22centsdailycycler.com/assets/css/just5cycler.css IP107.190.135.178:0
Size299 kB (299280 bytes) Hash8519eada286bc0d679f18e5684861d72 4112e0385eb140f2aeec45543fc39267a6ab5787 0a44ffa4f78fd2b7d7d6cb8a42b79018e7d225171605e7ac8d3855c4cb5544ee
GET /assets/css/just5cycler.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 12:20:40 GMT
accept-ranges: bytes
content-length: 299280
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-validated/jquery.validate.min.js | 107.190.135.178 | | 21 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-validated/jquery.validate.min.js IP107.190.135.178:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20952) Hash3b00d60f87e893caf2649eff0d48813a fc82fb23ccece3522359fe88dad3569925b3379c 2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
GET /assets/vendors/jquery-validated/jquery.validate.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:52 GMT
accept-ranges: bytes
content-length: 21090
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-magnific-popup/jquery.magnific-popup.min.js | 107.190.135.178 | | 20 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-magnific-popup/jquery.magnific-popup.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (20087) Hashba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
GET /assets/vendors/jquery-magnific-popup/jquery.magnific-popup.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:49 GMT
accept-ranges: bytes
content-length: 20216
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/download-gif.gif | 185.246.188.125 | | 104 kB |
URL loadingscripts.com/progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/download-gif.gif IP185.246.188.125:0
File typeGIF image data, version 89a, 188 x 188 Size104 kB (104467 bytes) Hash2d00d3926dd5bb55e7ab4100bacb86a7 9d3c247c6e1fe672b8ba0849f30ed18c45176883 0175bfd9afe9543559c705914fac010a6d609017f0a2edcffe599549561fb5d0
GET /progress_p/pwa_links/main/cinema/custom_cinema_fullpage/1/download-gif.gif HTTP/1.1
Host: loadingscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: image/gif
Content-Length: 104467
Last-Modified: Thu, 25 May 2023 10:24:54 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "646f3776-19813"
Accept-Ranges: bytes
|
|
| www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/owl.carousel.min.js | 107.190.135.178 | | 44 kB |
URL www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/owl.carousel.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (31997) Hashf416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
GET /assets/vendors/owl-carousel/dist/owl.carousel.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:05 GMT
accept-ranges: bytes
content-length: 44342
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/ion.rangeSlider/js/ion.rangeSlider.min.js | 107.190.135.178 | 200 OK | 41 kB |
URL GET HTTP/2www.22centsdailycycler.com/assets/vendors/ion.rangeSlider/js/ion.rangeSlider.min.js IP107.190.135.178:443
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41067) Hashb5c1f83e8e2c9fad4a9c7a7e8c34b2fa a1c7a35489061767940a66b546466ff5212a4625 67adfdac93b9ec1899cd00e55ac1b217e109dc5b379c3e2940f91f8a64f2dd2f
GET /assets/vendors/ion.rangeSlider/js/ion.rangeSlider.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:40 GMT
accept-ranges: bytes
content-length: 41171
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/bootstrap-datepicker/js/bootstrap-datepicker.min.js | 107.190.135.178 | | 34 kB |
URL www.22centsdailycycler.com/assets/vendors/bootstrap-datepicker/js/bootstrap-datepicker.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (31941) Hash37807363a13de55c2184eb0777ff8b13 ac34b8e4a2363c231f5a0bb8224d69959efcbd4b 6ea55ea86749ee1fe560fabac6b3effd81b33046fa74dc657e24d41d28110a9f
GET /assets/vendors/bootstrap-datepicker/js/bootstrap-datepicker.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:49 GMT
accept-ranges: bytes
content-length: 33693
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/bootstrap/js/bootstrap.bundle.min.js | 107.190.135.178 | | 80 kB |
URL www.22centsdailycycler.com/assets/vendors/bootstrap/js/bootstrap.bundle.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (65299) Hashb75ae000439862b6a97d2129c85680e8 90d15036ef48fcb336a135bae812b45669f19044 9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
GET /assets/vendors/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:43 GMT
accept-ranges: bytes
content-length: 80420
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js | 104.17.25.14 | | 27 kB |
URL cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js IP104.17.25.14:0
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.leadsleap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 31 Aug 2024 16:59:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 221302
expires: Thu, 21 Aug 2025 16:59:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpcepVqt019KcLJAzF9AGriCPOpl9SF3dLcvwYLLbZ0j361fQqydu%2BZk9Gj5POEUPW4RlehvALmeXkalbbZZOiBVEBVlaF4SIytJXFQr5AS7NEgWvIfAvNvfFwOuttghaErDhS76"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8bbe919cfd7856aa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.22centsdailycycler.com/assets/vendors/jquery/jquery-3.6.1.min.js | 107.190.135.178 | | 90 kB |
URL GET www.22centsdailycycler.com/assets/vendors/jquery/jquery-3.6.1.min.js IP107.190.135.178:0
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
GET /assets/vendors/jquery/jquery-3.6.1.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:43 GMT
accept-ranges: bytes
content-length: 89664
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-ajaxchimp/jquery.ajaxchimp.min.js | 107.190.135.178 | | 2.4 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-ajaxchimp/jquery.ajaxchimp.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (2381), with no line terminators Hash36d1b0e5a3a7397b267e704beb2f7272 86df23e41520d19dd0c6928e4a5de89c1ae172a2 2dcc9f6916671ee0ee4c5f7c7b6f13c519189b65d371a39309c0d95b79050c28
GET /assets/vendors/jquery-ajaxchimp/jquery.ajaxchimp.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:43 GMT
accept-ranges: bytes
content-length: 2381
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/bg.gif | 194.63.140.103 | | 854 kB |
URL press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/bg.gif IP194.63.140.103:0 ASN#50113 NTX Technologies s.r.o.
File typeGIF image data, version 87a, 600 x 338 Size854 kB (854531 bytes) Hashfb515d8640e8153526073e3dba53cef1 065dcee1850b622ab7e96586cc5ae737dd335587 306d7910500ae32624462375434beaab45581fdfb743af6f3efa5b096a403721
GET /e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/assets/bg.gif HTTP/1.1
Host: press-continue.0hb8kkr81em8.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/e102479204fcec81f6dfb01f2462a2dfa451531d/qq1/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.23.4
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: image/gif
Content-Length: 854531
Last-Modified: Mon, 15 Jul 2024 09:34:00 GMT
Connection: keep-alive
Keep-Alive: timeout=10
ETag: "6694ed08-d0a03"
Accept-Ranges: bytes
|
|
| www.22centsdailycycler.com/assets/vendors/youtube-popup/youtube-popup.css | 107.190.135.178 | | 3.1 kB |
URL www.22centsdailycycler.com/assets/vendors/youtube-popup/youtube-popup.css IP107.190.135.178:0
Hashe674ef3f719a4689914b2e99717b8660 a0ac5022c0fe8b639ed2670545a317927fbb6244 761c0c46ba437c24fb3500f08bd6bb0dd7d8acadd2e2b8c4d7cc720f3ad88125
GET /assets/vendors/youtube-popup/youtube-popup.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:11 GMT
accept-ranges: bytes
content-length: 3070
content-type: text/css
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/images/22cdc-468.gif | 107.190.135.178 | | 123 kB |
URL www.22centsdailycycler.com/images/22cdc-468.gif IP107.190.135.178:0
File typeGIF image data, version 89a, 468 x 60 Size123 kB (122857 bytes) Hashb985e6bab0e5fcba86b0441bb9226bd8 740dd97c41f00a7f508c2ec3a1485731a74e060d 6d0e36afe994f480ae86cd9b24bdb3279a942b1ff1747f05d62832a1f2753b64
GET /images/22cdc-468.gif HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 12:37:18 GMT
accept-ranges: bytes
content-length: 122857
content-type: image/gif
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 | 142.250.74.99 | | 48 kB |
URL fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 48444, version 1.0 Hash8e433c0592f77beb6dc527d7b90be120 d7402416753ae1bb4cbd4b10d33a0c10517838bd f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 16:15:58 GMT
expires: Sat, 30 Aug 2025 16:15:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 88984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/why.png | 107.190.135.178 | | 199 kB |
URL www.22centsdailycycler.com/assets/images/why.png IP107.190.135.178:0
File typePNG image data, 526 x 554, 8-bit/color RGBA, non-interlaced Size199 kB (198789 bytes) Hash152f92e1049595667625b4fa1c11c70a 9a4c4528eaedc6a0409caceae2a211c9668232aa dd2ca2b2e95c44b3b0381d833271de71337a0a709e11870b0501cd95aba4730f
GET /assets/images/why.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 12:20:05 GMT
accept-ranges: bytes
content-length: 198789
content-type: image/png
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/wallet.png | 107.190.135.178 | | 244 kB |
URL www.22centsdailycycler.com/assets/images/wallet.png IP107.190.135.178:0
File typePNG image data, 570 x 460, 8-bit/color RGBA, non-interlaced Size244 kB (244186 bytes) Hash936d380d65fd542a19817d9530ecbbb6 c6b36dd3c3daf7df04a715e254d0feb2fd357e7b 4dbd0d614486866a0c309538a5ec110ab7ff5ccab9d0a153bb22fac216461aa1
GET /assets/images/wallet.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:19 GMT
accept-ranges: bytes
content-length: 244186
content-type: image/png
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/cryp.png | 107.190.135.178 | | 248 kB |
URL www.22centsdailycycler.com/assets/images/cryp.png IP107.190.135.178:0
File typePNG image data, 569 x 666, 8-bit/color RGBA, non-interlaced Size248 kB (247922 bytes) Hashffba429e1fb1398057e7485feaf4c730 1b533b5ff7f09e0cba4a5427642d370f1c4c6838 7e49f2285511f71cb47fae2b257993740bedf95e17905c7e9ef82a9f5c2065d8
GET /assets/images/cryp.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:18 GMT
accept-ranges: bytes
content-length: 247922
content-type: image/png
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/key.png | 107.190.135.178 | | 288 kB |
URL GET www.22centsdailycycler.com/assets/images/key.png IP107.190.135.178:0
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typePNG image data, 544 x 484, 8-bit/color RGBA, non-interlaced Size288 kB (288425 bytes) Hash38ca6e85326937ab1b12ee9c2c7746dc 5ed1122be995af1dbb93cf5665f80df6e78479fc 1c6bca9129c2b86ba63de87af4fedef6fb4f35fcc140529aca405119956a4495
GET /assets/images/key.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:09 GMT
accept-ranges: bytes
content-length: 288425
content-type: image/png
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/ams.png | 107.190.135.178 | | 304 kB |
URL www.22centsdailycycler.com/assets/images/ams.png IP107.190.135.178:0
File typePNG image data, 1920 x 2537, 8-bit/color RGB, non-interlaced Size304 kB (304044 bytes) Hash2c3e8f7dd206489a0dad02089fd29bc4 6499e98826a6e0c9029d1dc2e13fc2f9936f5f58 b3b2be6df7e2eb25f6ec030d098f19d0c2cb8f78dd709ebe3f6263cd0fc16a6c
GET /assets/images/ams.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Jul 2024 12:13:55 GMT
accept-ranges: bytes
content-length: 304044
content-type: image/png
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 19:59:36 GMT
expires: Wed, 27 Aug 2025 19:59:36 GMT
cache-control: public, max-age=31536000
age: 334766
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/background/slider-3-1.png | 107.190.135.178 | | 305 kB |
URL www.22centsdailycycler.com/assets/images/background/slider-3-1.png IP107.190.135.178:0
File typePNG image data, 495 x 560, 8-bit/color RGBA, non-interlaced Size305 kB (305229 bytes) Hashd354218f1573fbdd033751947ae1aa9d e7fe8ec97d99a63160f5ed047c00c5597c1b1936 81dba408e83c6778c55f98e0e446e107fefa87713d05f08a5f496d52f4830625
GET /assets/images/background/slider-3-1.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:04:24 GMT
accept-ranges: bytes
content-length: 305229
content-type: image/png
date: Sat, 31 Aug 2024 16:59:02 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 19:59:36 GMT
expires: Wed, 27 Aug 2025 19:59:36 GMT
cache-control: public, max-age=31536000
age: 334766
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/background/banner-shape.png | 107.190.135.178 | | 207 kB |
URL www.22centsdailycycler.com/assets/images/background/banner-shape.png IP107.190.135.178:0
File typePNG image data, 1888 x 900, 8-bit/color RGBA, non-interlaced Size207 kB (207381 bytes) Hashb75546215e24b8043c5b5eb2ca5439fc d148755ce94360f44b7b0c3b5591ac0d5d9d6c80 5639e9dbc87087e3dfd73ac9335eb8fa1aaa8dd1c98b65ab8f9f68ed2fbedfeb
GET /assets/images/background/banner-shape.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:04:05 GMT
accept-ranges: bytes
content-length: 207381
content-type: image/png
date: Sat, 31 Aug 2024 16:59:03 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.logwork.com/widget/countdown_api.js?v=202473116 | 54.39.129.172 | | 1.5 kB |
URL cdn.logwork.com/widget/countdown_api.js?v=202473116 IP54.39.129.172:0
File typeJavaScript source, ASCII text, with very long lines (4328), with no line terminators Hashba1e761e6f2ff160a98f72ae4859a01f c78272ccd5a79544d714ecf0a9af2941a5cea526 eaa549df4aeed94abfc03d6f99a6c2442f624a84d7e3ff85544745dc6f2df734
GET /widget/countdown_api.js?v=202473116 HTTP/1.1
Host: cdn.logwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Aug 2024 16:59:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 28 Jun 2024 16:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"667ee11c-10e8"
gzipenable: yes
Content-Encoding: gzip
|
|
| fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 | 142.250.74.99 | | 29 kB |
URL fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 29072, version 1.0 Hashf9990e36d3040ce97f84bc02efec0207 8dbf32f495eb08a1171c60bb0aeb38a545d566a4 25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
GET /s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 22:29:48 GMT
expires: Wed, 27 Aug 2025 22:29:48 GMT
cache-control: public, max-age=31536000
age: 325754
last-modified: Thu, 24 Aug 2023 21:14:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| w.leadsleap.com/php.php?ll_r=solarman&ll_id=w74431&ll_sr=&ll_f=0&ll_tbo=&ll_hc=%230000ff&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=0&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=0&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Freducethehype.com%2Fllps%2F%3Fr%3Dsolarman&ll_rf=https%3A%2F%2Fwww.rotate4all.com%2F | 104.26.11.93 | | 547 kB |
URL w.leadsleap.com/php.php?ll_r=solarman&ll_id=w74431&ll_sr=&ll_f=0&ll_tbo=&ll_hc=%230000ff&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=0&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=0&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Freducethehype.com%2Fllps%2F%3Fr%3Dsolarman&ll_rf=https%3A%2F%2Fwww.rotate4all.com%2F IP104.26.11.93:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1236) Size547 kB (546843 bytes) Hashd5918e8de8acd653b916a92a66549358 8972f75537f98078c53a1959d22dfdea5c73905b 070f69a498a55762361ab9a7b98a01ed0595efa703706cb45a41c6321de523ad
GET /php.php?ll_r=solarman&ll_id=w74431&ll_sr=&ll_f=0&ll_tbo=&ll_hc=%230000ff&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=0&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=0&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Freducethehype.com%2Fllps%2F%3Fr%3Dsolarman&ll_rf=https%3A%2F%2Fwww.rotate4all.com%2F HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://reducethehype.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:02 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6C2EF7nnvrlUSpAVUOi9DXgin7vNUkl12BYQtBmDlEfrx8C%2FR6NoMspbcO%2F2k7Xm%2FhY%2Bv%2BeeFVdumVljC%2BUSV3JlZrArcdltwCJy%2FK%2Fs888Ap2NmcRc6ne5w33bTuGsxMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe9198481756a5-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 | 142.250.74.99 | | 29 kB |
URL fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 29072, version 1.0 Hashf9990e36d3040ce97f84bc02efec0207 8dbf32f495eb08a1171c60bb0aeb38a545d566a4 25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
GET /s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 22:29:48 GMT
expires: Wed, 27 Aug 2025 22:29:48 GMT
cache-control: public, max-age=31536000
age: 325755
last-modified: Thu, 24 Aug 2023 21:14:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/background/service-4-bg-1.jpg | 107.190.135.178 | | 31 kB |
URL www.22centsdailycycler.com/assets/images/background/service-4-bg-1.jpg IP107.190.135.178:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1249, components 3 Hashe76e66b3f7ccd2438d3565ec3f6d2a36 b2d5876c7b53b8cd22959a5709f5e66ff8893e0b c64663f26628a51f21ac32bc9a029bccccd9e72ef60ae838c12df364a7fe5e82
GET /assets/images/background/service-4-bg-1.jpg HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:04:19 GMT
accept-ranges: bytes
content-length: 31071
content-type: image/jpeg
date: Sat, 31 Aug 2024 16:59:03 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 | 142.250.74.99 | | 29 kB |
URL fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 29072, version 1.0 Hashf9990e36d3040ce97f84bc02efec0207 8dbf32f495eb08a1171c60bb0aeb38a545d566a4 25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
GET /s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 22:29:48 GMT
expires: Wed, 27 Aug 2025 22:29:48 GMT
cache-control: public, max-age=31536000
age: 325755
last-modified: Thu, 24 Aug 2023 21:14:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/background/super-bg.png | 107.190.135.178 | | 127 kB |
URL www.22centsdailycycler.com/assets/images/background/super-bg.png IP107.190.135.178:0
File typePNG image data, 1920 x 617, 8-bit/color RGB, non-interlaced Size127 kB (126636 bytes) Hash06af79428cbcd0007861ffbde3cf4b52 1e2be9144a4bf39d958ca8d26d3cf006df7056f8 8ce5c12e57cbe3f5e3565c62f6fc67203e23aca22261517f7252781d1266fb00
GET /assets/images/background/super-bg.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:04:27 GMT
accept-ranges: bytes
content-length: 126636
content-type: image/png
date: Sat, 31 Aug 2024 16:59:03 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/background/about-3-bg-1-1.jpg | 107.190.135.178 | | 2.3 MB |
URL www.22centsdailycycler.com/assets/images/background/about-3-bg-1-1.jpg IP107.190.135.178:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1920x761, components 3 Size2.3 MB (2253229 bytes) Hash5618b9c67b945ea3c1a46a6fa2c246bc 08ea71bae17d0a720b6853b7f344810e0ce82ee7 520eeead02a3a857b3b4aad3b8e330e67025806a7795e16dede16f5b7e12573d
GET /assets/images/background/about-3-bg-1-1.jpg HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 08:31:23 GMT
accept-ranges: bytes
content-length: 2253229
content-type: image/jpeg
date: Sat, 31 Aug 2024 16:59:03 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/shapes/footer-bg-3-1.png | 107.190.135.178 | | 114 kB |
URL www.22centsdailycycler.com/assets/images/shapes/footer-bg-3-1.png IP107.190.135.178:0
File typePNG image data, 1920 x 627, 8-bit/color RGBA, non-interlaced Size114 kB (113809 bytes) Hash255289935dcab6724c8307ae8b0e930d a142f21b9043cf58da4f6294fe44f308844621de 960eb0c96cfafc35574a4a37ed6dd56afd1003354500850660a96c59837c1289
GET /assets/images/shapes/footer-bg-3-1.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/css/just5cycler.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:35 GMT
accept-ranges: bytes
content-length: 113809
content-type: image/png
date: Sat, 31 Aug 2024 16:59:03 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| llsvr.com/imgad/derekb1.a.150616.jpg | 172.67.163.151 | | 28 kB |
URL llsvr.com/imgad/derekb1.a.150616.jpg IP172.67.163.151:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 375x250, components 3 Hash3b61ac68b6a6aaa2ca3f3f3983d70520 07e58ed31c800baffa72519fe4a59f1c626dec04 cf63ab0c93740c1cd5c6de505624e5a10bca2f90f088ae45a6750f34034d91ea
GET /imgad/derekb1.a.150616.jpg HTTP/1.1
Host: llsvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.leadsleap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:03 GMT
content-type: image/jpeg
content-length: 28196
last-modified: Fri, 07 Jun 2024 06:58:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2921
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyqS9ugJ5JziqruWBuj6deQ99FpCzFmFaB%2B%2BWAO8uVHagYOCAS2HDxHbbS%2BMqeKP%2FFfCzpTVTAQ9PT2iKld6GItVQx4RVwYu5MjRKyBXEXbpaGb3sKMSsTAlU7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bbe91a24dd4568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-brands-400.woff2 | 107.190.135.178 | | 76 kB |
URL www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-brands-400.woff2 IP107.190.135.178:0
File typeWeb Open Font Format (Version 2), TrueType, length 76008, version 330.-16253 Hashc4af52f53368b81cc3ea577f37f9a916 c3f74ba2dc7b1a65db133419f99aed7de1645342 ec2e22fd918a8ffef0f54f466fb7edd2c586f39dad794cd25a0a97ce36c404d2
GET /assets/vendors/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:54 GMT
accept-ranges: bytes
content-length: 76008
content-type: font/woff2
date: Sat, 31 Aug 2024 16:59:03 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap | 142.250.74.106 | | 138 kB |
URL fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap IP142.250.74.106:0
File typegzip compressed data, max compression Size138 kB (138346 bytes) Hash39e49e9fab7299f7c80e7ddda2767bfb 8f1c51817d7c6cd02cb75581ad29744fdd43fa4c 7865928a1a7234c27af0eeae98871088887bb2ce1da0d46ac79e0cacbe0767b4
GET /css2?family=Inter:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 31 Aug 2024 16:59:02 GMT
date: Sat, 31 Aug 2024 16:59:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2 | 107.190.135.178 | | 170 kB |
URL www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2 IP107.190.135.178:0
File typeWeb Open Font Format (Version 2), TrueType, length 169732, version 330.-16253 Size170 kB (169732 bytes) Hash983a20d28fbf8fbc27cfeb096f0ebd85 c203f41e912f98d28decd9ebaf5aa287f4094c5a ec686d1012de783a5024affc9215692642a7b25af322ecc177062632902e6cd5
GET /assets/vendors/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:26 GMT
accept-ranges: bytes
content-length: 169732
content-type: font/woff2
date: Sat, 31 Aug 2024 16:59:03 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/embed.js | 142.250.74.46 | | 21 kB |
URL www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/embed.js IP142.250.74.46:0
File typeJavaScript source, ASCII text, with very long lines (3391) Hashc9d372ee5a18bf13e7044cccc423c04d 5602305070994f39320e6bec14a29007b1f199ab d29abbaa974fe8e54a264aaf59d26e0ca5996019a5a9ca8a16d845d7d839dba9
GET /s/player/57c75fa4/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 20656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 21:14:21 GMT
expires: Fri, 29 Aug 2025 21:14:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 157483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.99 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Aug 2024 19:29:01 GMT
expires: Thu, 28 Aug 2025 19:29:01 GMT
cache-control: public, max-age=31536000
age: 250203
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/57c75fa4/www-player.css | 142.250.74.46 | | 49 kB |
URL www.youtube.com/s/player/57c75fa4/www-player.css IP142.250.74.46:0
File typeASCII text, with very long lines (65536), with no line terminators Hashd58aaf00126d8ffa2bfccd3a5590f108 41bd8d50cff07e63e7fa711fa93879d4491d9456 83c68d5a6ff88a64557ba476bd210484038e3ece1561ac724cc73e85554a0880
GET /s/player/57c75fa4/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48636
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 04:36:05 GMT
expires: Sat, 30 Aug 2025 04:36:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 130979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| img.diclotrans.com/img/690/630dd4b68903d.png | 188.114.96.1 | | 1.3 MB |
URL img.diclotrans.com/img/690/630dd4b68903d.png IP188.114.96.1:0
File typePNG image data, 1600 x 900, 8-bit/color RGBA, non-interlaced Size1.3 MB (1305555 bytes) Hashc9818d62e2d06e8a3b60f3b75ed7f122 11022dbb30395a42f8f642b76cad06a12113427e e63ea97e12cc688a8023c7aa89b98a70299a302f47178c4ded24aa424ec23771
GET /img/690/630dd4b68903d.png HTTP/1.1
Host: img.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 31 Aug 2024 16:59:02 GMT
content-type: image/png
content-length: 1305555
access-control-allow-credentials: true
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
content-security-policy: block-all-mixed-content
etag: "c9818d62e2d06e8a3b60f3b75ed7f122"
last-modified: Mon, 24 Oct 2022 13:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-bucket-region: us-east-1
x-amz-replication-status: COMPLETED
x-amz-request-id: 17D8CCC6F7D5B503
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-version-id: null
x-server: minio
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tdx%2Bnuc3dgRKM1BhcmX87hlpAUmLbTV2TZp3xhR50zhYRDr3lu%2FsrFJsNwVNW%2Bnf%2Bp5zVBQZEd0I0lWlofq7qiWiKasd7oItmOIy%2BNFLQo670mmmNtDLxr49dW5MIGt0CrZK5ro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 8bbe919e181b56b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/recaptcha/api.js | 142.250.74.164 | | 365 kB |
URL www.google.com/recaptcha/api.js IP142.250.74.164:0
File typegzip compressed data, max compression Size365 kB (365359 bytes) Hashb2d6a5b34acc16e07dbc960cfd2d8324 becf3f69bc66d9ce23c2743bb5f5524a237652d7 e947710a935865f4c9d6252391e6e1df8cedb1773cbfdb682b265d8fdfdb31e4
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 31 Aug 2024 16:59:01 GMT
date: Sat, 31 Aug 2024 16:59:01 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | | 15 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 17:41:06 GMT
expires: Sat, 30 Aug 2025 17:41:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 83878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap | 142.250.74.106 | | 35 kB |
URL fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap IP142.250.74.106:0
File typegzip compressed data, max compression Hash392cb59ec36a26e44edbb5cb3ac44934 f358e59107dc59a396b086c11a7d62cdb7ded257 5315712cef01437cee7794d6e683c9e0b60246e982a2fd5ba81808f87dc7822a
GET /css2?family=Roboto:wght@300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://press-continue.0hb8kkr81em8.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 31 Aug 2024 16:59:02 GMT
date: Sat, 31 Aug 2024 16:59:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash002bdfe1e7e83be2768cf1feaa795ffe a96ba612b38ebe5043361894a0227892147efb59 ea12007112e8753a622ec590e46f1569d79c40890df4239079a222174e2748fe
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7617d8ecade278af9950ac90cd0de5ea e22fb4a87f7849c366ab8d2be860a3665c3d0663 83f402b4ac322d06db569473302a83903bf3d122c1fd16b98803ddcac68732ef
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "83F402B4AC322D06DB569473302A83903BF3D122C1FD16B98803DDCAC68732EF"
Last-Modified: Sat, 31 Aug 2024 02:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5871
Expires: Sat, 31 Aug 2024 18:36:55 GMT
Date: Sat, 31 Aug 2024 16:59:04 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7617d8ecade278af9950ac90cd0de5ea e22fb4a87f7849c366ab8d2be860a3665c3d0663 83f402b4ac322d06db569473302a83903bf3d122c1fd16b98803ddcac68732ef
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "83F402B4AC322D06DB569473302A83903BF3D122C1FD16B98803DDCAC68732EF"
Last-Modified: Sat, 31 Aug 2024 02:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5793
Expires: Sat, 31 Aug 2024 18:35:37 GMT
Date: Sat, 31 Aug 2024 16:59:04 GMT
Connection: keep-alive
|
|
| www.youtube.com/s/player/57c75fa4/www-embed-player.vflset/www-embed-player.js | 142.250.74.46 | | 100 kB |
URL www.youtube.com/s/player/57c75fa4/www-embed-player.vflset/www-embed-player.js IP142.250.74.46:0
File typeJavaScript source, ASCII text, with very long lines (809) Hash49d7c04519fa784bc16129e83f0bcf18 5f108a8f1326ccdca660fbec28e1284fa47e8914 0852366b4598bf10a346a2a84b70ec4bb62b9c17eb09fdc0045027eb3741f747
GET /s/player/57c75fa4/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99977
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 22:27:34 GMT
expires: Fri, 29 Aug 2025 22:27:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 153090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| llsvr.com/imgad/headhunterpro.a.73072.jpg | 172.67.163.151 | | 28 kB |
URL llsvr.com/imgad/headhunterpro.a.73072.jpg IP172.67.163.151:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 375x250, components 3 Hashcb1b8f8859a873d3dfcfe7f207bfa958 12ddb73a9f712108e6c22b2a173d45f648b518ad 3bc8bdc7af6d02b055c7667b340605c660855b1509ee8e9e9ae5635e9126ec9d
GET /imgad/headhunterpro.a.73072.jpg HTTP/1.1
Host: llsvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.leadsleap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:04 GMT
content-type: image/jpeg
content-length: 27635
last-modified: Fri, 29 Mar 2024 18:18:46 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1X5pJDehBolFg0K8FJcX3r%2F%2BlIirBdNCZLRHruAgJ8%2BAfP2BeWNPcQMzxq49j3CjZ20mh1nMQZ6NIO7IHbKF4GtCkcPEf0%2F9UWIOsbR4PFWfPNbkCgjLqT3Wfc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bbe91a13cb6568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| llsvr.com/imgad/bestwebtools.a.148639.jpg | 172.67.163.151 | | 32 kB |
URL llsvr.com/imgad/bestwebtools.a.148639.jpg IP172.67.163.151:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 375x250, components 3 Hash5555f13dac63ca71962c253bd5adf152 a32ad71a83e98c42ab08fbf941cdb0820a619ff6 c2aab84603ccf1cce742cbc3b0ced1bca1584d4c57026da3116afc24c7c6a126
GET /imgad/bestwebtools.a.148639.jpg HTTP/1.1
Host: llsvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.leadsleap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:04 GMT
content-type: image/jpeg
content-length: 32536
last-modified: Tue, 14 May 2024 22:16:17 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORfeCjnFcZcW%2BBrWRK09ir42CC6bmvm6o2XVEbFzwCQflJv%2FnABBubbv3aZyQiN24u%2F18w2roOD%2B8lVre%2F8%2F9PplX5uSHNnBc7q1knx5xtOynBKmgp16X5SkF1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bbe91a23dc8568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7617d8ecade278af9950ac90cd0de5ea e22fb4a87f7849c366ab8d2be860a3665c3d0663 83f402b4ac322d06db569473302a83903bf3d122c1fd16b98803ddcac68732ef
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "83F402B4AC322D06DB569473302A83903BF3D122C1FD16B98803DDCAC68732EF"
Last-Modified: Sat, 31 Aug 2024 02:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5793
Expires: Sat, 31 Aug 2024 18:35:37 GMT
Date: Sat, 31 Aug 2024 16:59:04 GMT
Connection: keep-alive
|
|
| llsvr.com/imgad/ebur1081.a.138308.jpg | 172.67.163.151 | | 42 kB |
URL llsvr.com/imgad/ebur1081.a.138308.jpg IP172.67.163.151:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 375x250, components 3 Hash510aea7089f18bc273bd88f0567f0704 824cdf03114c9e8b4e6585a2238154f784679719 07bbd44d9c18869e4673ef5e9fe0e7554fea627798b02df7a56b3fb2607f42e4
GET /imgad/ebur1081.a.138308.jpg HTTP/1.1
Host: llsvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.leadsleap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:04 GMT
content-type: image/jpeg
content-length: 42070
last-modified: Fri, 26 Jan 2024 21:25:36 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23Oasy8Z4UyHHJCDXxXoYnlgwxMB4Jwqghp88%2BfsLRWuSctmNBa60AQH%2BGUlHHJspjFkk7FrzsADM%2F08lNcqWWsbwNf3eFmR0kWLCUrB2qYAocGhEcKIA2ehMg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bbe91a13cb8568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js | 142.250.74.163 | | 217 kB |
URL www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js IP142.250.74.163:0
File typeJavaScript source, ASCII text, with very long lines (553) Size217 kB (216812 bytes) Hashb0878e919a5bca8858b4c1e59929452f 43d32e52807d59d2195d8ef6e33f909d58611e21 04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f
GET /recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 216812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Aug 2024 08:31:26 GMT
expires: Sun, 31 Aug 2025 08:31:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Aug 2024 04:00:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 30458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ctracking.io/check |  109.109.135.103 | 204 No Content | 0 B |
IP109.109.135.103:443 ASN#205072 Layershift Limited
Requested byhttps://dgbmining.online/dgb.php CertificateIssuerLet's Encrypt Subjectctracking.io Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Sat, 31 Aug 2024 16:59:04 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: 8c025230-cdde-4ec1-b0d9-8573b81563da
expires: Sat, 31 Aug 2024 17:14:04 GMT
last-modified: Sat, 31 Aug 2024 16:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=8c025230-cdde-4ec1-b0d9-8573b81563da; Path=/; Domain=ctracking.io; Expires=Sun, 31 Aug 2025 16:59:04 GMT; HttpOnly; Secure; SameSite=None
route=8c2e835b44175e253f408a06a8a8cad6; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| ctracking.io/check | 109.109.135.103 | 204 No Content | 0 B |
IP109.109.135.103:443 ASN#205072 Layershift Limited
Requested byhttps://dgbmining.online/dgb.php CertificateIssuerLet's Encrypt Subjectctracking.io Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dgbmining.online/
Content-Type: application/json
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 31 Aug 2024 16:59:04 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: 7534b007-5364-4e57-9b4a-9d3b1db01602
expires: Sat, 31 Aug 2024 17:14:04 GMT
last-modified: Sat, 31 Aug 2024 16:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=7534b007-5364-4e57-9b4a-9d3b1db01602; Path=/; Domain=ctracking.io; Expires=Sun, 31 Aug 2025 16:59:04 GMT; HttpOnly; Secure; SameSite=None
route=8c2e835b44175e253f408a06a8a8cad6; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/base.js | 142.250.74.46 | | 772 kB |
URL www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/base.js IP142.250.74.46:0
File typeJavaScript source, ASCII text, with very long lines (534) Size772 kB (771666 bytes) Hash566e055089daeede8ca5bf4abca1e215 24bc691fa16c6c91dcc8027b38bedf0f7ed76c40 a03f98bb7203114e888a61a8f3a85f3ca7e76c426a18ac5350806fbfd6414364
GET /s/player/57c75fa4/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 771666
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 20:20:30 GMT
expires: Sat, 30 Aug 2025 20:20:30 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 74314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| logwork.com/widget/countdown/?text=ANNIVERSARY%20COUNTDOWN%20TIMER&timezone=America%2FNew_York&width=&style=circles&uid=75587&loc=https://logwork.com/countdown-18ka&language=&textcolor=%23ffa033&background=%23b95314&date=2024-08-19%2011%3A30&digitscolor=%231f2a22&unitscolor=%23563826&url=https://www.22centsdailycycler.com/ | 54.39.129.172 | | 1.6 kB |
URL logwork.com/widget/countdown/?text=ANNIVERSARY%20COUNTDOWN%20TIMER&timezone=America%2FNew_York&width=&style=circles&uid=75587&loc=https://logwork.com/countdown-18ka&language=&textcolor=%23ffa033&background=%23b95314&date=2024-08-19%2011%3A30&digitscolor=%231f2a22&unitscolor=%23563826&url=https://www.22centsdailycycler.com/ IP54.39.129.172:0
File typeJavaScript source, ASCII text Hash86683e51cbea74c00114e7fc5c27bf96 02da6efeda5b194ff2d50b1a2409e80b975ff9f2 0e0330d28685994198d10e867d77df4470fa6991255e740eb88600961387807f
GET /widget/countdown/?text=ANNIVERSARY%20COUNTDOWN%20TIMER&timezone=America%2FNew_York&width=&style=circles&uid=75587&loc=https://logwork.com/countdown-18ka&language=&textcolor=%23ffa033&background=%23b95314&date=2024-08-19%2011%3A30&digitscolor=%231f2a22&unitscolor=%23563826&url=https://www.22centsdailycycler.com/ HTTP/1.1
Host: logwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Aug 2024 16:59:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
|
|
| llsvr.com/imgad/mesty.a.146960.jpg | 172.67.163.151 | | 42 kB |
URL llsvr.com/imgad/mesty.a.146960.jpg IP172.67.163.151:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 375x250, components 3 Hash6b292649ac436f8734b83a33fb9ecd55 a9831056ee8ea5d48102eadabeea6f46a18cfd58 0257750c8c2bca381a6b78d0da70e9850983eef5b82d0f3b37dd1ec735fdb8c1
GET /imgad/mesty.a.146960.jpg HTTP/1.1
Host: llsvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://w.leadsleap.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:04 GMT
content-type: image/jpeg
content-length: 42257
last-modified: Tue, 23 Apr 2024 21:57:54 GMT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TinykIs%2BZbvWsDHi5IRWTRI7QNT%2BWsETdXfMLHFUnrub6jc1W4ZnvBEbLNkmz%2BzMexM22uXzSGKm0zM3OXoTA9mJOy7m05QqaWpWOyz%2FfhgNagC7Bh8ZYCoZTRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bbe91a569aa568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| appsha-pnd.ctengine.io/static/popunder.js?v=1724924326288 | 109.109.136.213 | | 697 B |
URL appsha-pnd.ctengine.io/static/popunder.js?v=1724924326288 IP109.109.136.213:0 ASN#205072 Layershift Limited
File typeJavaScript source, ASCII text, with very long lines (697), with no line terminators Hashd50878e9e6a825e4e946b5504757f185 e4d714a00ead20b7079d8b3989f6cf449cc4fe7e 4661af2a1102d437be6149188d92d82b5e8991bf8e942d2ba0834250c0e44677
GET /static/popunder.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:05 GMT
content-type: application/javascript; charset=UTF-8
content-length: 697
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Sat, 31 Aug 2024 17:14:05 GMT
last-modified: Sat, 31 Aug 2024 16:59:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=5d7573d67191f489767476aa551e9701; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123545073&h=&i=1725123545073&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123545073&h=&i=1725123545073&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123545073&h=&i=1725123545073&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:05 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wqAiXABxL1GSqSvQtniI1E7HOnoDegCBUq8kqy6IEElciBVq64Kda0118fmd0G3cVE6wSgGrrogxbNe61CSWtWH%2FQUl8pMWhNAH8%2FnGUpA9T%2BMl5p8KRrMOXl2pEzcpblg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91afeff256b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123545131&h=&i=1725123545131&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/3diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123545131&h=&i=1725123545131&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerGoogle Trust Services Subjectdiclotrans.com FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2 ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123545131&h=&i=1725123545131&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:05 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AA6HafC1UEGAEhSXpbs4Pj6xiHAULG7OHBDAYhZjeWc%2F%2FabXYmBMVqoemHqAhe5ihTqj0W%2F86rHfLv46vE5fEgOwS%2Bmpj5eoxaZiGVjhMBchMrz95EpJk39jijj21szd0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91aff80456b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rotate4all.com/ptp/promote.php?user=288272 | 199.85.209.178 | | 86 B |
URL www.rotate4all.com/ptp/promote.php?user=288272 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
Hashdcfccf622715ef8d751137e720b56d46 37d6f668c5272339bdbdbfa53cd2aefaab0b4d5a d8c4cd44e42aaf14f570152832ecadb2c7e32f33eec6f78fb8c9da96bd42e137
POST /ptp/promote.php?user=288272 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 165
Origin: https://www.rotate4all.com
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=61875
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 86
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:05 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/remote.js | 142.250.74.46 | | 34 kB |
URL www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/remote.js IP142.250.74.46:0
File typeJavaScript source, ASCII text, with very long lines (543) Hash7b2eb4c7a3d269ecfaa324bc87082bce 0bfadc7dcbbe79842c7406a2dae482ae297e3d53 bcc0085f28c0b771cbb8ea181f1a36269596bace4170eb55394d6ac32ac5631f
GET /s/player/57c75fa4/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33645
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 21:36:16 GMT
expires: Sat, 30 Aug 2025 21:36:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 69769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| teleearnings.odoo.com/website/translations/4e9366179cafe7230ffb62fc71af1b8bc3c6db1b?lang=en_US | 57.128.126.127 | | 23 kB |
URL teleearnings.odoo.com/website/translations/4e9366179cafe7230ffb62fc71af1b8bc3c6db1b?lang=en_US IP57.128.126.127:0
CertificateIssuerLet's Encrypt Subject*.odoo.com Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1 ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT
File typegzip compressed data, max speed, from Unix Hashe92b094624c44599fa7d49cc3a09ccef 40c9208e1947bf82de6d8d0761ca9a4ce3271fea 677ff1512283aaca84e98bbfcfa2b128faea239e08bbdae59c8c43ff7de16aaf
GET /website/translations/4e9366179cafe7230ffb62fc71af1b8bc3c6db1b?lang=en_US HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:05 GMT
content-type: application/json
cache-control: public, max-age=31536000
set-cookie: frontend_lang=en_US; Expires=Sun, 31 Aug 2025 16:59:05 GMT; Path=/
session_id=d64abc305bb252fb8d649df06473564d3c550f80; Expires=Sun, 31 Aug 2025 16:59:05 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| teleearnings.odoo.com/web/static/img/spin.svg | 57.128.126.127 | | 981 B |
URL teleearnings.odoo.com/web/static/img/spin.svg IP57.128.126.127:0
CertificateIssuerLet's Encrypt Subject*.odoo.com Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1 ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT
File typeSVG Scalable Vector Graphics image Hash2421dfaa84d7cd32a498e73f4d05550e 464a141c605cae9b6a8373c3f46f64bda1e25c66 1669cdfc1f08eb4468e3e946060728ccdece79741d6bd088c6647aa634dd3fd5
GET /web/static/img/spin.svg HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:05 GMT
content-type: image/svg+xml
content-length: 981
last-modified: Thu, 28 Mar 2024 10:46:03 GMT
etag: "66054a6b-3d5"
expires: Sun, 01 Sep 2024 16:59:05 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/ptp/promote.php?user=288272 | 199.85.209.178 | | 0 B |
URL www.rotate4all.com/ptp/promote.php?user=288272 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ptp/promote.php?user=288272 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 209
Origin: https://www.rotate4all.com
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=61875
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:05 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| pwk5m.icu/86dc41bb81c8146d36a4/1d04d533ca/?placementName=default&is_first=true&randomA=0_6391&maxw=1200&time=08%2F31%2F2024%2016%3A59%3A04 |  185.66.201.43 | | 3.9 kB |
URL pwk5m.icu/86dc41bb81c8146d36a4/1d04d533ca/?placementName=default&is_first=true&randomA=0_6391&maxw=1200&time=08%2F31%2F2024%2016%3A59%3A04 IP185.66.201.43:0 ASN#201702 skHosting.eu s.r.o.
File typeHTML document, ASCII text, with very long lines (7043) Hash0509da80a5e3d26064d448a8c6f7a4f5 19db3fc52a48a0249f8ff2ff05e1b4139be431f2 a9c66c777cc197b18c4cae16a2cd5d1bfae2d720bfbacfba209b67412cbdec38
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /86dc41bb81c8146d36a4/1d04d533ca/?placementName=default&is_first=true&randomA=0_6391&maxw=1200&time=08%2F31%2F2024%2016%3A59%3A04 HTTP/1.1
Host: pwk5m.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleearnings.odoo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:04 GMT
content-type: text/html; charset=utf-8
set-cookie: shown1=0; expires=Sun, 01 Sep 2024 16:59:04 GMT; Max-Age=86400; secure; SameSite=None
used_ad2911540=1; expires=Sun, 01 Sep 2024 03:59:59 GMT; Max-Age=39655; path=/; secure; SameSite=None
total_impressions=1; expires=Sun, 01 Sep 2024 03:59:59 GMT; Max-Age=39655; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
|
|
| appsha-pnd.ctengine.io/static/slide.js?v=1724924326288 | 109.109.136.213 | | 2.4 kB |
URL appsha-pnd.ctengine.io/static/slide.js?v=1724924326288 IP109.109.136.213:0 ASN#205072 Layershift Limited
File typegzip compressed data, max speed, from Unix Hashaf1e93a74424cc017ad39182a42f0ed6 858c6bc294b539b8deb9a5287af238c78c4084a4 67579d18109ab2c294053da0093e1e2ba3fdcb2fb9e416f590a04bbf197185c5
GET /static/slide.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Sat, 31 Aug 2024 17:14:05 GMT
last-modified: Sat, 31 Aug 2024 16:59:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=b69b7737fc9de3bcfcefb724b85e82b2; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashf718e139b5281d7b2ca39e0154ef68c1 078c10e7bb6e67dfde135fb0bdb4570928944fb5 e51e80e0c7b1973c45d396f71171d16d0489223a406db67a3f6e82b4ea4b224d
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| apps-pnd.ctengine.io/tmp | 109.109.137.73 | | 0 B |
IP109.109.137.73:0 ASN#205072 Layershift Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ct-remote-token
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Sat, 31 Aug 2024 16:59:06 GMT
access-control-allow-origin: https://dgbmining.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Configuration
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Configuration
access-control-max-age: 1728000
set-cookie: route=86b7137969cbfb903a802ad5e379047c; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi_webp/jOT7NGAvyiE/default.webp | 216.58.211.22 | | 2.3 kB |
URL i.ytimg.com/vi_webp/jOT7NGAvyiE/default.webp IP216.58.211.22:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp Hashcf7c7953067bd046bc981619c979d7df 3945228904da795fed4ee324900fb2399eef7f0a 09290b8343d01a59f54652faa37d6a72e37b86ffd975c1d3e199389fec17e97e
GET /vi_webp/jOT7NGAvyiE/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Aug 2024 16:13:45 GMT
expires: Sat, 31 Aug 2024 18:13:45 GMT
cache-control: public, max-age=7200
age: 2721
etag: "1721447945"
content-type: image/webp
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | | 43 kB |
URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
Hash0734d481e949a8d12fc83cefcfa1352d 81119e2fcd36a47baaec4271396bc4344c251cbb be1c8c2477e1a70c6ca2085910518a8839ad798deef74149b76a2d4937d22829
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:06 GMT
server: ESF
cache-control: private
content-length: 42865
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apps-gb1.adsgravity.io/base/v1/ad-request | 172.67.138.192 | | 0 B |
URL apps-gb1.adsgravity.io/base/v1/ad-request IP172.67.138.192:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /base/v1/ad-request HTTP/1.1
Host: apps-gb1.adsgravity.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://dgbmining.online
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
set-cookie: route=d2b981924c4c334e5b71884091c1d274; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w70%2F29VFIJsrX2ygdIkMYLV%2BZ4ja4zwijwcuOMSh97v%2F%2BRL%2FydZ6bQyZZypAcH5MY2AP6%2FvEGoQKrw56ad%2BhmMoc6I6phmANP11y0PCmJMR2PHVJ38HN4Bqpt5Q8bS6aUJjahRLwFDNj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91b3c97356aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash7709dd6a6260fe90a5882e24212ab6b9 49a3a705546bbe1934bf199d275242340ce2f297 e371d6b6ab10b3b253c45be3f7a1f1e334d0151a5cd1016c96205237d9da2733
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/generate_204?M_WpYA | 142.250.74.46 | | 0 B |
URL www.youtube.com/generate_204?M_WpYA IP142.250.74.46:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?M_WpYA HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 31 Aug 2024 16:59:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 0 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:06 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash424e775377593db3528c56406ec045f1 2542f6a61a63eb1229e4bcd7e4e5f7e6180647a6 2733472f07fbba752774a2f2d2205b135cfab4ce420e25617c018e910d4ab55b
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/VFFnnFQes4tginFVR9JBjW_o3cxyh9sG3a1wTZFTCj8P0LgkTUkpOp37z1Z2AckO5d5uGo0Ueg=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | | 1.6 kB |
URL yt3.ggpht.com/VFFnnFQes4tginFVR9JBjW_o3cxyh9sG3a1wTZFTCj8P0LgkTUkpOp37z1Z2AckO5d5uGo0Ueg=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3 Hash06ba8099a15aa6db018780bd1f32114f c5d5fe5b8b5ab150ce1632a276971db142b276e4 251ef1e8bba4b087c3a0b1fca61ee2ad5de0e9157213605b9eba3e5c25dee6ec
GET /VFFnnFQes4tginFVR9JBjW_o3cxyh9sG3a1wTZFTCj8P0LgkTUkpOp37z1Z2AckO5d5uGo0Ueg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1556
x-xss-protection: 0
date: Sat, 31 Aug 2024 14:50:33 GMT
expires: Sun, 01 Sep 2024 14:50:33 GMT
cache-control: public, max-age=86400, no-transform
age: 7713
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 131 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 411
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:06 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash424e775377593db3528c56406ec045f1 2542f6a61a63eb1229e4bcd7e4e5f7e6180647a6 2733472f07fbba752774a2f2d2205b135cfab4ce420e25617c018e910d4ab55b
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| apps-pnd.ctengine.io/tmp | 109.109.137.73 | | 47 B |
IP109.109.137.73:0 ASN#205072 Layershift Limited
File typeASCII text, with no line terminators Hashbadd4c7da63625ab86e7258367d480e6 00bbcb5620ddd78e3103d9166001557ff3e6807e 4233b4d3277e95148e3a411f0f8998351682dfb723fce350fd8c46088489a4be
POST /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
CT-Remote-Token: 7534b007-5364-4e57-9b4a-9d3b1db01602
Content-Length: 107
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:06 GMT
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: https://dgbmining.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Configuration
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Configuration
set-cookie: ctuid=7534b007-5364-4e57-9b4a-9d3b1db01602; expires=Mon, 30 Sep 2024 16:59:06 GMT; Max-Age=2592000; path=/; domain=.ctengine.io; secure; HttpOnly; SameSite=None
route=00a9f3f260dbb28a6cfd0d8f090fe872; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 0 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:06 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | | 0 B |
URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 31 Aug 2024 16:59:06 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 131 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1099
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:06 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 131 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 417
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:06 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apps-gb1.adsgravity.io/base/v1/ad-request | 172.67.138.192 | | 6.5 kB |
URL apps-gb1.adsgravity.io/base/v1/ad-request IP172.67.138.192:0
Hash1db8e580ec454e98d4048f4c2557f732 ce65555c7e0679606d0935432eab3e4661de76dd a3cf3084d4cec57483ac10ce5454e980f18316ed00a8d2991c19bddf49c60da8
POST /base/v1/ad-request HTTP/1.1
Host: apps-gb1.adsgravity.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dgbmining.online/
Content-Type: application/json
Content-Length: 632
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:06 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: *
grpc-metadata-content-type: application/grpc
vary: Origin
set-cookie: route=2c77b7980ee297043d9e0124ccf2329d; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bho0diLA2t%2Bl9WWxeF82EgnW2dRqYCry0%2BjMVEtpDJNub%2BdaFtl9XMUCzLnjLtMr2gYRt07CLD7bxPpxHYNUDbytpzAJAfuC34tqNdUvAL5EcXnyxQe2JhvP2mn8Z2vwy1L7hq2OE5Em"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91b488cc56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | | 114 B |
URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
Hash653314d1538dbca17ed7ef8392b050d8 afec695ba0470b63d83e428c73b9470e95f29f8d ae1e857d2a85219733fadc70eb3d5b08be8dfc033f7d8c589231a1fedf170425
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1132
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:06 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashf825e0ae7a5582aff4e9fb5530267aa6 5e3d90485b9f7d488d4692c1616746d9f8f44ec5 7925ac8091046ac986b19ae4c1cf9af45d8328a50677254f18ba85a863a67344
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Aug 2024 16:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| tpc.googlesyndication.com/sodar/sodar2/225/runner.html | 142.250.74.129 | | 5.0 kB |
URL tpc.googlesyndication.com/sodar/sodar2/225/runner.html IP142.250.74.129:0
File typeHTML document, ASCII text, with very long lines (2020) Hash1d3d22df067f5219073f9c0fabb74fdd d5c226022639323d93946df3571404116041e588 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 14:27:10 GMT
expires: Sat, 30 Aug 2025 14:27:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 95516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/bg/Y4kDWM76wifkQEpdyV_qV919xjUbW68Vp6zTd8kmBRk.js | 142.250.74.34 | | 21 kB |
URL pagead2.googlesyndication.com/bg/Y4kDWM76wifkQEpdyV_qV919xjUbW68Vp6zTd8kmBRk.js IP142.250.74.34:0
File typeJavaScript source, ASCII text, with very long lines (53689) Hash93ed6847e36a69bc3066d73909879f42 56b27d72070d78e4c34e18e674de749ab8fc1494 63890358cefac227e4404a5dc95fea57dd7dc6351b5baf15a7acd377c9260519
GET /bg/Y4kDWM76wifkQEpdyV_qV919xjUbW68Vp6zTd8kmBRk.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20779
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 23:45:34 GMT
expires: Fri, 29 Aug 2025 23:45:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Aug 2024 15:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 148413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| tpc.googlesyndication.com/generate_204?8-nfdQ | 142.250.74.129 | | 0 B |
URL tpc.googlesyndication.com/generate_204?8-nfdQ IP142.250.74.129:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?8-nfdQ HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 31 Aug 2024 16:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.142 | | 31 B |
URL www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.142:0
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1725123547821
Content-Type: application/json
X-Goog-Visitor-Id: CgtaUDgwQk9wdVpONCjXl822BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240827.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1725123544739&flash=0&frm=2&u_tz&u_his=6&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C169&vis=1&wgl=true&ca_type=image
Content-Length: 10409
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sat, 31 Aug 2024 16:59:07 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240828&jk=85827468525952&bg=!QEOlQwzNAAakh3bWhIc7ADQBe5WfOGsH5KzO_KOgAVdRzWNzYRloyDt6jQt7i_YP9rzWd2jKo669AKWRQOXVtU6Thty0AgAAARtSAAAAB2gBB34ANexc2HQtjfaxjc1eHFDvxhj9ysTDwv9A2RObSFzrEuquefY-yXy8ZZP3xV8asSLGaDlMI9FvCgEhLOkJdDhp4Fwz5-LGn04IK1DB0JuIwg4aDUuzbfp6C-5rsnCtSDxlx7peuiy9B6vg-yf0QSww-DPfwTwbAE7R5qUSiKkd_aG44CoOO9m3Wa6U_vCfHreI6TZolGs2UopRvB1gSQqJtzdicyjAVsRwmCzvNSZ7qhMeu0G3l7bdt981KBlqeFao4RUEzyZJMpgmL_lp6LX1edJremXM8LD7p63jTs9B6kUhOOhyJ7lSwEBe728aGrQlRsGdlggyFpHn0ei41K-RfjfWg2MqTVh6YyV1XhCOhbvLgWyB6X9Ux4XeEJzfFFBEylBj-aEiBpv1jWimrgm3xEe0dP5Rdxwh7RlvJFVx9E8I5LSRJHEixhKLpRDhCR6vWb9pTGWcElMlGZkCKlMwpNP_Y5D_5v60xug0crA533146o-4B_fEevnxF7fazDLR5Fg2KLRNiQlCuCX7UMrl8F-F9SgGEEjtl4a8l19mNg-3vN2nTeyAlhk9TR-GOuJ7ZL3w9hsTw7l6RurK9Nv8NPcAoflXrXrTq__9sE1v3vpjA6YEWsetzDrDp_EPIQvaaMRey695QFifGpycsLyF7WH6-oqbQP5eudWvI8vNuG0GwvJ1Zy2D5NOPWaynF0b1TGX1P4e2M75dMLPN-sdihPdJa0_Ke3QpeQH3z1f-yX7MjBqFeUFFvjZSZ10HTwtaymUSOfVsjStOQgKSJk1PtCBQXioroFFfcm0moFT5aVv50_i8bzS_ijARtKdAfuPMKaEI7S0pbD4ZcfSge8Qt-ufHh4Ph6-Dnj2ZewaswLoyk0yE_dfjHEPpUPLrHwMQW5UqxatIvEM7PkAEu6x_Ca6qklhEBHVFVbBb_G1QneABzdTnyUheDoFmEDRUObc2yhZvdR_q0YDMtwwfiWe6LbZSrkxY56V01Yb-Ghw_gLrnnIP3dXfIaVY_DNLMFctCCzduCM-qofDxk69d-vyMopd9kCF9brWUjFkdREiada5RUNJFC4wdq7dASxR-ogtgl_GDvKZfV0SLjCOC4Ze_V14EKUk468UFG-w3r8QWzz58nFyycT46XRIA3vJ7FUyui7dat9PMF23sE688n8IzPO1f6p0lL1bayj1D9xzUCyonyNqlwfK3r | 142.250.74.34 | | 0 B |
URL pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240828&jk=85827468525952&bg=!QEOlQwzNAAakh3bWhIc7ADQBe5WfOGsH5KzO_KOgAVdRzWNzYRloyDt6jQt7i_YP9rzWd2jKo669AKWRQOXVtU6Thty0AgAAARtSAAAAB2gBB34ANexc2HQtjfaxjc1eHFDvxhj9ysTDwv9A2RObSFzrEuquefY-yXy8ZZP3xV8asSLGaDlMI9FvCgEhLOkJdDhp4Fwz5-LGn04IK1DB0JuIwg4aDUuzbfp6C-5rsnCtSDxlx7peuiy9B6vg-yf0QSww-DPfwTwbAE7R5qUSiKkd_aG44CoOO9m3Wa6U_vCfHreI6TZolGs2UopRvB1gSQqJtzdicyjAVsRwmCzvNSZ7qhMeu0G3l7bdt981KBlqeFao4RUEzyZJMpgmL_lp6LX1edJremXM8LD7p63jTs9B6kUhOOhyJ7lSwEBe728aGrQlRsGdlggyFpHn0ei41K-RfjfWg2MqTVh6YyV1XhCOhbvLgWyB6X9Ux4XeEJzfFFBEylBj-aEiBpv1jWimrgm3xEe0dP5Rdxwh7RlvJFVx9E8I5LSRJHEixhKLpRDhCR6vWb9pTGWcElMlGZkCKlMwpNP_Y5D_5v60xug0crA533146o-4B_fEevnxF7fazDLR5Fg2KLRNiQlCuCX7UMrl8F-F9SgGEEjtl4a8l19mNg-3vN2nTeyAlhk9TR-GOuJ7ZL3w9hsTw7l6RurK9Nv8NPcAoflXrXrTq__9sE1v3vpjA6YEWsetzDrDp_EPIQvaaMRey695QFifGpycsLyF7WH6-oqbQP5eudWvI8vNuG0GwvJ1Zy2D5NOPWaynF0b1TGX1P4e2M75dMLPN-sdihPdJa0_Ke3QpeQH3z1f-yX7MjBqFeUFFvjZSZ10HTwtaymUSOfVsjStOQgKSJk1PtCBQXioroFFfcm0moFT5aVv50_i8bzS_ijARtKdAfuPMKaEI7S0pbD4ZcfSge8Qt-ufHh4Ph6-Dnj2ZewaswLoyk0yE_dfjHEPpUPLrHwMQW5UqxatIvEM7PkAEu6x_Ca6qklhEBHVFVbBb_G1QneABzdTnyUheDoFmEDRUObc2yhZvdR_q0YDMtwwfiWe6LbZSrkxY56V01Yb-Ghw_gLrnnIP3dXfIaVY_DNLMFctCCzduCM-qofDxk69d-vyMopd9kCF9brWUjFkdREiada5RUNJFC4wdq7dASxR-ogtgl_GDvKZfV0SLjCOC4Ze_V14EKUk468UFG-w3r8QWzz58nFyycT46XRIA3vJ7FUyui7dat9PMF23sE688n8IzPO1f6p0lL1bayj1D9xzUCyonyNqlwfK3r IP142.250.74.34:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240828&jk=85827468525952&bg=!QEOlQwzNAAakh3bWhIc7ADQBe5WfOGsH5KzO_KOgAVdRzWNzYRloyDt6jQt7i_YP9rzWd2jKo669AKWRQOXVtU6Thty0AgAAARtSAAAAB2gBB34ANexc2HQtjfaxjc1eHFDvxhj9ysTDwv9A2RObSFzrEuquefY-yXy8ZZP3xV8asSLGaDlMI9FvCgEhLOkJdDhp4Fwz5-LGn04IK1DB0JuIwg4aDUuzbfp6C-5rsnCtSDxlx7peuiy9B6vg-yf0QSww-DPfwTwbAE7R5qUSiKkd_aG44CoOO9m3Wa6U_vCfHreI6TZolGs2UopRvB1gSQqJtzdicyjAVsRwmCzvNSZ7qhMeu0G3l7bdt981KBlqeFao4RUEzyZJMpgmL_lp6LX1edJremXM8LD7p63jTs9B6kUhOOhyJ7lSwEBe728aGrQlRsGdlggyFpHn0ei41K-RfjfWg2MqTVh6YyV1XhCOhbvLgWyB6X9Ux4XeEJzfFFBEylBj-aEiBpv1jWimrgm3xEe0dP5Rdxwh7RlvJFVx9E8I5LSRJHEixhKLpRDhCR6vWb9pTGWcElMlGZkCKlMwpNP_Y5D_5v60xug0crA533146o-4B_fEevnxF7fazDLR5Fg2KLRNiQlCuCX7UMrl8F-F9SgGEEjtl4a8l19mNg-3vN2nTeyAlhk9TR-GOuJ7ZL3w9hsTw7l6RurK9Nv8NPcAoflXrXrTq__9sE1v3vpjA6YEWsetzDrDp_EPIQvaaMRey695QFifGpycsLyF7WH6-oqbQP5eudWvI8vNuG0GwvJ1Zy2D5NOPWaynF0b1TGX1P4e2M75dMLPN-sdihPdJa0_Ke3QpeQH3z1f-yX7MjBqFeUFFvjZSZ10HTwtaymUSOfVsjStOQgKSJk1PtCBQXioroFFfcm0moFT5aVv50_i8bzS_ijARtKdAfuPMKaEI7S0pbD4ZcfSge8Qt-ufHh4Ph6-Dnj2ZewaswLoyk0yE_dfjHEPpUPLrHwMQW5UqxatIvEM7PkAEu6x_Ca6qklhEBHVFVbBb_G1QneABzdTnyUheDoFmEDRUObc2yhZvdR_q0YDMtwwfiWe6LbZSrkxY56V01Yb-Ghw_gLrnnIP3dXfIaVY_DNLMFctCCzduCM-qofDxk69d-vyMopd9kCF9brWUjFkdREiada5RUNJFC4wdq7dASxR-ogtgl_GDvKZfV0SLjCOC4Ze_V14EKUk468UFG-w3r8QWzz58nFyycT46XRIA3vJ7FUyui7dat9PMF23sE688n8IzPO1f6p0lL1bayj1D9xzUCyonyNqlwfK3r HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 16:59:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123548830&h=&i=1725123548830&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123548830&h=&i=1725123548830&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123548830&h=&i=1725123548830&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:09 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqoquovtfMqtjFb7PwwX3ZFM9cuUiZvq8lWhaNtV9K4nlIG6ChhZ8otG2K%2FBxWYqFqfryQb5NTzo%2FYGKPKdejwgARuUlzKlfyT4WeeKa7anDl20M335CoPIwwHOBovFRQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91c49ae356b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123548831&h=&i=1725123548831&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123548831&h=&i=1725123548831&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123548831&h=&i=1725123548831&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:09 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dvQDfWEGxEla7PCcK%2F%2BkvTgjFoA%2F2eunwixOxRQrik29Fu69xICfbwF7PZGaDtMj6wZXPcgz2ZOtk7HuW0bg1cmg0Nmd3NvnCt%2BzSfOmLDfoLiUOOXi%2FepIB4e855XnNLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91c4aaf156b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123552020&h=&i=1725123552020&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123552020&h=&i=1725123552020&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123552020&h=&i=1725123552020&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:12 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzDNTyx4YmMtdODtV9M8DTL7Q0hJCUhFckYadG1fdjVZfphtTkTgFqeSUt3UKEwQhHU0UJYhxr64pWcR1w%2FbgbWbbi9nRzEu8VaPLNMgCOsB1rvwJO7rZQQi6Hdg2xXUxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91d88ed356b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123552031&h=&i=1725123552031&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123552031&h=&i=1725123552031&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123552031&h=&i=1725123552031&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:12 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNQoBvcpOV%2FiA0g9SABnUJvcINXAYJdglKFkXQucVpo%2BghM5lZBvo3Asj5MyZCBMG0vLtsJ%2Bc1iaZGKezQ1IWq7K2hQEuggjKCL%2FHV09ObhRePIYkRtXHDZ2gvicjjwaEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91d89ee356b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123555209&h=&i=1725123555209&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123555209&h=&i=1725123555209&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123555209&h=&i=1725123555209&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:15 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUkZt7HTAQ%2BAE9v9EbiNHD51iKPGLu96%2F6ngfzpyCJmn4EKY7PNj0qJRYNGqyFhpnbSDedw8gXb5bvSHxfV1hpafU6vxBb4qDmHjjxiWBfKT6e%2BIPLp1KRFy8wHfxfOJng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91ec7f4456b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123555221&h=&i=1725123555221&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | 204 No Content | 0 B |
URL GET HTTP/3diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123555221&h=&i=1725123555221&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerGoogle Trust Services Subjectdiclotrans.com FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2 ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=6&f=false&g=1725123555221&h=&i=1725123555221&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:15 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9doNuCQZjD5zcw5lkCVSntgxmkAPOXOIFq25nuBomRgpUfcAYOZnKjPc%2Byw%2BwT3uWfqnGj56jsHcETY8qeKZbPrNTnXnZPi%2FG%2Bx%2F20BhH6ZSnzI9PYsZamLVy4vqSSRKhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe91ec8f5f56b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.rotate4all.com/go/ptp | 199.85.209.178 | 302 Found | 5.8 kB |
URL GET HTTP/2www.rotate4all.com/go/ptp IP199.85.209.178:443
Requested byhttps://www.rotate4all.com/ptp/promote-288272 CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
Hash77ca9af943dbac7631010e10c9ad63eb 9ddc84182ddc728b758df944ae7fcf8439a51fff 00f99f6452a683a0b5a96a56bd71bf57872a7303d6f6cf18de7beacc20c42d85
GET /go/ptp HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=61875
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache
pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: dest_src=61875; path=/; domain=.rotate4all.com; secure; SameSite=None
location: https://www.22centsdailycycler.com/?edwarddavis
vary: User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 0 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.rotate4all.com/promo/assets/css/vendor_bundle.min.css?v=3.1.2 | 199.85.209.178 | | 5.1 kB |
URL www.rotate4all.com/promo/assets/css/vendor_bundle.min.css?v=3.1.2 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeASCII text, with very long lines (39482) Hash70a9d975e6a0e4b04805b088c68ebd50 98cfa1eba6ef1f0cac15acf572d15e8b49cbf441 8f01b932463b7573978bcf953385239df19935b20f0829fdcfb801b3e81a5bba
GET /promo/assets/css/vendor_bundle.min.css?v=3.1.2 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/promo/banners.php
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=50137
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 30 Aug 2020 07:05:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 30 Sep 2024 16:59:16 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 5055
content-type: text/css
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/promo/assets/css/custom/bmain.css?v=1.17 | 199.85.209.178 | | 8.1 kB |
URL www.rotate4all.com/promo/assets/css/custom/bmain.css?v=1.17 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeASCII text, with very long lines (7834) Hashb811e316e0056f98d7300e2f4b88ad49 ce0a7d5e6fa7e11a9887555ad05ca391f42975eb 37b883104890dc804c8628943565ed91cf71d8161739b62ab77efaac4e325df0
GET /promo/assets/css/custom/bmain.css?v=1.17 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/promo/banners.php
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=50137
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sat, 07 Aug 2021 18:54:58 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 30 Sep 2024 16:59:16 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 8076
content-type: text/css
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288 | 109.109.136.213 | | 16 kB |
URL appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288 IP109.109.136.213:0 ASN#205072 Layershift Limited
File typegzip compressed data, max speed, from Unix Hash25cc0b1814eb7308e458de82f47d9bdd e00eea51284f0a1b2d04a0a0461f9425c66cafce dd631c6e0b0a356b6aa453d13aa8acc599cef236196078a9a4b9297f51e01796
GET /static/inpage.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Sat, 31 Aug 2024 17:14:05 GMT
last-modified: Sat, 31 Aug 2024 16:59:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=b69b7737fc9de3bcfcefb724b85e82b2; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/promo/assets/css/core.min.css?v=3.1.2 | 199.85.209.178 | | 56 kB |
URL www.rotate4all.com/promo/assets/css/core.min.css?v=3.1.2 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeUnicode text, UTF-8 text, with very long lines (65516) Hash22ecd433748f51c3fd7f799c4ce1f054 7b1e61eec2d48399f7e4548f8314708f3ef74acf 40020c1200274352ebe672916f4d4711517b687f3a77f75cbeb04078ad9f321c
GET /promo/assets/css/core.min.css?v=3.1.2 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/promo/banners.php
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=50137
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 30 Aug 2020 07:05:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 30 Sep 2024 16:59:16 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 55527
content-type: text/css
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/promo/assets/js/custom/banners_functions.js?v1.1 | 199.85.209.178 | | 1.3 kB |
URL www.rotate4all.com/promo/assets/js/custom/banners_functions.js?v1.1 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeJavaScript source, ASCII text Hash55fffd7933bd6278907a2cbc0cc6a9dc 0c6d9e2886f4482d28bf7443d1fbfb32a9544365 087580e0ca5c0541cc9b05856622ba30358827bb1904ad7c5dbb5f3179e357f3
GET /promo/assets/js/custom/banners_functions.js?v1.1 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/promo/banners.php
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=50137
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 02 Jun 2024 08:32:56 GMT
accept-ranges: bytes
cache-control: max-age=1296000
expires: Sun, 15 Sep 2024 16:59:16 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-length: 1263
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/?edwarddavis | 107.190.135.178 | | 31 kB |
URL www.22centsdailycycler.com/?edwarddavis IP107.190.135.178:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4175), with CRLF, LF line terminators Hash77bb4b6270653341e916d413321e4581 582706bb2e5a72a7da1c4259f19c4f1ebe79ac17 16e5566e5617d6042b4ec84b8c3c2552c60ccbaba6a98f15565147914074b321
GET /?edwarddavis HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.rotate4all.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=d4b3993cb65490c93b98708779b742ef; path=/
content-length: 31370
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| static.rollercoin.com/static/img/ref/gen2/w460h60.gif | 104.26.9.232 | | 108 kB |
URL static.rollercoin.com/static/img/ref/gen2/w460h60.gif IP104.26.9.232:0
File typeGIF image data, version 89a, 460 x 60 Size108 kB (108437 bytes) Hashf4fa7fd347b9267d0c46cd3daaf96b4c 5cbeb2d945dc578e33aba4f578a2932ce72619e9 f5c9777020669f0f92d32371fb42c3716db19f8180e17541f111fff37bafd5f3
GET /static/img/ref/gen2/w460h60.gif HTTP/1.1
Host: static.rollercoin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 31 Aug 2024 16:59:16 GMT
content-type: image/gif
content-length: 108437
cf-bgj: imgq:100,h2pri
cf-polished: origSize=110563, status=vary_header_present
etag: "4dd22476cb6b4c33ef981455eeb4923c"
last-modified: Thu, 27 Apr 2023 12:14:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx00000984210975198ba03-0065f1fcd5-8d8bace0-nyc3c
x-envoy-upstream-healthchecked-cluster:
x-rgw-object-type: Normal
cache-control: max-age=1382400
cf-cache-status: HIT
age: 6989
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gt8aoDR%2F9JRuKNRd0S9jOvbFaDU%2B0ci0l40Xqfli%2F%2BaxkYg1hoefylWd98jFW53vJbVlMjCCEL%2B%2BwUF5AIxNb8uP7VYcMsEgqbHMi79nkZgzk9IWGP3hjA62Whc1i38U1EBPxYqTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow
server: cloudflare
cf-ray: 8bbe91f6fbef56aa-OSL
X-Firefox-Spdy: h2
|
|
| cdn.logwork.com/widget/countdown.js | 54.39.129.172 | | 319 B |
URL cdn.logwork.com/widget/countdown.js IP54.39.129.172:0
File typeJavaScript source, ASCII text, with very long lines (319), with no line terminators Hash54f05ba56c73460db65c002a229f8ab0 8aa869603bcd4f58ece767077684a3546b920af0 cdcf02532052dbd92b93f7a570fdc2eb576b6a1a3f9a169a1a9120b41a03282e
GET /widget/countdown.js HTTP/1.1
Host: cdn.logwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Aug 2024 16:59:16 GMT
Content-Type: application/javascript
Content-Length: 319
Last-Modified: Tue, 27 Apr 2021 11:04:31 GMT
Connection: keep-alive
ETag: "6087efbf-13f"
gzipenable: yes
Accept-Ranges: bytes
|
|
| www.22centsdailycycler.com/assets/vendors/animate/animate.min.css | 107.190.135.178 | | 84 kB |
URL www.22centsdailycycler.com/assets/vendors/animate/animate.min.css IP107.190.135.178:0
Hash8f6a0d1a63a3efde82d78da75011800a 644d3b12c37f7bc783e15260fd263662761606bb dec0a3fb2183a32d80fb227dfb43d85719e459b0abdc8156659c375fc7eb940d
GET /assets/vendors/animate/animate.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:41 GMT
accept-ranges: bytes
content-length: 83884
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/assets/owl.carousel.min.css | 107.190.135.178 | | 3.4 kB |
URL www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/assets/owl.carousel.min.css IP107.190.135.178:0
File typeASCII text, with very long lines (3184) Hashb2752a850d44f50036628eeaef3bfcfa fba46353cf90450ef3d362a123f1e7af3e8c561e 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
GET /assets/vendors/owl-carousel/dist/assets/owl.carousel.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:05 GMT
accept-ranges: bytes
content-length: 3351
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js | 142.250.74.164 | | 576 B |
URL www.google.com/recaptcha/api.js IP142.250.74.164:0
File typeJavaScript source, ASCII text, with very long lines (870), with no line terminators Hash3b5f93ea42b2b33f0f476861ffc256f1 ad10e082e850b434dd17c134aaed2158c9904b7e 70d2e2ad9b1274745168af4292aff03106fdc969b1a71ca6692d25202121a411
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 31 Aug 2024 16:59:16 GMT
date: Sat, 31 Aug 2024 16:59:16 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-nice-select/css/nice-select.css | 107.190.135.178 | | 4.0 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-nice-select/css/nice-select.css IP107.190.135.178:0
Hasha7ace323b9fc8a831a6e64feb23fa0b9 9317ad29306bc72eb3fa92981be8141fcd394e7c c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d
GET /assets/vendors/jquery-nice-select/css/nice-select.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:52 GMT
accept-ranges: bytes
content-length: 4007
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/just5cycler-icons/flaticon_just5cycler.css | 107.190.135.178 | 200 OK | 2.6 kB |
URL GET HTTP/2www.22centsdailycycler.com/assets/vendors/just5cycler-icons/flaticon_just5cycler.css IP107.190.135.178:443
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
Hash901930f73836b06e1c6aef5fbd7d2e8e 0da04f26e80920cd2c5e3c344b5fc6addbe5f9ad 6803493d9e41c845aec2e7c9de79b36df82b8938dd6aa31fe1afe3e40de3c378
GET /assets/vendors/just5cycler-icons/flaticon_just5cycler.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:54 GMT
accept-ranges: bytes
content-length: 2623
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/promo/assets/js/vendor_bundle.min.js?v3.1.2 | 199.85.209.178 | | 209 kB |
URL www.rotate4all.com/promo/assets/js/vendor_bundle.min.js?v3.1.2 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typegzip compressed data, from Unix Size209 kB (209299 bytes) Hashfb62e38542648771f313fff23ae2af62 af950531169e0c87ed6d8082ff067d8db733f9c4 dced62477d4b077acc7703e41a77e51a1758e5b923d0ca936c96bcd8c0814cba
GET /promo/assets/js/vendor_bundle.min.js?v3.1.2 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/promo/banners.php
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=50137
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 30 Aug 2020 07:05:52 GMT
accept-ranges: bytes
cache-control: max-age=1296000
expires: Sun, 15 Sep 2024 16:59:16 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css | 107.190.135.178 | | 171 kB |
URL www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css IP107.190.135.178:0
File typeASCII text, with very long lines (65393) Size171 kB (170590 bytes) Hashc28a3dbd51a1eecb99e1ecd64afd39f0 c938ac7e0856a9f863d45d6882addb25659fdc04 8f1c246b40732c10a564ee391854c195705ccfd18c6c8f44383e9d434170dfd6
GET /assets/vendors/fontawesome/css/all.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:50 GMT
accept-ranges: bytes
content-length: 170590
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/youtube-popup/youtube-popup.css | 107.190.135.178 | | 3.1 kB |
URL www.22centsdailycycler.com/assets/vendors/youtube-popup/youtube-popup.css IP107.190.135.178:0
Hashe674ef3f719a4689914b2e99717b8660 a0ac5022c0fe8b639ed2670545a317927fbb6244 761c0c46ba437c24fb3500f08bd6bb0dd7d8acadd2e2b8c4d7cc720f3ad88125
GET /assets/vendors/youtube-popup/youtube-popup.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:11 GMT
accept-ranges: bytes
content-length: 3070
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/bootstrap-datepicker/css/bootstrap-datepicker.min.css | 107.190.135.178 | | 16 kB |
URL www.22centsdailycycler.com/assets/vendors/bootstrap-datepicker/css/bootstrap-datepicker.min.css IP107.190.135.178:0
File typeASCII text, with very long lines (15543) Hashe69cf988c1f5545e1b1317154f356951 ac8766175bda564718ad37cc2c8b435e4b7e2988 b22c8ea45fe905650f8087108b5ed32c1923bcd80d400adc9b0241f18be40208
GET /assets/vendors/bootstrap-datepicker/css/bootstrap-datepicker.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:41 GMT
accept-ranges: bytes
content-length: 15731
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/js/just5cycler.js | 107.190.135.178 | | 11 kB |
URL www.22centsdailycycler.com/assets/js/just5cycler.js IP107.190.135.178:0
File typeJavaScript source, ASCII text Hash1398f5b7e0c1fb88c9d0daf27ffef9f1 a19f7761f8d3dfb71ace1d39daed1fae32ef342f d474c55f0bf3bdd4417512e4adf4337bd3949c0bc2f472f74b9b579604aa9ba8
GET /assets/js/just5cycler.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:48:34 GMT
accept-ranges: bytes
content-length: 11024
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/ion.rangeSlider/css/ion.rangeSlider.min.css | 107.190.135.178 | | 11 kB |
URL www.22centsdailycycler.com/assets/vendors/ion.rangeSlider/css/ion.rangeSlider.min.css IP107.190.135.178:0
File typeUnicode text, UTF-8 text, with very long lines (11083), with no line terminators Hash2b4160a5466fe5914370b6795e7a8b77 79aeb3848b7b6620b743781ab3b614fc9c727870 83b1e0a0cc92672a27b8fc074ce45ffae18711e3a6ed5448da47d75979499dca
GET /assets/vendors/ion.rangeSlider/css/ion.rangeSlider.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:38 GMT
accept-ranges: bytes
content-length: 11084
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/js/ie-emulation-modes-warning.js | 107.190.135.178 | | 2.1 kB |
URL www.22centsdailycycler.com/assets/js/ie-emulation-modes-warning.js IP107.190.135.178:0
File typeJavaScript source, ASCII text Hasha40552917752e3b9dbf39a67177f8dc1 8f5d06d7f8d9594e65a694d0d2b0776946954210 6d7c9f6ece6c8ae31d4ac7728f3db3813364d31b8e2ca8ee816bc57d20d46aea
GET /assets/js/ie-emulation-modes-warning.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 24 Nov 2015 16:37:04 GMT
accept-ranges: bytes
content-length: 2130
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/assets/owl.theme.default.min.css | 107.190.135.178 | | 1.0 kB |
URL www.22centsdailycycler.com/assets/vendors/owl-carousel/dist/assets/owl.theme.default.min.css IP107.190.135.178:0
File typeASCII text, with very long lines (846) Hash594b81805a98b267e47c70a8fad30d9f 684d84ec40b305ca14efc88c91f12972cb6342b4 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
GET /assets/vendors/owl-carousel/dist/assets/owl.theme.default.min.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:06 GMT
accept-ranges: bytes
content-length: 1013
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/promo/assets/js/core.min.js?v3.1.2 | 199.85.209.178 | | 78 kB |
URL www.rotate4all.com/promo/assets/js/core.min.js?v3.1.2 IP199.85.209.178:0
CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typegzip compressed data, from Unix Hash47425b9e143d2d24e487f5b467e33dc9 15180ec9109721aeebc849db6d2b4b26ce00a4d3 172c18fbaa7882b69013414113411f5099efc4fca37cda1072c32cb96c3673af
GET /promo/assets/js/core.min.js?v3.1.2 HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/promo/banners.php
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=50137
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sun, 30 Aug 2020 07:05:54 GMT
accept-ranges: bytes
cache-control: max-age=1296000
expires: Sun, 15 Sep 2024 16:59:16 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-ajaxchimp/jquery.ajaxchimp.min.js | 107.190.135.178 | | 2.4 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-ajaxchimp/jquery.ajaxchimp.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (2381), with no line terminators Hash36d1b0e5a3a7397b267e704beb2f7272 86df23e41520d19dd0c6928e4a5de89c1ae172a2 2dcc9f6916671ee0ee4c5f7c7b6f13c519189b65d371a39309c0d95b79050c28
GET /assets/vendors/jquery-ajaxchimp/jquery.ajaxchimp.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:43 GMT
accept-ranges: bytes
content-length: 2381
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/wow/wow.js | 107.190.135.178 | | 6.3 kB |
URL GET www.22centsdailycycler.com/assets/vendors/wow/wow.js IP107.190.135.178:0
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6269) Hash105fb3799fcf14f1ea8fcff23f2686dc 00a8a01378a8259b38cba29dc69ddf761450053f 704ae255ab62df5481884eb0db69b552c686e7094b21581b1cbc86a9b6c3800b
GET /assets/vendors/wow/wow.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:10 GMT
accept-ranges: bytes
content-length: 6299
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-nice-select/js/jquery.nice-select.min.js | 107.190.135.178 | | 2.9 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-nice-select/js/jquery.nice-select.min.js IP107.190.135.178:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2822) Hashd13462ec489f9f0c309a811f85feb3d6 d9545f8b139eae5b387de1a60a84abe949c7e88f 66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
GET /assets/vendors/jquery-nice-select/js/jquery.nice-select.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:53 GMT
accept-ranges: bytes
content-length: 2942
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/youtube-popup/youtube-popup.jquery.js | 107.190.135.178 | | 2.8 kB |
URL www.22centsdailycycler.com/assets/vendors/youtube-popup/youtube-popup.jquery.js IP107.190.135.178:0
File typeJavaScript source, ASCII text Hashe228eaaba52fa71b2009df8830a2493b 6a828b731ee22c969d8b9907abc6e9e82fea2ab7 08107dab454ad85916d0816b605712daf4b53099f29239899438972f2bf9dce2
GET /assets/vendors/youtube-popup/youtube-popup.jquery.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:47:12 GMT
accept-ranges: bytes
content-length: 2805
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-appear/jquery.appear.min.js | 107.190.135.178 | | 1.3 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-appear/jquery.appear.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (1266), with no line terminators Hash64531fe766285a4f78a602f316d52d48 9a0ace71a45e5546e2d3464f3439f563d865aed4 7212f627fb02a6e5780ddae7870b9b06906e322ba57b33a137444994f5fafb15
GET /assets/vendors/jquery-appear/jquery.appear.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:45 GMT
accept-ranges: bytes
content-length: 1266
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/css/just5cycler.css | 107.190.135.178 | | 299 kB |
URL www.22centsdailycycler.com/assets/css/just5cycler.css IP107.190.135.178:0
Size299 kB (299280 bytes) Hash8519eada286bc0d679f18e5684861d72 4112e0385eb140f2aeec45543fc39267a6ab5787 0a44ffa4f78fd2b7d7d6cb8a42b79018e7d225171605e7ac8d3855c4cb5544ee
GET /assets/css/just5cycler.css HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 12:20:40 GMT
accept-ranges: bytes
content-length: 299280
content-type: text/css
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/logo-light.png | 107.190.135.178 | | 8.7 kB |
URL GET www.22centsdailycycler.com/assets/images/logo-light.png IP107.190.135.178:0
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typePNG image data, 263 x 47, 8-bit/color RGBA, non-interlaced Hash6b3096a2642b25b147adc88f3077e6ae afe0082ab305474332e48af50d9b76f5bfd3747c 9763cef9557ad8c608830017c389706fb2fba4197bfc5047af8a89245d829d66
GET /assets/images/logo-light.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 09:32:32 GMT
accept-ranges: bytes
content-length: 8680
content-type: image/png
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-validated/jquery.validate.min.js | 107.190.135.178 | | 21 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-validated/jquery.validate.min.js IP107.190.135.178:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (20952) Hash3b00d60f87e893caf2649eff0d48813a fc82fb23ccece3522359fe88dad3569925b3379c 2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
GET /assets/vendors/jquery-validated/jquery.validate.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:52 GMT
accept-ranges: bytes
content-length: 21090
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/jquery-magnific-popup/jquery.magnific-popup.min.js | 107.190.135.178 | | 20 kB |
URL www.22centsdailycycler.com/assets/vendors/jquery-magnific-popup/jquery.magnific-popup.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (20087) Hashba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
GET /assets/vendors/jquery-magnific-popup/jquery.magnific-popup.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:49 GMT
accept-ranges: bytes
content-length: 20216
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/ion.rangeSlider/js/ion.rangeSlider.min.js | 107.190.135.178 | 200 OK | 41 kB |
URL GET HTTP/2www.22centsdailycycler.com/assets/vendors/ion.rangeSlider/js/ion.rangeSlider.min.js IP107.190.135.178:443
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41067) Hashb5c1f83e8e2c9fad4a9c7a7e8c34b2fa a1c7a35489061767940a66b546466ff5212a4625 67adfdac93b9ec1899cd00e55ac1b217e109dc5b379c3e2940f91f8a64f2dd2f
GET /assets/vendors/ion.rangeSlider/js/ion.rangeSlider.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:40 GMT
accept-ranges: bytes
content-length: 41171
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/bootstrap-datepicker/js/bootstrap-datepicker.min.js | 107.190.135.178 | | 34 kB |
URL www.22centsdailycycler.com/assets/vendors/bootstrap-datepicker/js/bootstrap-datepicker.min.js IP107.190.135.178:0
File typeJavaScript source, ASCII text, with very long lines (31941) Hash37807363a13de55c2184eb0777ff8b13 ac34b8e4a2363c231f5a0bb8224d69959efcbd4b 6ea55ea86749ee1fe560fabac6b3effd81b33046fa74dc657e24d41d28110a9f
GET /assets/vendors/bootstrap-datepicker/js/bootstrap-datepicker.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:49 GMT
accept-ranges: bytes
content-length: 33693
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.rotate4all.com/go/ptp | 199.85.209.178 | 302 Found | 44 kB |
URL GET HTTP/2www.rotate4all.com/go/ptp IP199.85.209.178:443
Requested byhttps://www.rotate4all.com/ptp/promote-288272 CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
File typeHTML document, ASCII text, with very long lines (31997), with CRLF, LF line terminators Hash257e8a85cfa48348f3760f065a5c5b79 bc0324966966d9c75cea6ee55fd5b77369008653 00112e1abf6cc7563fab7b9faa7bcf6b64a3489bed6359423080b7d73773746b
GET /go/ptp HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache
pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: dest_src=61875; path=/; domain=.rotate4all.com; secure; SameSite=None
location: https://www.22centsdailycycler.com/?edwarddavis
vary: User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:58:59 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,500;0,600;1,400;1,500&family=Red+Hat+Display:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap | 142.250.74.106 | | 83 kB |
URL fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,500;0,600;1,400;1,500&family=Red+Hat+Display:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap IP142.250.74.106:0
File typegzip compressed data, max compression Hashc9fdbf6282eae611b9041d8cb06c062b 46053583098b9378d62e361434ee581ed5b5e6aa f06741670cac6efce709cf012bd95b7b0175858343f87eea0b2543703d146e39
GET /css2?family=Open+Sans:ital,wght@0,400;0,500;0,600;1,400;1,500&family=Red+Hat+Display:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 31 Aug 2024 16:59:16 GMT
date: Sat, 31 Aug 2024 16:59:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.22centsdailycycler.com/assets/vendors/jquery/jquery-3.6.1.min.js | 107.190.135.178 | | 90 kB |
URL GET www.22centsdailycycler.com/assets/vendors/jquery/jquery-3.6.1.min.js IP107.190.135.178:0
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
GET /assets/vendors/jquery/jquery-3.6.1.min.js HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:43 GMT
accept-ranges: bytes
content-length: 89664
content-type: application/javascript
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js | 142.250.74.163 | | 217 kB |
URL www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js IP142.250.74.163:0
File typeJavaScript source, ASCII text, with very long lines (553) Size217 kB (216812 bytes) Hashb0878e919a5bca8858b4c1e59929452f 43d32e52807d59d2195d8ef6e33f909d58611e21 04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f
GET /recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 216812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Aug 2024 08:31:26 GMT
expires: Sun, 31 Aug 2025 08:31:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Aug 2024 04:00:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 30471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/why.png | 107.190.135.178 | | 199 kB |
URL www.22centsdailycycler.com/assets/images/why.png IP107.190.135.178:0
File typePNG image data, 526 x 554, 8-bit/color RGBA, non-interlaced Size199 kB (198789 bytes) Hash152f92e1049595667625b4fa1c11c70a 9a4c4528eaedc6a0409caceae2a211c9668232aa dd2ca2b2e95c44b3b0381d833271de71337a0a709e11870b0501cd95aba4730f
GET /assets/images/why.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 12:20:05 GMT
accept-ranges: bytes
content-length: 198789
content-type: image/png
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/wallet.png | 107.190.135.178 | | 244 kB |
URL www.22centsdailycycler.com/assets/images/wallet.png IP107.190.135.178:0
File typePNG image data, 570 x 460, 8-bit/color RGBA, non-interlaced Size244 kB (244186 bytes) Hash936d380d65fd542a19817d9530ecbbb6 c6b36dd3c3daf7df04a715e254d0feb2fd357e7b 4dbd0d614486866a0c309538a5ec110ab7ff5ccab9d0a153bb22fac216461aa1
GET /assets/images/wallet.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:19 GMT
accept-ranges: bytes
content-length: 244186
content-type: image/png
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/cryp.png | 107.190.135.178 | | 248 kB |
URL www.22centsdailycycler.com/assets/images/cryp.png IP107.190.135.178:0
File typePNG image data, 569 x 666, 8-bit/color RGBA, non-interlaced Size248 kB (247922 bytes) Hashffba429e1fb1398057e7485feaf4c730 1b533b5ff7f09e0cba4a5427642d370f1c4c6838 7e49f2285511f71cb47fae2b257993740bedf95e17905c7e9ef82a9f5c2065d8
GET /assets/images/cryp.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:18 GMT
accept-ranges: bytes
content-length: 247922
content-type: image/png
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/key.png | 107.190.135.178 | | 288 kB |
URL GET www.22centsdailycycler.com/assets/images/key.png IP107.190.135.178:0
Requested byhttps://www.22centsdailycycler.com/?edwarddavis CertificateIssuercPanel, Inc. Subject22centsdailycycler.com Fingerprint0B:00:8D:4B:B7:FA:FE:F2:AE:60:BF:56:2F:C9:8F:7F:B7:EC:E4:68 ValidityThu, 20 Jun 2024 00:00:00 GMT - Wed, 18 Sep 2024 23:59:59 GMT
File typePNG image data, 544 x 484, 8-bit/color RGBA, non-interlaced Size288 kB (288425 bytes) Hash38ca6e85326937ab1b12ee9c2c7746dc 5ed1122be995af1dbb93cf5665f80df6e78479fc 1c6bca9129c2b86ba63de87af4fedef6fb4f35fcc140529aca405119956a4495
GET /assets/images/key.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:09 GMT
accept-ranges: bytes
content-length: 288425
content-type: image/png
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.logwork.com/widget/countdown_api.js?v=202473116 | 54.39.129.172 | | 1.5 kB |
URL cdn.logwork.com/widget/countdown_api.js?v=202473116 IP54.39.129.172:0
File typeJavaScript source, ASCII text, with very long lines (4328), with no line terminators Hashba1e761e6f2ff160a98f72ae4859a01f c78272ccd5a79544d714ecf0a9af2941a5cea526 eaa549df4aeed94abfc03d6f99a6c2442f624a84d7e3ff85544745dc6f2df734
GET /widget/countdown_api.js?v=202473116 HTTP/1.1
Host: cdn.logwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Aug 2024 16:59:17 GMT
Content-Type: application/javascript
Last-Modified: Fri, 28 Jun 2024 16:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"667ee11c-10e8"
gzipenable: yes
Content-Encoding: gzip
|
|
| www.22centsdailycycler.com/assets/images/ams.png | 107.190.135.178 | | 304 kB |
URL www.22centsdailycycler.com/assets/images/ams.png IP107.190.135.178:0
File typePNG image data, 1920 x 2537, 8-bit/color RGB, non-interlaced Size304 kB (304044 bytes) Hash2c3e8f7dd206489a0dad02089fd29bc4 6499e98826a6e0c9029d1dc2e13fc2f9936f5f58 b3b2be6df7e2eb25f6ec030d098f19d0c2cb8f78dd709ebe3f6263cd0fc16a6c
GET /assets/images/ams.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 28 Jul 2024 12:13:55 GMT
accept-ranges: bytes
content-length: 304044
content-type: image/png
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 | 142.250.74.99 | | 29 kB |
URL fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 29072, version 1.0 Hashf9990e36d3040ce97f84bc02efec0207 8dbf32f495eb08a1171c60bb0aeb38a545d566a4 25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
GET /s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 22:29:48 GMT
expires: Wed, 27 Aug 2025 22:29:48 GMT
cache-control: public, max-age=31536000
age: 325769
last-modified: Thu, 24 Aug 2023 21:14:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.22centsdailycycler.com/assets/images/background/slider-3-1.png | 107.190.135.178 | | 305 kB |
URL www.22centsdailycycler.com/assets/images/background/slider-3-1.png IP107.190.135.178:0
File typePNG image data, 495 x 560, 8-bit/color RGBA, non-interlaced Size305 kB (305229 bytes) Hashd354218f1573fbdd033751947ae1aa9d e7fe8ec97d99a63160f5ed047c00c5597c1b1936 81dba408e83c6778c55f98e0e446e107fefa87713d05f08a5f496d52f4830625
GET /assets/images/background/slider-3-1.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:04:24 GMT
accept-ranges: bytes
content-length: 305229
content-type: image/png
date: Sat, 31 Aug 2024 16:59:17 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/shapes/slider-3-s-2.png | 107.190.135.178 | | 1.0 kB |
URL www.22centsdailycycler.com/assets/images/shapes/slider-3-s-2.png IP107.190.135.178:0
File typePNG image data, 85 x 24, 8-bit colormap, non-interlaced Hash4f9e637ca3218b4f702a0f2aece1979c 258fdde8fe4b226d4300f17aeb06c5017f003940 01ea30350dd50df1fe8474fb9bcf6c93d5b061147d5875c921bccdefe694b4f9
GET /assets/images/shapes/slider-3-s-2.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/css/just5cycler.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:44 GMT
accept-ranges: bytes
content-length: 1022
content-type: image/png
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/shapes/slider-3-s-1.png | 107.190.135.178 | | 598 B |
URL www.22centsdailycycler.com/assets/images/shapes/slider-3-s-1.png IP107.190.135.178:0
File typePNG image data, 17 x 120, 8-bit colormap, non-interlaced Hashaad5b5bd3aaa8925c20b552a3fd8bae4 edefe7f8672d4463156e89de7dfb0817b62df10c 4904576d91d2d80470abf23685f60db12a87cb7b5479874d2e0df366aef746c5
GET /assets/images/shapes/slider-3-s-1.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/css/just5cycler.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:42 GMT
accept-ranges: bytes
content-length: 598
content-type: image/png
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/shapes/slider-3-bg-1.png | 107.190.135.178 | | 541 kB |
URL www.22centsdailycycler.com/assets/images/shapes/slider-3-bg-1.png IP107.190.135.178:0
File typePNG image data, 1920 x 800, 8-bit/color RGBA, non-interlaced Size541 kB (540838 bytes) Hash21197025da081f8332dca31a9df5a94c 2df136b7a37d9c7545643a4aebd09be8dcc770a4 09df7f9efaf4d3cafcf69394b0d62fceee039feb5980a4e75f9cb602b3dde959
GET /assets/images/shapes/slider-3-bg-1.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/css/just5cycler.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:46 GMT
accept-ranges: bytes
content-length: 540838
content-type: image/png
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 | 142.250.74.99 | | 29 kB |
URL fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 29072, version 1.0 Hashf9990e36d3040ce97f84bc02efec0207 8dbf32f495eb08a1171c60bb0aeb38a545d566a4 25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
GET /s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 22:29:48 GMT
expires: Wed, 27 Aug 2025 22:29:48 GMT
cache-control: public, max-age=31536000
age: 325769
last-modified: Thu, 24 Aug 2023 21:14:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 | 142.250.74.99 | | 29 kB |
URL fonts.gstatic.com/s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 29072, version 1.0 Hashf9990e36d3040ce97f84bc02efec0207 8dbf32f495eb08a1171c60bb0aeb38a545d566a4 25ea6c91f8fbcbd412919dbb47da3e432622997eb37a3139fad5d21d59135962
GET /s/redhatdisplay/v19/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 22:29:48 GMT
expires: Wed, 27 Aug 2025 22:29:48 GMT
cache-control: public, max-age=31536000
age: 325769
last-modified: Thu, 24 Aug 2023 21:14:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 19:59:36 GMT
expires: Wed, 27 Aug 2025 19:59:36 GMT
cache-control: public, max-age=31536000
age: 334781
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.22centsdailycycler.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Aug 2024 19:59:36 GMT
expires: Wed, 27 Aug 2025 19:59:36 GMT
cache-control: public, max-age=31536000
age: 334781
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.22centsdailycycler.com/assets/images/shapes/slider-3-s-3.png | 107.190.135.178 | | 731 B |
URL www.22centsdailycycler.com/assets/images/shapes/slider-3-s-3.png IP107.190.135.178:0
File typePNG image data, 79 x 64, 8-bit colormap, non-interlaced Hash4e4e4fadc2748f51aa13bdaa45d0d9a4 7495c138096ae24a58e019b5db8c2f6d01233b2d 37c92e239045ad72baaa88abe2a4d5197ba216c17793f33da4337abd73e0f29a
GET /assets/images/shapes/slider-3-s-3.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/css/just5cycler.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:45 GMT
accept-ranges: bytes
content-length: 731
content-type: image/png
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| logwork.com/widget/countdown/?text=ANNIVERSARY%20COUNTDOWN%20TIMER&timezone=America%2FNew_York&width=&style=circles&uid=222957&loc=https://logwork.com/countdown-18ka&language=&textcolor=%23ffa033&background=%23b95314&date=2024-08-19%2011%3A30&digitscolor=%231f2a22&unitscolor=%23563826&url=https://www.22centsdailycycler.com/ | 54.39.129.172 | | 1.6 kB |
URL logwork.com/widget/countdown/?text=ANNIVERSARY%20COUNTDOWN%20TIMER&timezone=America%2FNew_York&width=&style=circles&uid=222957&loc=https://logwork.com/countdown-18ka&language=&textcolor=%23ffa033&background=%23b95314&date=2024-08-19%2011%3A30&digitscolor=%231f2a22&unitscolor=%23563826&url=https://www.22centsdailycycler.com/ IP54.39.129.172:0
File typeJavaScript source, ASCII text Hashb21b6f196a24e2c16fb3f08c293ad5bb 04e5e916f009c799e73c0ffc4a01293a476535e9 7ed4edc49ad976924c585ed2f0b95655c64bc8b8e38e1fd7b277f0b115ddde05
GET /widget/countdown/?text=ANNIVERSARY%20COUNTDOWN%20TIMER&timezone=America%2FNew_York&width=&style=circles&uid=222957&loc=https://logwork.com/countdown-18ka&language=&textcolor=%23ffa033&background=%23b95314&date=2024-08-19%2011%3A30&digitscolor=%231f2a22&unitscolor=%23563826&url=https://www.22centsdailycycler.com/ HTTP/1.1
Host: logwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Aug 2024 16:59:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
|
|
| www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-brands-400.woff2 | 107.190.135.178 | | 76 kB |
URL www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-brands-400.woff2 IP107.190.135.178:0
File typeWeb Open Font Format (Version 2), TrueType, length 76008, version 330.-16253 Hashc4af52f53368b81cc3ea577f37f9a916 c3f74ba2dc7b1a65db133419f99aed7de1645342 ec2e22fd918a8ffef0f54f466fb7edd2c586f39dad794cd25a0a97ce36c404d2
GET /assets/vendors/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:45:54 GMT
accept-ranges: bytes
content-length: 76008
content-type: font/woff2
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/shapes/slider-3-s-4.png | 107.190.135.178 | | 299 B |
URL www.22centsdailycycler.com/assets/images/shapes/slider-3-s-4.png IP107.190.135.178:0
File typePNG image data, 20 x 20, 8-bit colormap, non-interlaced Hash0c91234da3a0630a6e32166867b6b209 4463c5f76a35f369f73a41c33122fc3e01ac288b 14b76bf1f2344adefd59bc84b20501f83ee248f70157812da393a85a66ee39bb
GET /assets/images/shapes/slider-3-s-4.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/css/just5cycler.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:46 GMT
accept-ranges: bytes
content-length: 299
content-type: image/png
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2 | 107.190.135.178 | | 138 kB |
URL www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2 IP107.190.135.178:0
File typeWeb Open Font Format (Version 2), TrueType, length 137704, version 330.-16253 Size138 kB (137704 bytes) Hashe245d7d62db89a9912e17b02bc23e256 48d7c4e403b41453d2df167450e7bcb8cfe4f7cb 68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a
GET /assets/vendors/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:33 GMT
accept-ranges: bytes
content-length: 137704
content-type: font/woff2
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/background/banner-shape.png | 107.190.135.178 | | 207 kB |
URL www.22centsdailycycler.com/assets/images/background/banner-shape.png IP107.190.135.178:0
File typePNG image data, 1888 x 900, 8-bit/color RGBA, non-interlaced Size207 kB (207381 bytes) Hashb75546215e24b8043c5b5eb2ca5439fc d148755ce94360f44b7b0c3b5591ac0d5d9d6c80 5639e9dbc87087e3dfd73ac9335eb8fa1aaa8dd1c98b65ab8f9f68ed2fbedfeb
GET /assets/images/background/banner-shape.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:04:05 GMT
accept-ranges: bytes
content-length: 207381
content-type: image/png
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | | 15 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 17:41:06 GMT
expires: Sat, 30 Aug 2025 17:41:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 83892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.99 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.99:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Aug 2024 19:29:01 GMT
expires: Thu, 28 Aug 2025 19:29:01 GMT
cache-control: public, max-age=31536000
age: 250217
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.22centsdailycycler.com/assets/images/background/service-4-bg-1.jpg | 107.190.135.178 | | 31 kB |
URL www.22centsdailycycler.com/assets/images/background/service-4-bg-1.jpg IP107.190.135.178:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1249, components 3 Hashe76e66b3f7ccd2438d3565ec3f6d2a36 b2d5876c7b53b8cd22959a5709f5e66ff8893e0b c64663f26628a51f21ac32bc9a029bccccd9e72ef60ae838c12df364a7fe5e82
GET /assets/images/background/service-4-bg-1.jpg HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:04:19 GMT
accept-ranges: bytes
content-length: 31071
content-type: image/jpeg
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/embed.js | 142.250.74.142 | | 21 kB |
URL www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/embed.js IP142.250.74.142:0
File typeJavaScript source, ASCII text, with very long lines (3391) Hashc9d372ee5a18bf13e7044cccc423c04d 5602305070994f39320e6bec14a29007b1f199ab d29abbaa974fe8e54a264aaf59d26e0ca5996019a5a9ca8a16d845d7d839dba9
GET /s/player/57c75fa4/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 20656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 06:39:13 GMT
expires: Sat, 30 Aug 2025 06:39:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 123605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.rotate4all.com/go/ptp | 199.85.209.178 | 302 Found | 49 kB |
URL GET HTTP/2www.rotate4all.com/go/ptp IP199.85.209.178:443
Requested byhttps://www.rotate4all.com/ptp/promote-288272 CertificateIssuerLet's Encrypt Subjectrotate4all.com Fingerprint81:BE:FB:50:EB:F7:09:06:65:BF:7C:FD:DC:01:0F:E3:EC:7C:C5:A1 ValidityTue, 30 Jul 2024 01:07:04 GMT - Mon, 28 Oct 2024 01:07:03 GMT
Hash1b36f21a6b7c7de7687cf8fcef0ea250 3f11c2b14a17615480051a339a64e26389ad121f 3a2a4532ef9a544c67490434da0f5e9abd7457377a2428d0ccdd25218f59491a
GET /go/ptp HTTP/1.1
Host: www.rotate4all.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.rotate4all.com/ptp/promote-288272
Cookie: recog=29d4440b57d037792ae7673341e26c87; real_input=c94d252d8aa91cd92f3ae836df7e0e5d; visit_session=1fa920698838c653e506e80812a2b9ade7a5c800; referral=BASEL2025; refid=NVVRU0hVWHpyY2x6U2J3TWNzaThjZz09; http_referrer=cXk3QmdNT3NDelJsemlrakowdE5BN0hXN3hkQjM0YkRDNlZuek5lb3hkWT0%253D; dest_src=61875
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
cache-control: no-store, no-cache
pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: dest_src=50137; path=/; domain=.rotate4all.com; secure; SameSite=None
location: https://www.rotate4all.com/promo/banners.php
vary: User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: CP="No P3P policy"
content-type: text/html; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:16 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/background/super-bg.png | 107.190.135.178 | | 127 kB |
URL www.22centsdailycycler.com/assets/images/background/super-bg.png IP107.190.135.178:0
File typePNG image data, 1920 x 617, 8-bit/color RGB, non-interlaced Size127 kB (126636 bytes) Hash06af79428cbcd0007861ffbde3cf4b52 1e2be9144a4bf39d958ca8d26d3cf006df7056f8 8ce5c12e57cbe3f5e3565c62f6fc67203e23aca22261517f7252781d1266fb00
GET /assets/images/background/super-bg.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:04:27 GMT
accept-ranges: bytes
content-length: 126636
content-type: image/png
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/images/shapes/footer-bg-3-1.png | 107.190.135.178 | | 114 kB |
URL www.22centsdailycycler.com/assets/images/shapes/footer-bg-3-1.png IP107.190.135.178:0
File typePNG image data, 1920 x 627, 8-bit/color RGBA, non-interlaced Size114 kB (113809 bytes) Hash255289935dcab6724c8307ae8b0e930d a142f21b9043cf58da4f6294fe44f308844621de 960eb0c96cfafc35574a4a37ed6dd56afd1003354500850660a96c59837c1289
GET /assets/images/shapes/footer-bg-3-1.png HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/css/just5cycler.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Aug 2023 14:03:35 GMT
accept-ranges: bytes
content-length: 113809
content-type: image/png
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2 | 107.190.135.178 | | 170 kB |
URL www.22centsdailycycler.com/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2 IP107.190.135.178:0
File typeWeb Open Font Format (Version 2), TrueType, length 169732, version 330.-16253 Size170 kB (169732 bytes) Hash983a20d28fbf8fbc27cfeb096f0ebd85 c203f41e912f98d28decd9ebaf5aa287f4094c5a ec686d1012de783a5024affc9215692642a7b25af322ecc177062632902e6cd5
GET /assets/vendors/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/assets/vendors/fontawesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 08:46:26 GMT
accept-ranges: bytes
content-length: 169732
content-type: font/woff2
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/57c75fa4/www-embed-player.vflset/www-embed-player.js | 142.250.74.142 | | 100 kB |
URL www.youtube.com/s/player/57c75fa4/www-embed-player.vflset/www-embed-player.js IP142.250.74.142:0
File typeJavaScript source, ASCII text, with very long lines (809) Hash49d7c04519fa784bc16129e83f0bcf18 5f108a8f1326ccdca660fbec28e1284fa47e8914 0852366b4598bf10a346a2a84b70ec4bb62b9c17eb09fdc0045027eb3741f747
GET /s/player/57c75fa4/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99977
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 08:16:14 GMT
expires: Sat, 30 Aug 2025 08:16:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 117784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| web.logwork.com/cores/219/tpl/main/widget/countdown/css/circles.css?v1 | 54.39.129.172 | | 384 B |
URL web.logwork.com/cores/219/tpl/main/widget/countdown/css/circles.css?v1 IP54.39.129.172:0
File typeassembler source, ASCII text Hashf36f80a6f0bbeec3d3fa2bd9106bd6c8 542aa40db43a350cdb3a6460c2629760053d0c2d ca118c0833a218e941dd4c4cbabc3b60cd81b2ffa93ebde9cbcf4edca9c96627
GET /cores/219/tpl/main/widget/countdown/css/circles.css?v1 HTTP/1.1
Host: web.logwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://logwork.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Aug 2024 16:59:18 GMT
Content-Type: text/css
Content-Length: 384
Last-Modified: Wed, 11 Aug 2021 17:32:07 GMT
Connection: keep-alive
ETag: "61140997-180"
Expires: Sun, 31 Aug 2025 16:59:18 GMT
minify: yes
Cache-Control: max-age=31536000, public, no-transform
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Accept-Ranges: bytes
|
|
| web.logwork.com/cores/219/tpl/main/widget/countdown/js/circles.js | 54.39.129.172 | | 2.3 kB |
URL web.logwork.com/cores/219/tpl/main/widget/countdown/js/circles.js IP54.39.129.172:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (4837), with no line terminators Hash5b4669093d961d344d04edbd56f8beb0 26af224bd2e4244a9f961639dc740e11602004ff 5281e66fdfb95e469e9b190f8c1830c717db27090ceaed2d29540fab11b6f490
GET /cores/219/tpl/main/widget/countdown/js/circles.js HTTP/1.1
Host: web.logwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://logwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Aug 2024 16:59:18 GMT
Content-Type: application/javascript
Last-Modified: Fri, 28 Jun 2024 16:13:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"667ee11c-13ff"
Expires: Sun, 31 Aug 2025 16:59:18 GMT
minify: yes
Cache-Control: max-age=31536000, public, no-transform
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Content-Encoding: gzip
|
|
| www.22centsdailycycler.com/assets/images/background/about-3-bg-1-1.jpg | 107.190.135.178 | | 2.3 MB |
URL www.22centsdailycycler.com/assets/images/background/about-3-bg-1-1.jpg IP107.190.135.178:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1920x761, components 3 Size2.3 MB (2253229 bytes) Hash5618b9c67b945ea3c1a46a6fa2c246bc 08ea71bae17d0a720b6853b7f344810e0ce82ee7 520eeead02a3a857b3b4aad3b8e330e67025806a7795e16dede16f5b7e12573d
GET /assets/images/background/about-3-bg-1-1.jpg HTTP/1.1
Host: www.22centsdailycycler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.22centsdailycycler.com/?edwarddavis
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Aug 2023 08:31:23 GMT
accept-ranges: bytes
content-length: 2253229
content-type: image/jpeg
date: Sat, 31 Aug 2024 16:59:18 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123558419&h=&i=1725123558419&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123558419&h=&i=1725123558419&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123558419&h=&i=1725123558419&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:18 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UfGOgSHAKuCMKxCWmqn5STTZTOHo11aew6G0F42IDA40AXZys8kc8Ln%2FZSSULXpT3IKIfreKjDbM3MNjERdfUGw2XdmvGGQXQASEDIiOGu0AimXd1%2FJ5hxtyEtryEXyWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe92018bb556b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123558399&h=&i=1725123558399&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123558399&h=&i=1725123558399&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123558399&h=&i=1725123558399&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:18 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQrrBf%2B6hJrVqpBNySk1bE2JYyO9caMKlZbgzgZ3lgtcN3VEjAdNLf%2FPVkWJ9wF20T3TuNAbKQQrQxOi6xnQ7K7AhW%2Bv3dleulLxFTEa%2F3vBsyCjBBJHNGfZKxergSs7AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe92018bb356b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/base.js | 142.250.74.142 | | 772 kB |
URL www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/base.js IP142.250.74.142:0
File typeJavaScript source, ASCII text, with very long lines (534) Size772 kB (771666 bytes) Hash566e055089daeede8ca5bf4abca1e215 24bc691fa16c6c91dcc8027b38bedf0f7ed76c40 a03f98bb7203114e888a61a8f3a85f3ca7e76c426a18ac5350806fbfd6414364
GET /s/player/57c75fa4/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 771666
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 22:25:16 GMT
expires: Fri, 29 Aug 2025 22:25:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 153242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | | 0 B |
URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 31 Aug 2024 16:59:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| i.ytimg.com/vi_webp/jOT7NGAvyiE/default.webp | 216.58.211.22 | | 2.3 kB |
URL i.ytimg.com/vi_webp/jOT7NGAvyiE/default.webp IP216.58.211.22:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp Hashcf7c7953067bd046bc981619c979d7df 3945228904da795fed4ee324900fb2399eef7f0a 09290b8343d01a59f54652faa37d6a72e37b86ffd975c1d3e199389fec17e97e
GET /vi_webp/jOT7NGAvyiE/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Aug 2024 16:13:45 GMT
expires: Sat, 31 Aug 2024 18:13:45 GMT
cache-control: public, max-age=7200
age: 2734
etag: "1721447945"
content-type: image/webp
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/remote.js | 142.250.74.142 | | 34 kB |
URL www.youtube.com/s/player/57c75fa4/player_ias.vflset/en_US/remote.js IP142.250.74.142:0
File typeJavaScript source, ASCII text, with very long lines (543) Hash7b2eb4c7a3d269ecfaa324bc87082bce 0bfadc7dcbbe79842c7406a2dae482ae297e3d53 bcc0085f28c0b771cbb8ea181f1a36269596bace4170eb55394d6ac32ac5631f
GET /s/player/57c75fa4/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33645
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Aug 2024 15:10:08 GMT
expires: Sun, 31 Aug 2025 15:10:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Aug 2024 04:19:14 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 6551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/th/zF_vPuIB9TmKXIhqGvs4Q-1RpaRIMS8epygYjX9fevg.js | 142.250.74.164 | | 21 kB |
URL www.google.com/js/th/zF_vPuIB9TmKXIhqGvs4Q-1RpaRIMS8epygYjX9fevg.js IP142.250.74.164:0
File typeJavaScript source, ASCII text, with very long lines (53334) Hashc7cf89c6ca328be8ad23c88b64dc5da4 ee4fd726e34b5d0c125143219171cc9e95b0219d cc5fef3ee201f5398a5c886a1afb3843ed51a5a448312f1ea728188d7f5f7af8
GET /js/th/zF_vPuIB9TmKXIhqGvs4Q-1RpaRIMS8epygYjX9fevg.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20862
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 02:35:56 GMT
expires: Sat, 30 Aug 2025 02:35:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Aug 2024 10:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 138203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | | 43 kB |
URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
Hash528169f9077b39c2cf4a3710f909d34f 6f1ad1f772156f46081ffe0ea6f263bbb2e4410f 92875504377c2edb8f7790e052e8aafa7a95c28cc0f6e4d23de25825f69fb5f0
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:19 GMT
server: ESF
cache-control: private
content-length: 42910
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 0 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:20 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 0 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:20 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | | 0 B |
URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 31 Aug 2024 16:59:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 131 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1099
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:20 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 131 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 418
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:20 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | | 114 B |
URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
Hash94bfd2c085e82cbb562a73f6f6479f96 19ec8e5a7a143af35c780a248849da68bff35bfc feae7b32ada7be392e31ec81416d33634c277b714bdbfcd2c0ec98b5d4cf3827
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1014
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:20 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/generate_204?065MVg | 142.250.74.142 | | 0 B |
URL www.youtube.com/generate_204?065MVg IP142.250.74.142:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?065MVg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 31 Aug 2024 16:59:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 0 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Aug 2024 16:59:20 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| play.google.com/log?format=json&hasfast=true&authuser=0 | 142.250.74.142 | | 131 B |
URL play.google.com/log?format=json&hasfast=true&authuser=0 IP142.250.74.142:0
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 411
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 31 Aug 2024 16:59:20 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| yt3.ggpht.com/VFFnnFQes4tginFVR9JBjW_o3cxyh9sG3a1wTZFTCj8P0LgkTUkpOp37z1Z2AckO5d5uGo0Ueg=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | | 1.6 kB |
URL yt3.ggpht.com/VFFnnFQes4tginFVR9JBjW_o3cxyh9sG3a1wTZFTCj8P0LgkTUkpOp37z1Z2AckO5d5uGo0Ueg=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3 Hash06ba8099a15aa6db018780bd1f32114f c5d5fe5b8b5ab150ce1632a276971db142b276e4 251ef1e8bba4b087c3a0b1fca61ee2ad5de0e9157213605b9eba3e5c25dee6ec
GET /VFFnnFQes4tginFVR9JBjW_o3cxyh9sG3a1wTZFTCj8P0LgkTUkpOp37z1Z2AckO5d5uGo0Ueg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 1556
x-xss-protection: 0
date: Sat, 31 Aug 2024 14:50:33 GMT
expires: Sun, 01 Sep 2024 14:50:33 GMT
cache-control: public, max-age=86400, no-transform
age: 7727
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123561764&h=&i=1725123561764&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123561764&h=&i=1725123561764&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123561764&h=&i=1725123561764&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:21 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sETZirXu%2BprMJbOgZFaksuGMQDvr1kvQx%2FuvB0%2Bp4P7ngwLpic%2BgS%2BbbQtDlL3S4NIsvwSemUcO773ggxtk9ZkJhDt38ZQOFTAUWLVHhkINbM4gPanYVRsfoPT%2B6XP%2BFdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe92156d8b56b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123561769&h=&i=1725123561769&j=&k=&l=&m=&n=&err=0000000000000 | 188.114.96.1 | | 0 B |
URL diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123561769&h=&i=1725123561769&j=&k=&l=&m=&n=&err=0000000000000 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=8&f=false&g=1725123561769&h=&i=1725123561769&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 31 Aug 2024 16:59:21 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SbcBwqfTN6BmNUFem%2BdMp4fUfbfaA6vCaLgIDbsnVpaVdCSzUDX8FYZtHns5WQI%2Blf3ErnzXvsZL2fp0RfLB0HwcVaARgMs1WpgWqFuCfMt6tFeYJZh30LlIgcK7ugZsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bbe92157d9256b4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.142 | | 31 B |
URL www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.142:0
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1725123562788
Content-Type: application/json
X-Goog-Visitor-Id: CgtaUDgwQk9wdVpONCjll822BjIiCgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240827.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1725123558548&flash=0&frm=2&u_tz&u_his=8&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C300%2C169&vis=1&wgl=true&ca_type=image
Content-Length: 10688
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/jOT7NGAvyiE?si=2ArbcmXVDA-2NcP2
Cookie: YSC=ry43SeDp94w; VISITOR_INFO1_LIVE=ZP80BOpuZN4; VISITOR_PRIVACY_METADATA=CgJOTxIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgXQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sat, 31 Aug 2024 16:59:22 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| teleearnings.odoo.com/saas_website/static/src/lib/owl_version.js | 57.128.126.127 | 200 OK | 792 B |
URL GET HTTP/2teleearnings.odoo.com/saas_website/static/src/lib/owl_version.js IP57.128.126.127:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subject*.odoo.com Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1 ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT
File typeJavaScript source, ASCII text, with very long lines (819), with no line terminators Hash80186f230c77d43c095eefbeb865a0ae 92ed88ef7e4059bc2b5e22cd7c61b3d2f96ba148 5038afe9c8717a2c7952eb91edf021acc1b165d06bb901cc5ebff68966a1f3ec
GET /saas_website/static/src/lib/owl_version.js HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/web/assets/1/e46f038/web.assets_frontend_lazy.min.js
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 31 Aug 2024 16:59:05 GMT
content-type: application/javascript
last-modified: Thu, 14 Mar 2024 21:50:28 GMT
etag: W/"65f37124-318"
expires: Sat, 31 Aug 2024 17:59:05 GMT
cache-control: max-age=3600
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| code.adclickppc.com/7s-native-ad.js | 89.117.21.238 | 200 OK | 8.8 kB |
URL GET HTTP/2code.adclickppc.com/7s-native-ad.js IP89.117.21.238:443
Requested byhttps://teleearnings.odoo.com/ CertificateIssuerLet's Encrypt Subjectcode.adclickppc.com Fingerprint88:4C:69:BF:59:87:3B:24:A1:34:88:3D:DC:4B:9F:7E:8D:4B:B2:1B ValidityThu, 22 Aug 2024 07:23:01 GMT - Wed, 20 Nov 2024 07:23:00 GMT
File typeJavaScript source, ASCII text, with very long lines (9139), with no line terminators Hash099c74929602170cd02556925ecdb200 2a01109e0f96e9a4bd28faf4ea4a1da57445b861 824eccf0907c1230557bdb4a796e89813aaf714574014de4276975328ac04803
GET /7s-native-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "228d-669e157a-a0095f;br"
last-modified: Mon, 22 Jul 2024 08:16:58 GMT
content-type: text/javascript
content-length: 3814
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Aug 2024 16:59:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
0.0.0.0