r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17288
Expires: Sun, 05 Feb 2023 04:12:03 GMT
Date: Sat, 04 Feb 2023 23:23:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13745
Expires: Sun, 05 Feb 2023 03:13:00 GMT
Date: Sat, 04 Feb 2023 23:23:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 22:36:16 GMT
content-type: application/json
age: 2859
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ancensored.com/movies/
88.214.194.140404 Not Found 16 kB IP 88.214.194.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1311), with CRLF, LF line terminators
Hash 643fa8010aec1e1e7bec671de9ae9975
6317a8869112f45906b8b3ad012a703b03e73b4b
4f1f3f963841be3c80ca6c53e08883c11cf4d337076cd30215c078b40637e87a
GET /movies/ HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; path=/; domain=.ancensored.com; HttpOnly
_csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D; path=/; HttpOnly
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5498
Expires: Sun, 05 Feb 2023 00:55:33 GMT
Date: Sat, 04 Feb 2023 23:23:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /bp4kPE1bmthtSeF56tylShjLdcFJWn3z48G7oZA9lZHHtdLdqnOtFcRNOnv7XUEljyKgWL2sOE=
x-amz-request-id: BEHJ0KZPCMHJY5CD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 22:53:01 GMT
age: 1854
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 23:23:55 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/ui/1.10.3/jquery-ui.js
69.16.175.42200 OK 107 kB URL HTTP/1.1 code.jquery.com/ui/1.10.3/jquery-ui.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (840)
Size 107 kB (106766 bytes)
Hash 6d02c84ef577ce34a723a6311a74cf22
33ff30eca74203d9ad2e5b6e380d160a54edcf9c
3139dd4625f05562ea4491bdcfef505f8b59849c8257b3495ba5435af7e2c1cf
GET /ui/1.10.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 23:23:56 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 106766
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"28feccc0-6a684"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1675553036.dop016.sk1.t,1675553036.cds238.sk1.c
s.sharethis.com/loader.js
143.204.55.123301 Moved Permanently 167 B URL HTTP/1.1 s.sharethis.com/loader.js
IP 143.204.55.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /loader.js HTTP/1.1
Host: s.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://s.sharethis.com/loader.js
X-Cache: Redirect from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4yszV64fDJffHvrN7sDIm55oqhGtlMZFU6HjMtTE7a9JQnnVEeHTNA==
w.sharethis.com/button/buttons.js
54.230.111.82200 OK 27 kB URL HTTP/2 w.sharethis.com/button/buttons.js
IP 54.230.111.82:0
File type ASCII text, with very long lines (998)
Hash ba4a50855861e56387e28b35502d2bf2
64917678ad3b850a1da3f4865c3d165599110420
5cba06e63e6f218b5a9b228b2979014add3373dffe480854cc71bbd4a933ed7c
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ancensored.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 26736
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sat, 04 Feb 2023 06:55:45 GMT
cache-control: max-age=259200
expires: Tue, 07 Feb 2023 06:55:45 GMT
etag: W/"63d98895-19e60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hhWUmRFPry7rY-BrfnuLpRMcjGbOOquUG_ZYMWDzM5fB4CB7_Nq0MA==
age: 59291
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ancensored.com/css/fonts_en.css?v=1468041936
88.214.194.140200 OK 3.6 kB URL HTTP/1.1 ancensored.com/css/fonts_en.css?v=1468041936
IP 88.214.194.140:0
Hash 071f6848629eba66cdd0666570225c91
13ddf26bd698eecf86226a53629b4eff4322d915
626a9ded0264925f44d888cd0c65eaca17ef53b891b687f771cd176616e02d9d
GET /css/fonts_en.css?v=1468041936 HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/movies/
Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; _csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D
HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: text/css
Content-Length: 3609
Last-Modified: Sat, 09 Jul 2016 05:25:36 GMT
Connection: keep-alive
ETag: "57808ad0-e19"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
ancensoredcloud2.xyz/script.js
88.214.233.122200 OK 11 B URL HTTP/1.1 ancensoredcloud2.xyz/script.js
IP 88.214.233.122:0
File type ASCII text, with no line terminators
Hash 34d7b4de1f7965d0eb0f87860926776a
2a14414b596f0157bc81bfc8bc823251a22f4bb9
455047b8cccc19861adeff2309b12ad4ae54302b04375d5af86195bc8a18fa5f
GET /script.js HTTP/1.1
Host: ancensoredcloud2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 23:23:58 GMT
Content-Type: application/x-javascript
Content-Length: 11
Last-Modified: Wed, 11 Nov 2020 17:49:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
ancensored.com/css/style.min.css?v=1529997456
88.214.194.140200 OK 372 kB URL HTTP/1.1 ancensored.com/css/style.min.css?v=1529997456
IP 88.214.194.140:0
File type ASCII text, with very long lines (65354)
Size 372 kB (372473 bytes)
Hash 0189928cfc42050a14147b368bfece74
f973998fa85d7b6ace78992f085f91ea740ef984
614864c0eee179793c4e167af1ec3625ac52cc6ef44c317bf3d7db2352157727
GET /css/style.min.css?v=1529997456 HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/movies/
Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; _csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D
HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:55 GMT
Content-Type: text/css
Content-Length: 372473
Last-Modified: Tue, 26 Jun 2018 07:17:36 GMT
Connection: keep-alive
ETag: "5b31e890-5aef9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 22:49:07 GMT
age: 2089
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14297
Expires: Sun, 05 Feb 2023 03:22:13 GMT
Date: Sat, 04 Feb 2023 23:23:56 GMT
Connection: keep-alive
ancensored.com/js/script.all.js?v=1572541005
88.214.194.140200 OK 695 kB URL HTTP/1.1 ancensored.com/js/script.all.js?v=1572541005
IP 88.214.194.140:0
File type ASCII text, with very long lines (526)
Size 695 kB (694824 bytes)
Hash 0ac1d8490e28a46b704484108b799a4c
2c5b48dab44bc9313314a8d2e36b73384a31436b
bba8534b5d21ba3d5962aa86f8ca4a68c1c302053fe687bea7d50d6d20c58a85
GET /js/script.all.js?v=1572541005 HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/movies/
Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; _csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D
HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 694824
Last-Modified: Thu, 31 Oct 2019 16:56:45 GMT
Connection: keep-alive
ETag: "5dbb124d-a9a28"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
pl14492706.effectivecpmcontent.com/b4/69/f0/b469f01aac640a5d89dbc7f68f092bba.js
192.243.59.12200 OK 21 kB URL HTTP/1.1 pl14492706.effectivecpmcontent.com/b4/69/f0/b469f01aac640a5d89dbc7f68f092bba.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60212), with no line terminators
Hash 84817fe49e3c5603253ba4124d6876a2
48851b8c1d1470ae7f3096edd7645e8b52e4e95b
bdab47d96749a646006836271fd8879eaadec36143ad3e60a9a1716b2f55e029
GET /b4/69/f0/b469f01aac640a5d89dbc7f68f092bba.js HTTP/1.1
Host: pl14492706.effectivecpmcontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 69b16da9bbc6b52eb5e172cb9f0584e7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ancensored.com/fonts/fontawesome-webfont.woff2?v=4.7.0
88.214.194.140200 OK 77 kB URL HTTP/1.1 ancensored.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 88.214.194.140:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ancensored.com/css/style.min.css?v=1529997456
Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; _csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D
HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: application/octet-stream
Content-Length: 77160
Last-Modified: Fri, 18 Nov 2016 06:57:22 GMT
Connection: keep-alive
ETag: "582ea652-12d68"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
ancensored.com/img/logo.png
88.214.194.140200 OK 59 kB URL HTTP/1.1 ancensored.com/img/logo.png
IP 88.214.194.140:0
File type PNG image data, 483 x 179, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e301dfae6a7f601621d00705d7f205c
dda2495ebb35309e49d160c90648ea92c91bd377
6ebadde36132a14803dc731f2e3b1e5b133ce75016ee55737d1ef55bda75954d
GET /img/logo.png HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/css/fonts_en.css?v=1468041936
Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; _csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D
HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: image/png
Content-Length: 59295
Last-Modified: Mon, 10 Apr 2017 17:06:15 GMT
Connection: keep-alive
ETag: "58ebbb87-e79f"
Expires: Sat, 11 Feb 2023 23:23:56 GMT
Pragma: public
Cache-Control: max-age=604800, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
opthushbeginning.com/pixel/purst?dl=0&th=0&sc=0&rs=1176&rd=1176&fd=886&bv=22.10.v.9&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 opthushbeginning.com/pixel/purst?dl=0&th=0&sc=0&rs=1176&rd=1176&fd=886&bv=22.10.v.9&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1176&rd=1176&fd=886&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: opthushbeginning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HECG4m2uyUJidKSBPhtwWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6W7iCw32sajmJNSRpXR+tGtpZbQ=
ancensored.com/font/helveticaneueltstd-mdcn-webfont.woff
88.214.194.140200 OK 25 kB URL HTTP/1.1 ancensored.com/font/helveticaneueltstd-mdcn-webfont.woff
IP 88.214.194.140:0
File type Web Open Font Format, TrueType, length 25220, version 1.0\012- data
Hash 4d2da310089cbb134dffd57d5b8bb22b
a906b2e728b133cd81a621f73dd80cbda689acb1
c68b1067fde03a1fd913c3161fc9c663137eb903775bd186b13656fc9317ca7d
GET /font/helveticaneueltstd-mdcn-webfont.woff HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ancensored.com/css/fonts_en.css?v=1468041936
Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; _csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D
HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: application/font-woff
Content-Length: 25220
Last-Modified: Sat, 09 Jul 2016 05:25:36 GMT
Connection: keep-alive
ETag: "57808ad0-6284"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash dccebcfaad6c97d820364ec92d4a511b
a1adef127bad0f85751b5a7b47025c33d40083c4
6be12cee36873a68c71f277876470b5a3807acf44b39a92b575595e9aa95c973
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 23:23:57 GMT
Last-Modified: Sat, 04 Feb 2023 22:18:08 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NuHvoKUK30jkEXaS41d-vP01XL3CuI7TiEl7NigZLgnO46rnwnRGvA==
Age: 3949
ancensored.com/font/helveticaneueltstd-mdcno.woff
88.214.194.140200 OK 29 kB URL HTTP/1.1 ancensored.com/font/helveticaneueltstd-mdcno.woff
IP 88.214.194.140:0
File type Web Open Font Format, TrueType, length 29168, version 1.0\012- data
Hash 467926962a621732977c5b5bc4a833c9
f774e630db1a1e0e8c6a0f8222c12fb760a349a0
834c3c683a867652e209315c8fe1a239324dcdcf50178fb6eaba4a1222bee57e
GET /font/helveticaneueltstd-mdcno.woff HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ancensored.com/css/fonts_en.css?v=1468041936
Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; _csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D
HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: application/font-woff
Content-Length: 29168
Last-Modified: Sat, 09 Jul 2016 05:25:36 GMT
Connection: keep-alive
ETag: "57808ad0-71f0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
opthushbeginning.com/23/ec/e5/23ece5a9207adffeb048dda2ea4c9190.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 opthushbeginning.com/23/ec/e5/23ece5a9207adffeb048dda2ea4c9190.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37124), with no line terminators
Hash 2d90d107eb5f7e7ed33b36e322120fcc
c5662e4c4ad2fba7a68cf162a7e2d177c248ae1a
7b913c9d2b06554caf87ade01f638d2520a8f3bebe7849fc966f343f590a7436
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /23/ec/e5/23ece5a9207adffeb048dda2ea4c9190.js HTTP/1.1
Host: opthushbeginning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 23:23:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76fca548f85f102f1ec4ec218ca38c5e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash bfb3ac335b6a825ed302a66f3514920f
e19d0c164f67838bb54d146b6eebe75aca01b91b
41852f625f877c69c754c5b3710a4ee257bd46ac27cd28c83b8698ab3c416787
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ancensored.com
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 23:23:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ancensored.com
access-control-allow-credentials: true
set-cookie: uid_id2=bdc6d551-64d6-4099-9682-e2542a9f2c0d:3:1; expires=Tue, 01 Feb 2033 23:23:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ws.sharethis.com/button/async-buttons.js
54.230.111.82200 OK 19 kB URL HTTP/2 ws.sharethis.com/button/async-buttons.js
IP 54.230.111.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b3b7d06f8df8276ede0facec198706e
3e42fc6cacb95a5fa1b56c5b3984e8269752fbbe
342ffe242184c80ddf304e21db8b256ccb8aecb1f4bd9363802dcf2f36053837
GET /button/async-buttons.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18813
cache-control: max-age=259200
content-encoding: gzip
date: Fri, 03 Feb 2023 09:31:47 GMT
etag: W/"63d989f2-16245"
expires: Mon, 06 Feb 2023 09:31:47 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xr_kZ8mbSKOzzgviX49wf_VGBpmQ3ca1_qIwqEksTH298-PxnU9PAA==
age: 136330
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/button/css/buttons-secure.css
54.230.111.82200 OK 3.9 kB URL HTTP/2 ws.sharethis.com/button/css/buttons-secure.css
IP 54.230.111.82:0
File type ASCII text, with very long lines (23158), with no line terminators
Hash 61da924a747e08c5f54a6cb31c724a48
8e49d971d6a667c3888a481b742e05cafcf72a43
54302324d4b6aa780466c869b9932504d0b1eaa7ef1df6c5481b35fb0625343a
GET /button/css/buttons-secure.css HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 3851
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 21:36:52 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sat, 04 Feb 2023 05:11:48 GMT
etag: W/"63d989f4-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZjtRhX03xuazjot_CptA-dP7ZsVGzTY5sBF-JEW4qtOyKAHs2OrQTQ==
age: 65530
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash bfb3ac335b6a825ed302a66f3514920f
e19d0c164f67838bb54d146b6eebe75aca01b91b
41852f625f877c69c754c5b3710a4ee257bd46ac27cd28c83b8698ab3c416787
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ancensored.com
Connection: keep-alive
Referer: http://ancensored.com/
Cookie: uid_id2=bdc6d551-64d6-4099-9682-e2542a9f2c0d:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 23:23:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ancensored.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
counter.yadro.ru/hit;ANCEN?t44.6;r;s1280*1024*24;uhttp%3A//ancensored.com/movies/;0.768332407899024
88.212.201.198302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit;ANCEN?t44.6;r;s1280*1024*24;uhttp%3A//ancensored.com/movies/;0.768332407899024
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit;ANCEN?t44.6;r;s1280*1024*24;uhttp%3A//ancensored.com/movies/;0.768332407899024 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 302 Moved Temporarily
Date: Sat, 04 Feb 2023 23:23:57 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit;ANCEN?t44.6;r;s1280*1024*24;uhttp%3A//ancensored.com/movies/;0.768332407899024
Content-Length: 32
Expires: Fri, 04 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
ancensored.com/favicon.ico
88.214.194.140200 OK 1.2 kB URL HTTP/1.1 ancensored.com/favicon.ico
IP 88.214.194.140:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 01a051259aaa5ea2e2e97a4b5fecf28c
443926607955a17aa9b488a4132a1e390f56ea0b
72b9284ceb1a360728142393dc7fc5466301f693c1a8130bf4c3ce3e311a41e1
GET /favicon.ico HTTP/1.1
Host: ancensored.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/movies/
Cookie: PHPSESSID=othn9vaq7q39r413pc1th83g31; _csrf=241ee4e60057a0093bac4951a1c19a6a6a14d9249f01a1048b2c79057b8aad08a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22S1Ks52gkvBI_wdrf8Yq02patA3A8pRTn%22%3B%7D; __unam=3d08e78-1861ebeed97-1c7cf264-1
HTTP/1.1 200 OK
Server: nginx/1.9.15
Date: Sat, 04 Feb 2023 23:23:57 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Sat, 09 Jul 2016 05:25:36 GMT
Connection: keep-alive
ETag: "57808ad0-47e"
Expires: Sat, 11 Feb 2023 23:23:57 GMT
Pragma: public
Cache-Control: max-age=604800, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash d4f867b2aab948a122082956fb2d9804
024d5b205435e17e4d18b77f52b03d17e53f3a33
30a1b21a04819583d299309754c97d1c595788cab32980d1c74c27683e04fb61
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 23:23:57 GMT
Last-Modified: Sat, 04 Feb 2023 22:50:01 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lmOofqR1PmR2DYT4raSD-4m_EfKNIegAC2HbYXGTvEy65u_EO3yZRA==
Age: 2036
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1675553074581.38239&hostname=ancensored.com&location=%2Fmovies%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fancensored.com%2Fmovies%2F&title=Not%20Found%20(%23404)%20%3C%20ANCENSORED&sop=false
3.120.54.96204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1675553074581.38239&hostname=ancensored.com&location=%2Fmovies%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fancensored.com%2Fmovies%2F&title=Not%20Found%20(%23404)%20%3C%20ANCENSORED&sop=false
IP 3.120.54.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1675553074581.38239&hostname=ancensored.com&location=%2Fmovies%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fancensored.com%2Fmovies%2F&title=Not%20Found%20(%23404)%20%3C%20ANCENSORED&sop=false HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ancensored.com
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: http://ancensored.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 04 Feb 2023 23:23:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
friendshipmale.com/sfp.js
104.21.234.93200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 104.21.234.93:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 23:23:57 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 2564332cd6cd1ec7d0b41b1954d7900b
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sat, 04 Feb 2023 23:23:57 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkfWMXha%2BGN086C%2BHi5C3dDAbt%2BVja%2Bm4DwVN4SrFBO1XOWYtOOth6ESRs6MMqGMWvrM0L0OEw34j1w5BwSL2wAS1y3pbw21oyiBXXeJzC0Qi5DYuaCtEb1Xj0CbtjW%2B4q3HiH8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794728327cee7783-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
banquetunarmedgrater.com/advertisers.js
192.243.59.12200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 04 Feb 2023 23:23:57 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15288f749c4a174349aff2c74f18ab45
Strict-Transport-Security: max-age=0; includeSubdomains
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1675553074581.38239&hostname=ancensored.com&location=%2Fmovies%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fancensored.com%2Fmovies%2F&title=Not%20Found%20(%23404)%20%3C%20ANCENSORED&sop=false&img_pview=true
3.120.54.96204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1675553074581.38239&hostname=ancensored.com&location=%2Fmovies%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fancensored.com%2Fmovies%2F&title=Not%20Found%20(%23404)%20%3C%20ANCENSORED&sop=false&img_pview=true
IP 3.120.54.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1675553074581.38239&hostname=ancensored.com&location=%2Fmovies%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fancensored.com%2Fmovies%2F&title=Not%20Found%20(%23404)%20%3C%20ANCENSORED&sop=false&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 04 Feb 2023 23:23:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 744dd567a55130c5a86bd23d30e090ce
54544d5b7e41f1f99d17086a12d2b9453ae40be8
fc482854578301d7ebeccc9acbf852359c660806215a1e9f217b889d8fb5c42b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 23:23:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 08 Feb 2023 21:34:11 GMT
ETag: "54544d5b7e41f1f99d17086a12d2b9453ae40be8"
Last-Modified: Sat, 04 Feb 2023 21:34:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1579
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79472833fd93b521-OSL
counter.yadro.ru/hit;ANCEN?t44.6;r;s1280*1024*24;uhttp%3A//ancensored.com/movies/;0.768332407899024
88.212.201.198200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit;ANCEN?t44.6;r;s1280*1024*24;uhttp%3A//ancensored.com/movies/;0.768332407899024
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash 0223d80a320a983871bfa82aa6d698ea
f4e06fe8e83c662bb565f175d7de22f51c1e7c9d
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
GET /hit;ANCEN?t44.6;r;s1280*1024*24;uhttp%3A//ancensored.com/movies/;0.768332407899024 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ancensored.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 04 Feb 2023 23:23:57 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Fri, 04 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
unseenreport.com/pxf.gif?uuid=bdc6d551-64d6-4099-9682-e2542a9f2c0d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=b469f01aac640a5d89dbc7f68f092bba&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=bdc6d551-64d6-4099-9682-e2542a9f2c0d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=b469f01aac640a5d89dbc7f68f092bba&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=bdc6d551-64d6-4099-9682-e2542a9f2c0d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=b469f01aac640a5d89dbc7f68f092bba&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 04 Feb 2023 23:23:57 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d9fdc4e765682e5e272630efb7b9345
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=bdc6d551-64d6-4099-9682-e2542a9f2c0d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=23ece5a9207adffeb048dda2ea4c9190&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=bdc6d551-64d6-4099-9682-e2542a9f2c0d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=23ece5a9207adffeb048dda2ea4c9190&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=bdc6d551-64d6-4099-9682-e2542a9f2c0d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=23ece5a9207adffeb048dda2ea4c9190&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 04 Feb 2023 23:23:57 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d3c6a3b7335c331b09aa963577f1fdd
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13206
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sat, 04 Feb 2023 23:23:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13206
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sat, 04 Feb 2023 23:23:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13206
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sat, 04 Feb 2023 23:23:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13206
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sat, 04 Feb 2023 23:23:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13206
Expires: Sun, 05 Feb 2023 03:04:04 GMT
Date: Sat, 04 Feb 2023 23:23:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d632f8be93820b9746f76146fe3ff0e
7e5e9b16819af678ba84ddb6f45c073e659e2f4e
26ad66cf5e4fe4de99ad31b5c4f0fa3d05c085be04610de8ad80989528c100bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01d9feca-e9dc-4ee4-9694-bcc983e3a7c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6434
x-amzn-requestid: ccf74c35-c654-4a9a-8121-ab27fc4cd862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WWYFbJoAMFgSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f5-10dedb6a287acd2b10cdfdb4;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3bv0yNuzTWh742AZFesuU0caKmg0nMFc3P0bLYkhGd-TAeg5R9W_vQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:28 GMT
age: 5550
etag: "7e5e9b16819af678ba84ddb6f45c073e659e2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 42811
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 5552
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 4440
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbb38d805862a1b3081eebf256e0dae0
4a5cb01390d897be8721cd4551c74d0452aff640
02443891d0533f37fe38b16febafc86fa64c457dc1827b97ec535d623486d549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8691
x-amzn-requestid: 51bb839e-c32c-4be9-9f38-7f8044160e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsLgFPqIAMFfww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d22716-3794126b47a79aed27e1aac4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:09:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9du1ien5j1WSLplBzT5AAV-xIPKNgg4-8tdjux_iEGXNGaCcj29Xog==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 10:04:17 GMT
age: 47981
etag: "4a5cb01390d897be8721cd4551c74d0452aff640"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eaca60722d35484e7cad5e6521465c75
470c81f1cab13436da9f94e97bb152fc9d01ad04
8c75170cdf9f6b97aef972568348aa4e6d67486ad1fdb7aa9d346e1cc8ae9df7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9290
x-amzn-requestid: 5ed93026-d87a-4c82-81ce-8faa9e8dba60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsnFtFVUoAMF6Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5224-0e5fea32709d6f665f6b09db;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AD5rpaPGI6jezDtJBS7-XTUoJQetiG6yyo6VbDfBYzk9RwPNYN5h2Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 20:04:29 GMT
age: 11969
etag: "470c81f1cab13436da9f94e97bb152fc9d01ad04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/index.html
54.230.111.82200 OK 4.1 kB URL HTTP/2 ws.sharethis.com/secure5x/index.html
IP 54.230.111.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (452)
Hash 664c7e81d5001b64b68581b55730c6ba
2bf6abb1ba2441d9f6b1485913aaef6c35c11dbc
098211231b2dc22996304f7ca6249f1dc455a03b06e77625e9176fc9705a2b24
GET /secure5x/index.html HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 4082
content-encoding: gzip
date: Sat, 04 Feb 2023 16:49:58 GMT
etag: W/"63d989f4-390f"
last-modified: Tue, 31 Jan 2023 21:36:52 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W6FU-HHxbzj1E7qhmUe01BR64FMlbPnhHd6RDEruUKdtKoVctYmupQ==
age: 23640
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
54.230.111.82200 OK 5.6 kB URL HTTP/2 ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
IP 54.230.111.82:0
File type C source, ASCII text, with very long lines (16630), with no line terminators
Hash 94b39eb0a8fb0b06a11ad4d75b2e74b9
5d9f3beab6794398f43e43625b651cb16f6514ed
db64545fc1dedef33184fb39df6e927e83fb783555622cafe426dc83c87e17c1
GET /secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure5x/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 5630
cache-control: max-age=31536000
content-encoding: gzip
date: Mon, 23 Jan 2023 09:00:16 GMT
etag: W/"634f1895-40f6"
expires: Tue, 23 Jan 2024 09:00:16 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mrNHRqewmw5ZH75ND2LSwankdVqAsr4m14nO4Y2EOl58c5EpBlF55w==
age: 1088622
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/facebook_32.png
54.230.111.82200 OK 1.2 kB URL HTTP/2 ws.sharethis.com/images/2017/facebook_32.png
IP 54.230.111.82:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3754f037ec790209832c2adbdc35d6ce
152e4b15a48367112da47ec7f2db28b4d7ef937b
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
GET /images/2017/facebook_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1175
accept-ranges: bytes
cache-control: max-age=31536000
date: Sat, 21 Jan 2023 01:19:35 GMT
etag: "634f1850-497"
expires: Sun, 21 Jan 2024 01:19:35 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kL0GzHLAg-9w1a-A2a5scglOu9ulrPTE0pi4w-bl7YZ7AkVDuUTl-Q==
age: 1289067
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sd.sharethis.com/disc/images/mini_Top_Cap.png
143.204.55.123200 OK 1.0 kB URL HTTP/2 sd.sharethis.com/disc/images/mini_Top_Cap.png
IP 143.204.55.123:0
File type PNG image data, 47 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c02395a29d645dfa785a7c7bbff28c6
eb375183b91afc22daa5300d307c71dd5a5a0b16
2e29c399006c5c6e726eafd64d6c42dd91ca2b621ed55f13b81263512beadbfb
GET /disc/images/mini_Top_Cap.png HTTP/1.1
Host: sd.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1035
last-modified: Tue, 20 Aug 2019 17:20:12 GMT
x-robots-tag: noindex, nofollow
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 23:18:04 GMT
cache-control: public, max-age=31536000
etag: "3c02395a29d645dfa785a7c7bbff28c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OWeLJLYfeFTEO2-Mi-8OXi-yd6WagueUVjq7JVQGRzMONOm6t1NdPQ==
age: 398
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/twitter_32.png
54.230.111.82200 OK 1.3 kB URL HTTP/2 ws.sharethis.com/images/2017/twitter_32.png
IP 54.230.111.82:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2447594934b71bf36bb49cf33411f52a
7579d92f17a10fd76ab76648c1e364399e9d2956
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
GET /images/2017/twitter_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1338
accept-ranges: bytes
cache-control: max-age=31536000
date: Mon, 23 Jan 2023 09:01:04 GMT
etag: "634f1850-53a"
expires: Tue, 23 Jan 2024 09:01:04 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3hVvwCm-ktnj6kdL4gwizkQ-sU8m0rXNSGMi8YwS994xdFKRYbKLrQ==
age: 1088578
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sd.sharethis.com/disc/images/mini_Bottom_Cap.png
143.204.55.123200 OK 1.1 kB URL HTTP/2 sd.sharethis.com/disc/images/mini_Bottom_Cap.png
IP 143.204.55.123:0
File type PNG image data, 47 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash f103c1bf9b9c26e07f47abbe0936408c
7497b832317b0c66473ecfbc3aa68b42c8d79d02
f2c4ead1e1cf71139dc4895e4cf3a4fd2f9c9e386e844765bd7a8591949ac68d
GET /disc/images/mini_Bottom_Cap.png HTTP/1.1
Host: sd.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1084
last-modified: Tue, 20 Aug 2019 17:20:09 GMT
x-robots-tag: noindex, nofollow
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 23:15:37 GMT
cache-control: public, max-age=31536000
etag: "f103c1bf9b9c26e07f47abbe0936408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v0aaz7-oY0FEcOlx7iOZnlLPtG9oThi21LWuaMRWKlql7KK34l1rTg==
age: 560
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/reddit_32.png
54.230.111.82200 OK 1.9 kB URL HTTP/2 ws.sharethis.com/images/2017/reddit_32.png
IP 54.230.111.82:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash c4ab709b8a3bba7f3dbcd02462cc74d7
ec6a92b3ea25b61562fc20bd6fac0007612879fc
677ed7ee257a2c841f70a183557dcd2d0d51f0091f7da8ab9d2c44fcee0279af
GET /images/2017/reddit_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1891
accept-ranges: bytes
cache-control: max-age=31536000
date: Mon, 23 Jan 2023 04:57:04 GMT
etag: "634f1850-763"
expires: Tue, 23 Jan 2024 04:57:04 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BSijYbvND8dmktbhMeJnPF-93RWn9Ix-VO2Px_GXF13JuL7YGlZDCw==
age: 1103218
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/googleplus_32.png
54.230.111.82200 OK 2.5 kB URL HTTP/2 ws.sharethis.com/images/2017/googleplus_32.png
IP 54.230.111.82:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d33881e9ae344b543cadac6fa0a6ef53
6dde667f0f33a9d196b6e707f97ea1d2b945182e
d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd
GET /images/2017/googleplus_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2468
accept-ranges: bytes
cache-control: max-age=31536000
date: Thu, 05 Jan 2023 03:48:18 GMT
etag: "634f1850-9a4"
expires: Fri, 05 Jan 2024 03:48:18 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O2SxxzYSNFK-kZrpn4_j-HAquD5DqCnaW4Ea9oqdupaRMzE1hybKmw==
age: 2662544
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/pinterest_32.png
54.230.111.82200 OK 1.4 kB URL HTTP/2 ws.sharethis.com/images/2017/pinterest_32.png
IP 54.230.111.82:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 82640347cab9db6f9b2c37a980b92789
3900e8c1a378aa0960e753dbbf7d7570853b1c3f
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
GET /images/2017/pinterest_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1435
accept-ranges: bytes
cache-control: max-age=31536000
date: Thu, 05 Jan 2023 19:11:55 GMT
etag: "634f1850-59b"
expires: Fri, 05 Jan 2024 19:11:55 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IRoXmvByouW3_tAJnhpB0pQloHWPYWDvRqEpKbBdMnPMu4F7ZRKJww==
age: 2607127
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/linkedin_32.png
54.230.111.82200 OK 1.2 kB URL HTTP/2 ws.sharethis.com/images/2017/linkedin_32.png
IP 54.230.111.82:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d285c094b084aa24ddd202afe524a17b
ed57aa21b672116638962b9e959623a7fb09b96c
e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f
GET /images/2017/linkedin_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1225
accept-ranges: bytes
cache-control: max-age=31536000
date: Tue, 10 Jan 2023 01:10:42 GMT
etag: "634f1850-4c9"
expires: Wed, 10 Jan 2024 01:10:42 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: apnGyPoOHaFjYoxVP-cOcpAuGFdPVErWBBD2ibpSHr7aOA4n57CESQ==
age: 2240000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/email_32.png
54.230.111.82200 OK 1.4 kB URL HTTP/2 ws.sharethis.com/images/2017/email_32.png
IP 54.230.111.82:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 60d894cc12ff32ee589520744b3bccdf
acfe3682e578c41097df54b84e9a630a942ea9c7
c3a537ae5d8020c10896418cb8658af444cbb3f89d3543c7db596b624e38690d
GET /images/2017/email_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1382
accept-ranges: bytes
cache-control: max-age=31536000
date: Thu, 26 Jan 2023 00:25:48 GMT
etag: "634f1850-566"
expires: Fri, 26 Jan 2024 00:25:48 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TVgOdsNp2UONINaZFZ9jeIdVTiHdEi3ZpZvskTuu-57aMupSuGaifw==
age: 860294
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ws.sharethis.com/images/2017/sharethis_32.png
54.230.111.82200 OK 1.3 kB URL HTTP/2 ws.sharethis.com/images/2017/sharethis_32.png
IP 54.230.111.82:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6fd48ae2af1b522742b3663cc3a37262
5834dce591a3d2f2ac5a61a59532e6fcc433edd3
1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb
GET /images/2017/sharethis_32.png HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1337
accept-ranges: bytes
cache-control: max-age=31536000
date: Thu, 19 Jan 2023 02:16:58 GMT
etag: "634f1850-539"
expires: Fri, 19 Jan 2024 02:16:58 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oEI_8WLo8J2brvhz-nDbGv9QcfxVKIhYYP5Lxb0REfOB98L5Azvv4w==
age: 1458424
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sd.sharethis.com/disc/images/mini_BG.png
143.204.55.123200 OK 952 B URL HTTP/2 sd.sharethis.com/disc/images/mini_BG.png
IP 143.204.55.123:0
File type PNG image data, 47 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e07cd92ddc599b79b31648fe5de2e702
31bcda115ad06565a30c49c810ceccb5f9c1fc1e
3ca5cbea5f371c49060f5cf45fdeaec7a84efb59c59e39ee2573aa0692e6291c
GET /disc/images/mini_BG.png HTTP/1.1
Host: sd.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 952
last-modified: Tue, 20 Aug 2019 17:20:07 GMT
x-robots-tag: noindex, nofollow
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 23:24:02 GMT
cache-control: public, max-age=31536000
etag: "e07cd92ddc599b79b31648fe5de2e702"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FU6DrCmFV6Rvg5v-VIlqxFqXE277NLNaEfgg-UI8LIEUPqvRR3Ij-Q==
age: 342
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 23:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.136200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.136:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sat, 04 Feb 2023 21:43:07 GMT
expires: Sat, 04 Feb 2023 23:43:07 GMT
cache-control: public, max-age=7200
age: 6055
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sd.sharethis.com/disc/js/hoverbuttons.035267d71d894482eb413e5bea488ff5.js
143.204.55.123200 OK 2.6 kB URL HTTP/2 sd.sharethis.com/disc/js/hoverbuttons.035267d71d894482eb413e5bea488ff5.js
IP 143.204.55.123:0
Hash 4b962cb10862855f1d46006bf1d9af38
ac99393819b0ccd94d6e21185f8820788631c9ab
06e95c3f14a2ef941b6be6bf1d683ecd42a2f278c5db71d496024eff4cb4dcbc
GET /disc/js/hoverbuttons.035267d71d894482eb413e5bea488ff5.js HTTP/1.1
Host: sd.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 17:21:16 GMT
x-robots-tag: noindex, nofollow
server: AmazonS3
content-encoding: gzip
date: Sat, 04 Feb 2023 23:15:37 GMT
cache-control: public, max-age=31536000
etag: W/"035267d71d894482eb413e5bea488ff5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XKtNpd3Ee4xNIBvuLVM7rACA7vKEI84AqjM87KsY7d2O_wgoiSBYGQ==
age: 563
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=403230528&utmhn=ancensored.com&utmt=event&utme=5(HoveringButtons%20-%20Load*ancensored.com)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Not%20Found%20(%23404)%20%3C%20ANCENSORED&utmhid=1958588107&utmr=-&utmp=%2Fmovies%2F&utmht=1675553079779&utmac=UA-1645146-14&utmcc=__utma%3D110349781.778279644.1675553080.1675553080.1675553080.1%3B%2B__utmz%3D110349781.1675553080.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=QAAAAAAAACAAAAAAAAAAAAAE~
142.250.74.46200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=403230528&utmhn=ancensored.com&utmt=event&utme=5(HoveringButtons%20-%20Load*ancensored.com)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Not%20Found%20(%23404)%20%3C%20ANCENSORED&utmhid=1958588107&utmr=-&utmp=%2Fmovies%2F&utmht=1675553079779&utmac=UA-1645146-14&utmcc=__utma%3D110349781.778279644.1675553080.1675553080.1675553080.1%3B%2B__utmz%3D110349781.1675553080.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=QAAAAAAAACAAAAAAAAAAAAAE~
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=1&utmn=403230528&utmhn=ancensored.com&utmt=event&utme=5(HoveringButtons%20-%20Load*ancensored.com)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Not%20Found%20(%23404)%20%3C%20ANCENSORED&utmhid=1958588107&utmr=-&utmp=%2Fmovies%2F&utmht=1675553079779&utmac=UA-1645146-14&utmcc=__utma%3D110349781.778279644.1675553080.1675553080.1675553080.1%3B%2B__utmz%3D110349781.1675553080.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=QAAAAAAAACAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ancensored.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sat, 04 Feb 2023 02:14:59 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 76143
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
ws.sharethis.com/secure5x/js/st.b9e84e3511d7eef1c18a10b09a213041.js
54.230.111.82200 OK 0 B URL HTTP/2 ws.sharethis.com/secure5x/js/st.b9e84e3511d7eef1c18a10b09a213041.js
IP 54.230.111.82:0
GET /secure5x/js/st.b9e84e3511d7eef1c18a10b09a213041.js HTTP/1.1
Host: ws.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ws.sharethis.com/secure5x/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
cache-control: max-age=31536000
content-encoding: gzip
date: Wed, 01 Feb 2023 07:06:45 GMT
etag: W/"63d989f4-37209"
expires: Thu, 01 Feb 2024 07:06:45 GMT
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XNbNkbp-huwuVBIyl48MVGah4g_0lBeFaTCBDuRMV0aRklTYoSXBgQ==
age: 317833
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
s.sharethis.com/loader.js
143.204.55.123200 OK 0 B URL HTTP/2 s.sharethis.com/loader.js
IP 143.204.55.123:0
GET /loader.js HTTP/1.1
Host: s.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ancensored.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 20 Aug 2019 17:22:04 GMT
x-robots-tag: noindex, nofollow
server: AmazonS3
content-encoding: gzip
date: Sat, 04 Feb 2023 23:19:33 GMT
cache-control: public, max-age=86400
etag: W/"a637698b696964cb3a292f5482138425"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BMWQW4K1RqrZI6quT0aEIXKSZUf_uho0oDDVMs346XZzeFAWis5h6w==
age: 342
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
143.204.55.123200 OK 0 B URL HTTP/2 sd.sharethis.com/disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css
IP 143.204.55.123:0
GET /disc/css/hoverbuttons.ab4b82703a55102eddefc01bb815f2ec.css HTTP/1.1
Host: sd.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ancensored.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 20 Aug 2019 17:18:30 GMT
x-robots-tag: noindex, nofollow
server: AmazonS3
content-encoding: gzip
date: Sat, 04 Feb 2023 23:16:51 GMT
cache-control: public, max-age=31536000
etag: W/"ab4b82703a55102eddefc01bb815f2ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O8WQ-lkX5z0UPvwKUTIV74y5MODjNAiJiaGcsfC1NaKvDRfEro8UGw==
age: 447
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2