r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9739
Expires: Thu, 26 Jan 2023 22:12:11 GMT
Date: Thu, 26 Jan 2023 19:29:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8496
Expires: Thu, 26 Jan 2023 21:51:28 GMT
Date: Thu, 26 Jan 2023 19:29:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 18:35:16 GMT
content-type: application/json
age: 3276
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4138
Expires: Thu, 26 Jan 2023 20:38:50 GMT
Date: Thu, 26 Jan 2023 19:29:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IpJ+Js+hBarNK5xOF54+esI5xpYsiSkK7mh65mFYdAeiUocM3IH1s3rWm78c68gTrMU6FUJmmy9f8Bov6gEQ0Q==
x-amz-request-id: 5KRE8548Z36Q1NBJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 19:20:14 GMT
age: 578
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 18:41:40 GMT
age: 2893
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8681
Expires: Thu, 26 Jan 2023 21:54:34 GMT
Date: Thu, 26 Jan 2023 19:29:53 GMT
Connection: keep-alive
push.services.mozilla.com/
54.189.85.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.85.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N9KAZluBm2DNV4qq4paLzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t1oGNzhb10V4MeO7D20LkvmHiZc=
zt-za.link/tenor/
172.67.143.247301 Moved Permanently 0 B IP 172.67.143.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tenor/ HTTP/1.1
Host: zt-za.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 19:29:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding, Cookie
set-cookie: wordpress_895460512207fb0cfc4450d456065ddd=; expires=Fri, 10 Feb 2023 07:29:53 GMT;HttpOnly; path=/wp-content/plugins; SameSite=Lax
wordpress_895460512207fb0cfc4450d456065ddd=; expires=Fri, 10 Feb 2023 07:29:53 GMT;HttpOnly; path=/wp-admin; SameSite=Lax
wordpress_logged_in_895460512207fb0cfc4450d456065ddd=; expires=Fri, 10 Feb 2023 07:29:53 GMT;HttpOnly; path=/; SameSite=Lax
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://zt-za.link/tenor1/
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIMZKIzqu%2FTpzXKXgd%2BE4he%2BqDUwqxyzcB6YqqmDfhvG8tKQILydibQjqFJG24hKkCH65uB4zn%2Bvh7mY%2BYkIEN0d0fwv7Th%2FRc1eVu5GyRhu6rEoa8LaDMDYbxA6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fba8eefd400b41-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/rNd_0Bwgnv4
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/rNd_0Bwgnv4
IP 142.250.74.163:0
Hash b6c8be4e07a9fe1c077bfad6da20629c
08cd1413c7f843f10c0dbc2fd6fde2afbf7bd459
a0fc7c707a699c38f3db261b17d05c95e59aa1b8b5c6a14a6a80708badc65a95
POST /s/gts1p5/rNd_0Bwgnv4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4465
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 19:29:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4465
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 19:29:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4465
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 19:29:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4465
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 19:29:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4464
Expires: Thu, 26 Jan 2023 20:44:19 GMT
Date: Thu, 26 Jan 2023 19:29:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:57:18 GMT
age: 77557
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 78073
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 77847
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c331b0423afe4c6888533296b5f275bc
766aba1f8bb596a068f4e611161fa54616f506ed
0551882e8ba5962ca2c3a8634574e75f11321d46f9c901430614a9c73eaeae12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05a55fc3-efb4-4124-a48d-b57fc1e9bea4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 1c0f08ae-9b11-4c41-a6e9-819343332f34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF-fElWIAMFg8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf838f-6cf92e9d28ec0c9727e7419a;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A9cyJReV84QegjGfuOcBlZ-T6uefiGXXKnIBXIcn3a1x0kRYQ6XI3A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:13:57 GMT
age: 44158
etag: "766aba1f8bb596a068f4e611161fa54616f506ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 653bf5a34e9f99c9eef73a21d98d792f
c70d46aa2210c4f7c397fa20e1225b7d0734ac35
9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 419e5a80-cb6d-4904-9545-a0f815149701
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMREwmIAMFhQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b4-64c49f7d49687d9e5324ec64;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rZHSgPIPZyea2griEvL-3semlrUDichGSL8Rin4YeYKN909f9e0lyQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:41:09 GMT
age: 78526
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:33:59 GMT
age: 42956
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/rNd_0Bwgnv4
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/rNd_0Bwgnv4
IP 142.250.74.163:0
Hash b6c8be4e07a9fe1c077bfad6da20629c
08cd1413c7f843f10c0dbc2fd6fde2afbf7bd459
a0fc7c707a699c38f3db261b17d05c95e59aa1b8b5c6a14a6a80708badc65a95
POST /s/gts1p5/rNd_0Bwgnv4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/_inc/build/likes/queuehandler.min.js
192.0.77.37200 OK 2.4 kB URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/_inc/build/likes/queuehandler.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (6083), with no line terminators
Hash 5b9894786931354aec32d1a9623deaa3
da1fc7d81244239ba20b434ed9e780856769d4b9
93e6773deca9e0add883f1f9b1134b998a444f84934ac0b5703e4d34417eb029
GET /p/jetpack/11.7.1/_inc/build/likes/queuehandler.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 20:03:29 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js
192.0.77.37200 OK 3.0 kB URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (8517), with no line terminators
Hash 5a92a26bae7fe817aab6fb81ae65312b
66876f904f01edf2e5e75c4ea483a174354e21ec
1a7356dded59844dcf3b40666f37ad24114e28c8a1f9c220f2f0a23336467593
GET /p/jetpack/11.7.1/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 May 2022 10:02:49 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202304.js
192.0.76.3200 OK 3.5 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash e09ce5511f1bd7e6f18599c66f4316ba
42fca382eb59d9b96dec96bfa66b7ce92a1b218f
9c8b15ad5d4c8a2aa66e2e731bc1f3a8a89e80f6b64b793d1672c91b141b2432
GET /e-202304.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 11 Dec 2023 21:09:59 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 675eeb98eecc7cbb21326c247e0fe5dd
15fac5c1f34cff83dbf50499f9da248d646cd2fc
86cbbbc2a2280a8ea6909b1f224d7660192645640a55cbd106e0bb747f6dde85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86CBBBC2A2280A8EA6909B1F224D7660192645640A55CBD106E0BB747F6DDE85"
Last-Modified: Tue, 24 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=574
Expires: Thu, 26 Jan 2023 19:39:30 GMT
Date: Thu, 26 Jan 2023 19:29:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc83fbbacb3a834c794141ea4448c113
ca2bfa52804ca2d54522627929e7ee02904cd93c
7728fc5b3b2411b352186be7722cca462d5b5ea3c316f205d2febf058b3df94b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7728FC5B3B2411B352186BE7722CCA462D5B5EA3C316F205D2FEBF058B3DF94B"
Last-Modified: Thu, 26 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8056
Expires: Thu, 26 Jan 2023 21:44:12 GMT
Date: Thu, 26 Jan 2023 19:29:56 GMT
Connection: keep-alive
cosmicspecifiedovernight.com/89c4c9532611062e7ce59789adf25b21/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 cosmicspecifiedovernight.com/89c4c9532611062e7ce59789adf25b21/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26963), with no line terminators
Hash f5b4a4f688db0b584222f89331dea0e9
246dc865a96591446d5787965c472217e52aba4d
a57301c0568917c0c03cd39e5dc1138640913e958d95cac0227c297595230c25
GET /89c4c9532611062e7ce59789adf25b21/invoke.js HTTP/1.1
Host: cosmicspecifiedovernight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b991bbb1fc6a585adc0255ebca4b2d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cosmicspecifiedovernight.com/22/80/98/2280988a3c5b20d7f0884d4638ba268b.js
192.243.59.13200 OK 21 kB URL HTTP/1.1 cosmicspecifiedovernight.com/22/80/98/2280988a3c5b20d7f0884d4638ba268b.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60124), with no line terminators
Hash 464fd1609a558d4f93e1d2ba3b4f8c5f
d342fb4ecdf9ffc3b7aac2f8aa12e265dc151de1
92587848fed6d4a91b191fa8990dc9794cc3f88312326e11cad1a69b839b3ad2
GET /22/80/98/2280988a3c5b20d7f0884d4638ba268b.js HTTP/1.1
Host: cosmicspecifiedovernight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b9e9026472ca408de4f1b6073d25797
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cosmicspecifiedovernight.com/ca/70/7c/ca707caf01963bd522a2dbfb6b159101.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 cosmicspecifiedovernight.com/ca/70/7c/ca707caf01963bd522a2dbfb6b159101.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37119), with no line terminators
Hash 7c931f4e7140ea084ed73800950dc48d
50674e4325d6e113df894217b66f95b2b2f7ae20
eb25fb46f9c5bb91f50ce9d5d6dc1add10d96f9e64a0b41346e3289279e8b974
GET /ca/70/7c/ca707caf01963bd522a2dbfb6b159101.js HTTP/1.1
Host: cosmicspecifiedovernight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bf951493a21e79a3926d7816229f6a46
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cosmicspecifiedovernight.com/3a2b5ece9e64113108bca19f696a66f5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 cosmicspecifiedovernight.com/3a2b5ece9e64113108bca19f696a66f5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 607f1ed5999c3831826d2619ca5fea2c
98afbc7912778ab3250a8cdbe168434fe6232bc3
c3b0401e8f8d78e6a0e7db569bc7d2371cd7b22d29ce7e616e4b3986aec71475
GET /3a2b5ece9e64113108bca19f696a66f5/invoke.js HTTP/1.1
Host: cosmicspecifiedovernight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6043dff09dd1179b02de03629cd36a1d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 12 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (47826)
Hash dcc3ece351fb33dd0a48f04c23a1f208
3152c681071e56555fc919b8d9e407253bedd3d7
bc2e3e32533e9fd29706ef626f7d395e21ba00641b3c19c9175aa3a109b7d272
GET /c/6.1.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 5ded2712abb37696fe4d5f72a5cfb88a
0b5885a3997e7638fe5a3ac65361b98764b3c6d2
4f4e30f4379d9be5ea6a5b3e514798b3d31f488ea89a171a1eef05eddfbbe6ca
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://zt-za.link
access-control-allow-credentials: true
set-cookie: uid_id2=7b3ae8bc-b38e-4f31-9663-6217cc671e25:1:1; expires=Sun, 23 Jan 2033 19:29:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
zt-za.link/wp-content/themes/arras-1/assets/dist/css/legacy.min.css?ver=1.8
104.21.71.80200 OK 16 kB URL HTTP/2 zt-za.link/wp-content/themes/arras-1/assets/dist/css/legacy.min.css?ver=1.8
IP 104.21.71.80:0
File type ASCII text, with very long lines (26081), with no line terminators
Hash 79ff861ad337345638c6413589e1c1fe
b43d8bab01e6ae458d8e28ecdef914a29a2101e8
b796441ad1ba9314cd201d2267e39930ead96860141524734e658156b7d6f864
GET /wp-content/themes/arras-1/assets/dist/css/legacy.min.css?ver=1.8 HTTP/1.1
Host: zt-za.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/tenor1/
Cookie: wordpress_logged_in_895460512207fb0cfc4450d456065ddd=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 19:29:55 GMT
last-modified: Thu, 21 Jul 2022 12:25:48 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1h%2BzopmZYbxEnkcQxJ4cJuEgH2ZfWe2Rw71%2Bpa5ob5slUYosEa6syjuteXGpkpWeOSIYUKzq%2FWERaPPCEIm6u6yBmVCTr4u47yRrC1iu8Gq0lEE%2Bau0%2FHnWi9uE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fba902bbc10afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 0e0794742d318d830bb70192940d1ea6
23cf49def92a0b062bcdccbbf61383fb22d58ba0
5078277491858b6974d34d56c4c966210a37ad970bc165a08d9bb6e2510874de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156698
Date: Thu, 26 Jan 2023 19:29:56 GMT
Etag: "63d28099-1d7"
Expires: Sat, 28 Jan 2023 15:01:34 GMT
Last-Modified: Thu, 26 Jan 2023 13:31:05 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BWFbWn-imPsSlOa5c3B3F8c4EJTIMi3tsa89uXnZodHoSveJbxp6Mw==
Age: 5429
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 5ded2712abb37696fe4d5f72a5cfb88a
0b5885a3997e7638fe5a3ac65361b98764b3c6d2
4f4e30f4379d9be5ea6a5b3e514798b3d31f488ea89a171a1eef05eddfbbe6ca
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Cookie: uid_id2=7b3ae8bc-b38e-4f31-9663-6217cc671e25:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://zt-za.link
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 00375fc799d63a8d679a9f21ae54c87b
16838dea299cdb0547a8ca1038d005fbd9c6748b
0ad5d4ca803aac81dd0ea3af7d74992ce7636d19d058dfc7bf09259d6cbfa219
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://zt-za.link
access-control-allow-credentials: true
set-cookie: uid_id2=30eebc67-193a-40e3-94df-2558417f769d:1:1; expires=Sun, 23 Jan 2033 19:29:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 04cb7fc8b1e2a65a0b198cc53eb5e5cd
6d04611612d81108e856467f0e4b0479cbb37d33
1c745d8ace7ea6f8e5d7da5e9c067b7b3427ce9c5a5e2c5c35d1c345266de518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cosmicspecifiedovernight.com/3a2b5ece9e64113108bca19f696a66f5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 cosmicspecifiedovernight.com/3a2b5ece9e64113108bca19f696a66f5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26955), with no line terminators
Hash 910aece110d3b3c507825e41b6116fed
bfeccd5a9f3ebb8dac488d1fc41e7f1df457678f
4af5e5158653ea5bb14bb3a49dd886fc770003fed45f8ceead3caf9758ddedd0
GET /3a2b5ece9e64113108bca19f696a66f5/invoke.js HTTP/1.1
Host: cosmicspecifiedovernight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46eb457bbe392e68ad8c424dfca96328
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.youtube.com/s/player/4248d311/www-player.css
142.250.74.110200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-player.css
IP 142.250.74.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a6331ed48be29c59230b0c7360068de
22a20436f427d6b8e26eb30ed9aab51a43d389bf
72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/4248d311/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/-DgjaQtcEr8?feature=oembed
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 17:26:43 GMT
expires: Fri, 26 Jan 2024 17:26:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/css
age: 7393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
142.250.74.110200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (679)
Size 109 kB (109432 bytes)
Hash 711fcfe6f1ab52d89ab3474d437c1e48
b2f3e69e9d40b193de5e76ae13c6ad9ce0a8e537
361236d1317543e128074c35d22d65a2ba70f6ce9906b07a543e6b3c96239019
GET /s/player/4248d311/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/-DgjaQtcEr8?feature=oembed
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 16:38:02 GMT
expires: Thu, 25 Jan 2024 16:38:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 96715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 04cb7fc8b1e2a65a0b198cc53eb5e5cd
6d04611612d81108e856467f0e4b0479cbb37d33
1c745d8ace7ea6f8e5d7da5e9c067b7b3427ce9c5a5e2c5c35d1c345266de518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.110200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.110:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/-DgjaQtcEr8?feature=oembed
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 17:46:05 GMT
expires: Thu, 25 Jan 2024 17:46:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 92632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cosmicspecifiedovernight.com/691a30860970833c0a9cae7bc0669e66/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 cosmicspecifiedovernight.com/691a30860970833c0a9cae7bc0669e66/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26955), with no line terminators
Hash 910aece110d3b3c507825e41b6116fed
bfeccd5a9f3ebb8dac488d1fc41e7f1df457678f
4af5e5158653ea5bb14bb3a49dd886fc770003fed45f8ceead3caf9758ddedd0
GET /691a30860970833c0a9cae7bc0669e66/invoke.js HTTP/1.1
Host: cosmicspecifiedovernight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dbf6c93043c09694f85524ef6e7accef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58fb27edf8d78c9aab4d306149eaeb27
30a2309ef6d309c7a3ed7c4e8d0e885b208c26f3
ec8f91efb4c19e4f0a4f8fa6c558b80473ef2af597a3401d5e6876a29136c0f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC8F91EFB4C19E4F0A4F8FA6C558B80473EF2AF597A3401D5E6876A29136C0F3"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8395
Expires: Thu, 26 Jan 2023 21:49:52 GMT
Date: Thu, 26 Jan 2023 19:29:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 10154
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 596514
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
142.250.74.110200 OK 503 B URL HTTP/2 www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
IP 142.250.74.110:0
Hash c5a99a766dbcd51823e2f39712c5e789
cf88860bd115e18463beba6e71e5fac60b03fd19
a3914a69f99efc161f9140ae61cc240ab2a601bcbdad5bdd432ab29be2882e23
GET /s/player/4248d311/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/-DgjaQtcEr8?feature=oembed
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:27:07 GMT
expires: Wed, 24 Jan 2024 09:27:07 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 208970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 3.0 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b602947df0f74f30a4844530dc800b35
43d7329953ed241a5c70eeb7e49f71baf874bab2
eb8dfb722b205028d5667e080093c5d91f953aa208d5ca96a54e91b47d70c9a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D7D4BF76AC44D4822E2CEFADE549A369A0D4A04A77B49B1863D621256966DB"
Last-Modified: Wed, 25 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17105
Expires: Fri, 27 Jan 2023 00:15:02 GMT
Date: Thu, 26 Jan 2023 19:29:57 GMT
Connection: keep-alive
sweepfrequencydissolved.com/watch.33901399675.js?key=89c4c9532611062e7ce59789adf25b21&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 sweepfrequencydissolved.com/watch.33901399675.js?key=89c4c9532611062e7ce59789adf25b21&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.33901399675.js?key=89c4c9532611062e7ce59789adf25b21&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Location: https://sweepfrequencydissolved.com/watch.33901399675.js?key=89c4c9532611062e7ce59789adf25b21&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1&shu=d58f1ae9b87006dadf3ac3733760dbd4ecd2d4e4e9fdc94b474fda0f1824f1e6cebc59eb2031cc92eb0a5566cdae1c8957edd5bee184350ba8af3709777c772ffa73802e33ea1d2c31cb9a099b709a45a50f6167054a21f00a0f86fd10b85b51d1b2&pst=1674761457&rmtc=t
Set-Cookie: u_pl=15231418; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIzMTQxOCwiayI6Ijg5YzRjOTUzMjYxMTA2MmU3Y2U1OTc4OWFkZjI1YjIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6NSwicHQiOjQsInBrIjoid2h2eHp0cXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly96dC16YS5saW5rL3Rlbm9yMS8ifX0.th8px6bZlWjz3B4qK0Qqdp3n7cNc4gpZu1AUTOjAD68; expires=Thu, 26 Jan 2023 19:30:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0347bdb66908ed01bd08d4f6f7e7076b
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 574cdc005607817b8a2455a3a0bdea79
e2f0aec5fb53222654eb9be1a288b4731954558a
92d388aa41ace9e83c93d26b6ce89560c863c4d71f57a0323196bfd96314a7d9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D388AA41ACE9E83C93D26B6CE89560C863C4D71F57A0323196BFD96314A7D9"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2299
Expires: Thu, 26 Jan 2023 20:08:16 GMT
Date: Thu, 26 Jan 2023 19:29:57 GMT
Connection: keep-alive
cosmicspecifiedovernight.com/426c5fd5751b53c34f96309c045c173b/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 cosmicspecifiedovernight.com/426c5fd5751b53c34f96309c045c173b/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26986), with no line terminators
Hash 92913c86fa9c53953bf25deaffe4a0f3
7f7a8c2f0bf037c36aca031cf14733e513c4c48c
9bbb702a00d172fc80d8570b315673ea6268caf8f4da767ccaae24ba992d2bb6
GET /426c5fd5751b53c34f96309c045c173b/invoke.js HTTP/1.1
Host: cosmicspecifiedovernight.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f64551e9c0b0dc0fd9220c80c87a9578
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
nudgeworry.com/watch.1308203285812.js?key=5d79b9df40f2180c0acfaad8d8d0a807&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 nudgeworry.com/watch.1308203285812.js?key=5d79b9df40f2180c0acfaad8d8d0a807&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1308203285812.js?key=5d79b9df40f2180c0acfaad8d8d0a807&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1 HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Location: https://nudgeworry.com/watch.1308203285812.js?key=5d79b9df40f2180c0acfaad8d8d0a807&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1&shu=6c0b0306642ae0b09349e6f5e6cd267584e2da39e09f189e00fdc86abdf83c24b8dbb7895ef89222d71649180848f4bdbd7ed6055f05f8b8b6e18f9ee1db681c2403d092ba702caf3a672536d3bd388c58446e9f0d61cef12b5173d145c00b6999&pst=1674761457&rmtc=t
Set-Cookie: u_pl=15231416; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIzMTQxNiwiayI6IjVkNzliOWRmNDBmMjE4MGMwYWNmYWFkOGQ4ZDBhODA3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImR2ZXBuanQ0IiwiY3BrcyI6eyAiMjgiOiJiOTU5M2FmNTY2NDJjY2E2MDc5N2RlOGUzZWRmYzBlZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly96dC16YS5saW5rL3Rlbm9yMS8ifX0.03-vKgbegc-3A_-a_05h48V9lKgxJ6r1bUD9hvdz4Rg; expires=Thu, 26 Jan 2023 19:30:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c158028c3950379c1acc322bdd997848
Strict-Transport-Security: max-age=0; includeSubdomains
prototypewailrubber.com/watch.1147627570717.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 prototypewailrubber.com/watch.1147627570717.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1147627570717.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1 HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Location: https://prototypewailrubber.com/watch.1147627570717.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=5190717d99c7cacef9e92c04334bdb87bad1f0dd9cfbc640cb1decb925ada46a12309aae118e7d88d7650c4dcf2cd350e2662d73f2aa8de0af8e479b906a7bd4e6017c4b4e87044db435a6de8a4f6d0d01b38a2ad2df4f1be1476437d92faeaeb08a195053&pst=1674761457&rmtc=t
Set-Cookie: u_pl=16059922; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyMiwiayI6IjNhMmI1ZWNlOWU2NDExMzEwOGJjYTE5ZjY5NmE2NmY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InAwOGFwbjUyZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3p0LXphLmxpbmsvdGVub3IxLyJ9fQ.sJI8TL_HvwFHaWmjMRz9uCQ_I_dMs98x2lX_DT1JGDI; expires=Thu, 26 Jan 2023 19:30:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ace92da6df9ed9fe399cc34c3480a7e7
Strict-Transport-Security: max-age=0; includeSubdomains
sweepfrequencydissolved.com/watch.33901399675.js?key=89c4c9532611062e7ce59789adf25b21&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1&shu=d58f1ae9b87006dadf3ac3733760dbd4ecd2d4e4e9fdc94b474fda0f1824f1e6cebc59eb2031cc92eb0a5566cdae1c8957edd5bee184350ba8af3709777c772ffa73802e33ea1d2c31cb9a099b709a45a50f6167054a21f00a0f86fd10b85b51d1b2&pst=1674761457&rmtc=t
173.233.137.60200 OK 2.1 kB URL HTTP/1.1 sweepfrequencydissolved.com/watch.33901399675.js?key=89c4c9532611062e7ce59789adf25b21&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1&shu=d58f1ae9b87006dadf3ac3733760dbd4ecd2d4e4e9fdc94b474fda0f1824f1e6cebc59eb2031cc92eb0a5566cdae1c8957edd5bee184350ba8af3709777c772ffa73802e33ea1d2c31cb9a099b709a45a50f6167054a21f00a0f86fd10b85b51d1b2&pst=1674761457&rmtc=t
IP 173.233.137.60:0
File type HTML document, ASCII text, with very long lines (2541)
Hash 8b29c23731440299d6e318c2d51df39e
a346ee3b7fbf74d0c17070382310bfbdfcc3ac11
ea581fc92930b32405e9571ed4716c6d8fcd3bed794270cb4547c895bb4d772b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.33901399675.js?key=89c4c9532611062e7ce59789adf25b21&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1&shu=d58f1ae9b87006dadf3ac3733760dbd4ecd2d4e4e9fdc94b474fda0f1824f1e6cebc59eb2031cc92eb0a5566cdae1c8957edd5bee184350ba8af3709777c772ffa73802e33ea1d2c31cb9a099b709a45a50f6167054a21f00a0f86fd10b85b51d1b2&pst=1674761457&rmtc=t HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Referer: https://zt-za.link/
Connection: keep-alive
Cookie: u_pl=15231418; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIzMTQxOCwiayI6Ijg5YzRjOTUzMjYxMTA2MmU3Y2U1OTc4OWFkZjI1YjIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6NSwicHQiOjQsInBrIjoid2h2eHp0cXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly96dC16YS5saW5rL3Rlbm9yMS8ifX0.th8px6bZlWjz3B4qK0Qqdp3n7cNc4gpZu1AUTOjAD68
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7b3ae8bc-b38e-4f31-9663-6217cc671e25:1:1; expires=Thu, 02 Feb 2023 19:29:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0386fad0768a44866ed3924fae7c6757
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fdc88efee761cb28011e49c5e0a92b3
ff5314144283c7b7148d5ae86d0da8f89feb1d08
80cb39d2f5258902fa30ad0c80a0a7e552d49efcda3a4049647385e8dd3f1992
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80CB39D2F5258902FA30AD0C80A0A7E552D49EFCDA3A4049647385E8DD3F1992"
Last-Modified: Thu, 26 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16854
Expires: Fri, 27 Jan 2023 00:10:51 GMT
Date: Thu, 26 Jan 2023 19:29:57 GMT
Connection: keep-alive
pixel.wp.com/g.gif?v=ext&blog=202414215&post=2109&tz=1&srv=zt-za.link&j=1%3A11.7.1&host=zt-za.link&ref=&fcp=3516&rand=0.9830111903649921
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=202414215&post=2109&tz=1&srv=zt-za.link&j=1%3A11.7.1&host=zt-za.link&ref=&fcp=3516&rand=0.9830111903649921
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=202414215&post=2109&tz=1&srv=zt-za.link&j=1%3A11.7.1&host=zt-za.link&ref=&fcp=3516&rand=0.9830111903649921 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 574cdc005607817b8a2455a3a0bdea79
e2f0aec5fb53222654eb9be1a288b4731954558a
92d388aa41ace9e83c93d26b6ce89560c863c4d71f57a0323196bfd96314a7d9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D388AA41ACE9E83C93D26B6CE89560C863C4D71F57A0323196BFD96314A7D9"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2299
Expires: Thu, 26 Jan 2023 20:08:16 GMT
Date: Thu, 26 Jan 2023 19:29:57 GMT
Connection: keep-alive
nudgeworry.com/watch.1308203285812.js?key=5d79b9df40f2180c0acfaad8d8d0a807&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1&shu=6c0b0306642ae0b09349e6f5e6cd267584e2da39e09f189e00fdc86abdf83c24b8dbb7895ef89222d71649180848f4bdbd7ed6055f05f8b8b6e18f9ee1db681c2403d092ba702caf3a672536d3bd388c58446e9f0d61cef12b5173d145c00b6999&pst=1674761457&rmtc=t
173.233.137.36200 OK 2.0 kB URL HTTP/1.1 nudgeworry.com/watch.1308203285812.js?key=5d79b9df40f2180c0acfaad8d8d0a807&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1&shu=6c0b0306642ae0b09349e6f5e6cd267584e2da39e09f189e00fdc86abdf83c24b8dbb7895ef89222d71649180848f4bdbd7ed6055f05f8b8b6e18f9ee1db681c2403d092ba702caf3a672536d3bd388c58446e9f0d61cef12b5173d145c00b6999&pst=1674761457&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2436)
Hash 6cd735df17d361c2fb36387ee1c19b1e
717455757a3edb23f8e054d4624e433a45ce7ee1
1b10bf5ae222f8afc38ad7cc258d943249b6f59a90c6f476f22ac0e1cf004b80
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1308203285812.js?key=5d79b9df40f2180c0acfaad8d8d0a807&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=7b3ae8bc-b38e-4f31-9663-6217cc671e25%3A1%3A1&shu=6c0b0306642ae0b09349e6f5e6cd267584e2da39e09f189e00fdc86abdf83c24b8dbb7895ef89222d71649180848f4bdbd7ed6055f05f8b8b6e18f9ee1db681c2403d092ba702caf3a672536d3bd388c58446e9f0d61cef12b5173d145c00b6999&pst=1674761457&rmtc=t HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Referer: https://zt-za.link/
Connection: keep-alive
Cookie: u_pl=15231416; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIzMTQxNiwiayI6IjVkNzliOWRmNDBmMjE4MGMwYWNmYWFkOGQ4ZDBhODA3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjcsInB0Ijo0LCJwayI6ImR2ZXBuanQ0IiwiY3BrcyI6eyAiMjgiOiJiOTU5M2FmNTY2NDJjY2E2MDc5N2RlOGUzZWRmYzBlZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly96dC16YS5saW5rL3Rlbm9yMS8ifX0.03-vKgbegc-3A_-a_05h48V9lKgxJ6r1bUD9hvdz4Rg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7b3ae8bc-b38e-4f31-9663-6217cc671e25:1:1; expires=Thu, 02 Feb 2023 19:29:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
pdhtkv27=true; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
uncs27=1; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 492cf3ca614ca3de74c552f38b52d46a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
prototypewailrubber.com/watch.1147627570717.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=5190717d99c7cacef9e92c04334bdb87bad1f0dd9cfbc640cb1decb925ada46a12309aae118e7d88d7650c4dcf2cd350e2662d73f2aa8de0af8e479b906a7bd4e6017c4b4e87044db435a6de8a4f6d0d01b38a2ad2df4f1be1476437d92faeaeb08a195053&pst=1674761457&rmtc=t
192.243.61.225200 OK 2.1 kB URL HTTP/1.1 prototypewailrubber.com/watch.1147627570717.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=5190717d99c7cacef9e92c04334bdb87bad1f0dd9cfbc640cb1decb925ada46a12309aae118e7d88d7650c4dcf2cd350e2662d73f2aa8de0af8e479b906a7bd4e6017c4b4e87044db435a6de8a4f6d0d01b38a2ad2df4f1be1476437d92faeaeb08a195053&pst=1674761457&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2564)
Hash c954f9f3229c58888b804ceefb74b4d6
cda29fea91ec9cd60a3e0f4935abb337e4cb694a
8df6cf03a3ce044617dcca6b2b8ee6a51a16a6b9b62cf21f0cfb5382b46ac38a
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1147627570717.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=5190717d99c7cacef9e92c04334bdb87bad1f0dd9cfbc640cb1decb925ada46a12309aae118e7d88d7650c4dcf2cd350e2662d73f2aa8de0af8e479b906a7bd4e6017c4b4e87044db435a6de8a4f6d0d01b38a2ad2df4f1be1476437d92faeaeb08a195053&pst=1674761457&rmtc=t HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Referer: https://zt-za.link/
Connection: keep-alive
Cookie: u_pl=16059922; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyMiwiayI6IjNhMmI1ZWNlOWU2NDExMzEwOGJjYTE5ZjY5NmE2NmY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InAwOGFwbjUyZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3p0LXphLmxpbmsvdGVub3IxLyJ9fQ.sJI8TL_HvwFHaWmjMRz9uCQ_I_dMs98x2lX_DT1JGDI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=30eebc67-193a-40e3-94df-2558417f769d:1:1; expires=Thu, 02 Feb 2023 19:29:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
pdhtkv32=true; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
uncs32=1; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3fcf004548fa94fbd255c06103b5f489
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
experimentalconcerningsuck.com/watch.773311867749.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 experimentalconcerningsuck.com/watch.773311867749.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.773311867749.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1 HTTP/1.1
Host: experimentalconcerningsuck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Location: https://experimentalconcerningsuck.com/watch.773311867749.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=24b6629f954a96bd48dd8d1193be4c71ce7e92fe0a2e99a0b59da78d364cb4b365c40e5d5562840be91b60ad522ff15afbf628254a2430f7f853260af7c9802adc484688bccb794bb9e3cb2fd02b14631ae181&pst=1674761457&rmtc=t
Set-Cookie: u_pl=16059922; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyMiwiayI6IjNhMmI1ZWNlOWU2NDExMzEwOGJjYTE5ZjY5NmE2NmY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InAwOGFwbjUyZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3p0LXphLmxpbmsvdGVub3IxLyJ9fQ.sJI8TL_HvwFHaWmjMRz9uCQ_I_dMs98x2lX_DT1JGDI; expires=Thu, 26 Jan 2023 19:30:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 041a9742ac344830e25e79813fc6ad6f
Strict-Transport-Security: max-age=0; includeSubdomains
prototypewailrubber.com/watch.1253813284749.js?key=691a30860970833c0a9cae7bc0669e66&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 prototypewailrubber.com/watch.1253813284749.js?key=691a30860970833c0a9cae7bc0669e66&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1253813284749.js?key=691a30860970833c0a9cae7bc0669e66&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1 HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Location: https://prototypewailrubber.com/watch.1253813284749.js?key=691a30860970833c0a9cae7bc0669e66&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=485e404062bbd8754faf524a4b3f6c958d7f1ff3e83e51ea7f34b517b26718d20525a0223814ab99524ba5ce337ca80088697027990ee84070924c0cb1360a3694ececd9d1bfb60247f8ffcd12568d55ed311abf&pst=1674761457&rmtc=t
Set-Cookie: u_pl=15231508; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIzMTUwOCwiayI6IjY5MWEzMDg2MDk3MDgzM2MwYTljYWU3YmMwNjY5ZTY2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjUsInB0Ijo0LCJwayI6InpuMzVjNjN1YWEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly96dC16YS5saW5rL3Rlbm9yMS8ifX0.XlLhIAnigy7kOA-rtpyVAmckwkgdFkzJVRkSGrVDpHA; expires=Thu, 26 Jan 2023 19:30:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c1a58d51d3606f302b808b119c3e57bc
Strict-Transport-Security: max-age=0; includeSubdomains
prototypewailrubber.com/watch.792447064917.js?key=426c5fd5751b53c34f96309c045c173b&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 prototypewailrubber.com/watch.792447064917.js?key=426c5fd5751b53c34f96309c045c173b&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.792447064917.js?key=426c5fd5751b53c34f96309c045c173b&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1 HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Connection: keep-alive
Referer: https://zt-za.link/
Cookie: u_pl=16059922; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyMiwiayI6IjNhMmI1ZWNlOWU2NDExMzEwOGJjYTE5ZjY5NmE2NmY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InAwOGFwbjUyZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3p0LXphLmxpbmsvdGVub3IxLyJ9fQ.sJI8TL_HvwFHaWmjMRz9uCQ_I_dMs98x2lX_DT1JGDI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Location: https://prototypewailrubber.com/watch.792447064917.js?key=426c5fd5751b53c34f96309c045c173b&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=292672ab833e9a2ab4b19fed0d8591d6a79b1cfafd42a234f78dd9a07814ef62b1e7e65212258914bf29d50e9082a14e0ea42f826faf256b3f14094dd0625140879c27967e455795eb7afb9ba15344faa0cb14d8&pst=1674761457&rmtc=t
Set-Cookie: u_pl=16059922,16059926; expires=Fri, 27 Jan 2023 19:29:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyNiwiayI6IjQyNmM1ZmQ1NzUxYjUzYzM0Zjk2MzA5YzA0NWMxNzNiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjYsInB0Ijo0LCJwayI6Ing0ampuMmJqeiIsImNwa3MiOnsgIjI4IjoiNjA2YjA3ODg1MThhYzA4MDhjN2NmYjIzOGI2MzA3YmIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8venQtemEubGluay90ZW5vcjEvIn19.QnekxqFzUrUW1PcBb0pHYeigpIzXioXLz7ST1eSNgNc; expires=Thu, 26 Jan 2023 19:30:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1dee06f61a4072973aa107bad91c783
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d49898ea0e8ede07ee1de69f8e67b4d
184fdb12c979b28b5a9ee9d7f7c641a4e57523ac
e7c403e67becb3844cecb2083c74f7671903c1b7351fde1f93d0b72d7b53571e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7C403E67BECB3844CECB2083C74F7671903C1B7351FDE1F93D0B72D7B53571E"
Last-Modified: Tue, 24 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8161
Expires: Thu, 26 Jan 2023 21:45:58 GMT
Date: Thu, 26 Jan 2023 19:29:57 GMT
Connection: keep-alive
i0.wp.com/zt-za.link/wp-content/uploads/2022/02/button-2.png?resize=192%2C44&ssl=1
192.0.77.2200 OK 3.4 kB URL HTTP/2 i0.wp.com/zt-za.link/wp-content/uploads/2022/02/button-2.png?resize=192%2C44&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0f17219bb3b0a4a9d59b3bf9659c19cf
6d8f86fbc48cd2c399de9b3d65d7ee04332cfdb3
f064100bfb2b33f1d1367f7f6722a71a80d1d4051282d209304180ef03a3363b
GET /zt-za.link/wp-content/uploads/2022/02/button-2.png?resize=192%2C44&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: image/webp
content-length: 3394
last-modified: Wed, 25 Jan 2023 07:27:26 GMT
expires: Fri, 24 Jan 2025 19:27:26 GMT
cache-control: public, max-age=63115200
link: <https://zt-za.link/wp-content/uploads/2022/02/button-2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "22ebf5a3880385bc"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/zt-za.link/wp-content/uploads/2022/04/4272885-1.webp?resize=221%2C300&ssl=1
192.0.77.2200 OK 18 kB URL HTTP/2 i0.wp.com/zt-za.link/wp-content/uploads/2022/04/4272885-1.webp?resize=221%2C300&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 221x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3069cd2b2d7c6206b8dfe88b0c0512e3
24f4ce7a39153669719603d86e032202937f5c4a
ed7e50814aa20e2f9fccd2c4623e6b97b8720e496fc8e6dff7cf3170a0d4cb04
GET /zt-za.link/wp-content/uploads/2022/04/4272885-1.webp?resize=221%2C300&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: image/webp
content-length: 17550
last-modified: Sat, 21 Jan 2023 15:11:22 GMT
expires: Tue, 21 Jan 2025 03:11:22 GMT
cache-control: public, max-age=63115200
link: <https://zt-za.link/wp-content/uploads/2022/04/4272885-1.webp>; rel="canonical"
x-content-type-options: nosniff
etag: "0893b26e78a466ea"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/zt-za.link/wp-content/uploads/2022/04/synopss-1-2.png?resize=101%2C30&ssl=1
192.0.77.2200 OK 962 B URL HTTP/2 i0.wp.com/zt-za.link/wp-content/uploads/2022/04/synopss-1-2.png?resize=101%2C30&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 52b05a69148d08e72892917eea477336
abd6fe150d920d7273811df23b86cf4281d700d3
f8cf68292b241ad888025e7caafb16410f35064e92103d7eb291895a4166eb58
GET /zt-za.link/wp-content/uploads/2022/04/synopss-1-2.png?resize=101%2C30&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: image/webp
content-length: 962
last-modified: Sat, 21 Jan 2023 15:11:22 GMT
expires: Tue, 21 Jan 2025 03:11:22 GMT
cache-control: public, max-age=63115200
link: <https://zt-za.link/wp-content/uploads/2022/04/synopss-1-2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "2cd5a0cc6e514376"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f5748fe61285ac561342d29f791caa95
590c2a121202a33abc837dd6210aaf0c8f54d3fd
69003e7446655b4935fb38652b1552e4763eab5bede555e53eba97ee304d61e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 14 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash f25d5fd59a8c13c3312f75b414bc16b4
0f39d109ea1a2ee13c81ed07be2c944a7e97f21a
4c63f3baf354f1899fc74a7286d13018d8d7a6ce6682aed406f1762502508465
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 26 Jan 2023 19:29:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 19:27:52 GMT
expires: Thu, 26 Jan 2023 19:42:52 GMT
cache-control: public, max-age=900
age: 125
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash dda854cb90cda40c6a6dbc19eb186eca
0d23775c5af739aac0a41844d09c704ab850a1bd
7c432d209fcf9dde0ca59bf93f76526d98aab474041f19b2d6fe79942ed3a7e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f5748fe61285ac561342d29f791caa95
590c2a121202a33abc837dd6210aaf0c8f54d3fd
69003e7446655b4935fb38652b1552e4763eab5bede555e53eba97ee304d61e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
feignthat.com/pixel/purst?dl=0&th=0&sc=0&rs=4177&rd=4177&fd=990&bv=22.10.v.9&tmpl=70
173.233.137.52200 OK 0 B URL HTTP/1.1 feignthat.com/pixel/purst?dl=0&th=0&sc=0&rs=4177&rd=4177&fd=990&bv=22.10.v.9&tmpl=70
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4177&rd=4177&fd=990&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: feignthat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
prototypewailrubber.com/60/6b/07/606b0788518ac0808c7cfb238b6307bb.js
192.243.61.225200 OK 29 kB URL HTTP/1.1 prototypewailrubber.com/60/6b/07/606b0788518ac0808c7cfb238b6307bb.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 42ff6a02d04a5638d0ec3f7702cade5b
2c8f5871738012f65feef8900247c51bccdab938
cff2d1fb28d256d2c8f5b6b7e747ea7903acf5524d8dd284808321106db42f4a
Analyzer Verdict Alert quad9 Sinkholed
GET /60/6b/07/606b0788518ac0808c7cfb238b6307bb.js HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Cookie: u_pl=16059922; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyMiwiayI6IjNhMmI1ZWNlOWU2NDExMzEwOGJjYTE5ZjY5NmE2NmY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InAwOGFwbjUyZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3p0LXphLmxpbmsvdGVub3IxLyJ9fQ.sJI8TL_HvwFHaWmjMRz9uCQ_I_dMs98x2lX_DT1JGDI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a3834aa7e3ffb7354b047f5c186d089
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
192.0.77.32200 OK 1.8 kB URL HTTP/2 s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
IP 192.0.77.32:0
File type ASCII text, with very long lines (835)
Hash a73708d52fb554558d6e5affdc441173
41e91dfc2557d29c268ce3c9827fec98f3907690
be730b21b164d6597b80347355e663090d57cae893c7a620c315c255779d1bdb
GET /wp-content/js/rlt-proxy.js?m=20211122 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"619d635a-1c9d"
content-encoding: br
expires: Thu, 23 Nov 2023 21:55:45 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
192.0.77.32200 OK 1.2 kB URL HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
IP 192.0.77.32:0
File type GIF image data, version 89a, 2 x 26\012- data
Hash 41570c42d47e846f51422b154ebe8cc8
eed821bb5bf98caf32c563a56a1ebf145f7aca74
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35
GET /wp-content/mu-plugins/highlander-comments/images/button-back.gif HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: image/gif
content-length: 1232
last-modified: Thu, 29 Nov 2018 13:53:31 GMT
etag: "5bffef5b-4d0"
expires: Fri, 10 Nov 2023 15:10:54 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
accept-ranges: bytes
X-Firefox-Spdy: h2
prototypewailrubber.com/watch.1253813284749.js?key=691a30860970833c0a9cae7bc0669e66&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=485e404062bbd8754faf524a4b3f6c958d7f1ff3e83e51ea7f34b517b26718d20525a0223814ab99524ba5ce337ca80088697027990ee84070924c0cb1360a3694ececd9d1bfb60247f8ffcd12568d55ed311abf&pst=1674761457&rmtc=t
192.243.61.225200 OK 635 B URL HTTP/1.1 prototypewailrubber.com/watch.1253813284749.js?key=691a30860970833c0a9cae7bc0669e66&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=485e404062bbd8754faf524a4b3f6c958d7f1ff3e83e51ea7f34b517b26718d20525a0223814ab99524ba5ce337ca80088697027990ee84070924c0cb1360a3694ececd9d1bfb60247f8ffcd12568d55ed311abf&pst=1674761457&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash 36490ec9e8559993df407aa3939c655f
00b68a6ceb9a8ac46bcdae801d1af32671504d6b
c5554ba471eed346c47c8a5b1480e7ea6c946af3bb1367b96d6d9c01c56e2ab1
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1253813284749.js?key=691a30860970833c0a9cae7bc0669e66&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=485e404062bbd8754faf524a4b3f6c958d7f1ff3e83e51ea7f34b517b26718d20525a0223814ab99524ba5ce337ca80088697027990ee84070924c0cb1360a3694ececd9d1bfb60247f8ffcd12568d55ed311abf&pst=1674761457&rmtc=t HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Referer: https://zt-za.link/
Connection: keep-alive
Cookie: u_pl=16059922,16059926; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyNiwiayI6IjQyNmM1ZmQ1NzUxYjUzYzM0Zjk2MzA5YzA0NWMxNzNiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjYsInB0Ijo0LCJwayI6Ing0ampuMmJqeiIsImNwa3MiOnsgIjI4IjoiNjA2YjA3ODg1MThhYzA4MDhjN2NmYjIzOGI2MzA3YmIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8venQtemEubGluay90ZW5vcjEvIn19.QnekxqFzUrUW1PcBb0pHYeigpIzXioXLz7ST1eSNgNc; uid_id2=30eebc67-193a-40e3-94df-2558417f769d:1:1; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16059922,16059926,15231508; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
uid_id2=30eebc67-193a-40e3-94df-2558417f769d:1:1; expires=Thu, 02 Feb 2023 19:29:58 GMT; secure; SameSite=None
iprc3d004a9d92430cb9d0e8d428ca56578c=2717339; expires=Fri, 27 Jan 2023 21:29:58 GMT; secure; SameSite=None
uncs=2; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
pdhtkv25=true; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
uncs25=1; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6eb48a6266cc430e76b31371679ff3dd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
experimentalconcerningsuck.com/watch.773311867749.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=24b6629f954a96bd48dd8d1193be4c71ce7e92fe0a2e99a0b59da78d364cb4b365c40e5d5562840be91b60ad522ff15afbf628254a2430f7f853260af7c9802adc484688bccb794bb9e3cb2fd02b14631ae181&pst=1674761457&rmtc=t
192.243.59.20200 OK 2.0 kB URL HTTP/1.1 experimentalconcerningsuck.com/watch.773311867749.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=24b6629f954a96bd48dd8d1193be4c71ce7e92fe0a2e99a0b59da78d364cb4b365c40e5d5562840be91b60ad522ff15afbf628254a2430f7f853260af7c9802adc484688bccb794bb9e3cb2fd02b14631ae181&pst=1674761457&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2535)
Hash d05e38523aa44a55d3af98db4eda0c08
6b647abd0777471243f069c1b55957182edb601b
b57e16163cd7cb169424b9ba7db937e915c3d80fe163ff4c4666d7a28b682460
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.773311867749.js?key=3a2b5ece9e64113108bca19f696a66f5&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=24b6629f954a96bd48dd8d1193be4c71ce7e92fe0a2e99a0b59da78d364cb4b365c40e5d5562840be91b60ad522ff15afbf628254a2430f7f853260af7c9802adc484688bccb794bb9e3cb2fd02b14631ae181&pst=1674761457&rmtc=t HTTP/1.1
Host: experimentalconcerningsuck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Referer: https://zt-za.link/
Connection: keep-alive
Cookie: u_pl=16059922; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyMiwiayI6IjNhMmI1ZWNlOWU2NDExMzEwOGJjYTE5ZjY5NmE2NmY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InAwOGFwbjUyZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3p0LXphLmxpbmsvdGVub3IxLyJ9fQ.sJI8TL_HvwFHaWmjMRz9uCQ_I_dMs98x2lX_DT1JGDI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 19:29:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=30eebc67-193a-40e3-94df-2558417f769d:1:1; expires=Thu, 02 Feb 2023 19:29:58 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
pdhtkv32=true; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
uncs32=1; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b01753f2b5acba7f850cee6ebd50a06a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-55134
192.0.77.32200 OK 42 kB URL HTTP/2 s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-55134
IP 192.0.77.32:0
File type ASCII text, with very long lines (15660)
Hash 0b103a1148966da897e7e23791c3618a
4156b47c96d648e4c6ce2d92112ecbfcddfc1618
c0d5ba726bf0a9a433616a0b46cfba34054824fdf7f71b35407abb41a53c85d8
GET /wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-55134 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"627a5af9-48b9"
content-encoding: br
expires: Thu, 25 Jan 2024 13:48:31 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 6 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
Hash 7d14c6d06a6075d413d43d381c992eba
49bdfc1145f7c7a7bf870f069b9d23a97966cb30
f48bd14f1f30b485d99a2904d06cbd9fa03ccaa5779105a3d3cf963edb2ac385
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e53b1d8b1f244c97e073382328e5c650
d1933a186c3b5351a8539f18e3f4f74237aefccc
2b3e14ffcd8e42c946fc8a66a44a97e543849ac1fd3fdefd85f774c86839716e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36171)
Hash a13a76dd17af226d4a24bd16ef702377
c364171cd0f66eb4a1a8dde04e1e083154d81dbd
1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 18:38:28 GMT
expires: Sat, 20 Jan 2024 18:38:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 521490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 37 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
Hash 6fc8215d57d4ea78e0a968097ea08766
311a31ce0997401a45ec3d3754f7b60a2436ff8e
c2c25618e656c235cc00a1a9eb909a866f02fc107d31aad6978e09445f574d49
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 26 Jan 2023 19:29:58 GMT
server: ESF
cache-control: private
content-length: 30675
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3f3ebba38babe4484f955dedf12d71e2
4fc3d61579aa2e035bf84b9439cc1933fe564ca8
b34dc34d61bb90a46615c1f99dd079bb05f662da984beb44233a85f7d3546a47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 215f16014778a0ef8fe0ae045469592c
8eb2bb842d2cbe49b94309d7297309a61c837ccb
df25507f0dd6bcb47ee79846962171e9a0660f6a356f941b8cb7a5cd3bdf2762
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/jW1np_kah9hPLx-M2bScpiOQAlWzNJmBqKJzf3cEhKPQMb22_KFYXbekI2MSkIxeX-kkbKIc=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.1 kB URL HTTP/2 yt3.ggpht.com/jW1np_kah9hPLx-M2bScpiOQAlWzNJmBqKJzf3cEhKPQMb22_KFYXbekI2MSkIxeX-kkbKIc=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 9e2bf5b71ed80d09c0b820a23783c72f
359629d7be8ca53b725fa3f8ecb0e5adcad0dcc2
576cb5f3d69aef760c44ee4f6d3180f3b1aceeff7796aa09c49b57096c127e48
GET /jW1np_kah9hPLx-M2bScpiOQAlWzNJmBqKJzf3cEhKPQMb22_KFYXbekI2MSkIxeX-kkbKIc=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2109
x-xss-protection: 0
date: Thu, 26 Jan 2023 17:13:50 GMT
expires: Wed, 25 Jan 2023 12:46:53 GMT
cache-control: public, max-age=86400, no-transform
age: 8168
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/-DgjaQtcEr8/sddefault.webp
142.250.74.182200 OK 20 kB URL HTTP/2 i.ytimg.com/vi_webp/-DgjaQtcEr8/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dfb1f10882e216fec459f60852d4f2ff
7f7c89b122cb748e28c0cbee7e3f7876679d73c6
ffe34d5daf5faf9b84bf5c6dbbfb23af172049acf120e03a055e29a86f7326e1
GET /vi_webp/-DgjaQtcEr8/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 20158
date: Thu, 26 Jan 2023 19:29:58 GMT
expires: Thu, 26 Jan 2023 21:29:58 GMT
cache-control: public, max-age=7200
etag: "1647945422"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
prototypewailrubber.com/watch.792447064917.js?key=426c5fd5751b53c34f96309c045c173b&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=292672ab833e9a2ab4b19fed0d8591d6a79b1cfafd42a234f78dd9a07814ef62b1e7e65212258914bf29d50e9082a14e0ea42f826faf256b3f14094dd0625140879c27967e455795eb7afb9ba15344faa0cb14d8&pst=1674761457&rmtc=t
192.243.61.225200 OK 2.1 kB URL HTTP/1.1 prototypewailrubber.com/watch.792447064917.js?key=426c5fd5751b53c34f96309c045c173b&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=292672ab833e9a2ab4b19fed0d8591d6a79b1cfafd42a234f78dd9a07814ef62b1e7e65212258914bf29d50e9082a14e0ea42f826faf256b3f14094dd0625140879c27967e455795eb7afb9ba15344faa0cb14d8&pst=1674761457&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2583)
Hash a96616f8c0a7e7ec7c2613f0a2c492f8
2648921fb5246873232408b13bcae91a68a90b81
10ddd33f3c57212539d33f3d6a4f50132b23cb56ea06f38dffe35551a4405439
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.792447064917.js?key=426c5fd5751b53c34f96309c045c173b&kw=%5B%22telecharger%22%2C%22t%C3%A9nor%22%2C%22-%22%2C%22uptobox%22%2C%221fichier%22%5D&refer=https%3A%2F%2Fzt-za.link%2Ftenor1%2F&tz=0&dev=e&res=12.1055&uuid=30eebc67-193a-40e3-94df-2558417f769d%3A1%3A1&shu=292672ab833e9a2ab4b19fed0d8591d6a79b1cfafd42a234f78dd9a07814ef62b1e7e65212258914bf29d50e9082a14e0ea42f826faf256b3f14094dd0625140879c27967e455795eb7afb9ba15344faa0cb14d8&pst=1674761457&rmtc=t HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zt-za.link
Referer: https://zt-za.link/
Connection: keep-alive
Cookie: u_pl=16059922,16059926,15231508; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjA1OTkyNiwiayI6IjQyNmM1ZmQ1NzUxYjUzYzM0Zjk2MzA5YzA0NWMxNzNiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTMxNjAsInBpZCI6NTUzMjYsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MjYsInB0Ijo0LCJwayI6Ing0ampuMmJqeiIsImNwa3MiOnsgIjI4IjoiNjA2YjA3ODg1MThhYzA4MDhjN2NmYjIzOGI2MzA3YmIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8venQtemEubGluay90ZW5vcjEvIn19.QnekxqFzUrUW1PcBb0pHYeigpIzXioXLz7ST1eSNgNc; uid_id2=30eebc67-193a-40e3-94df-2558417f769d:1:1; pdhtkv=true; uncs=2; pdhtkv32=true; uncs32=1; iprc3d004a9d92430cb9d0e8d428ca56578c=2717339; pdhtkv25=true; uncs25=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 19:29:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://zt-za.link
Access-Control-Allow-Origin: https://zt-za.link
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=30eebc67-193a-40e3-94df-2558417f769d:1:1; expires=Thu, 02 Feb 2023 19:29:58 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
pdhtkv26=true; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
uncs26=1; expires=Fri, 27 Jan 2023 19:29:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6979ad0268e0cc7603bdcbf19f921d40
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 5f57a83befb5510821576265e691190f
136d15f2cbbc6416d808afcb8f48a19b346937fc
b3d3b78aaea9273c95224d6242a3817bac9be7fc46800e741da32bba13db5fa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 215f16014778a0ef8fe0ae045469592c
8eb2bb842d2cbe49b94309d7297309a61c837ccb
df25507f0dd6bcb47ee79846962171e9a0660f6a356f941b8cb7a5cd3bdf2762
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 19:29:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e739703f7f87386784639edcbbb04dbd
83a98913c0c3c5cde66cd96a67ab50a1cde6bf37
4358cb8830987168faa5ed5937805d6ce1dfba8e5cb1e6c088f4fea4b6e8b5a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4358CB8830987168FAA5ED5937805D6CE1DFBA8E5CB1E6C088F4FEA4B6E8B5A2"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Thu, 26 Jan 2023 20:58:40 GMT
Date: Thu, 26 Jan 2023 19:29:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e739703f7f87386784639edcbbb04dbd
83a98913c0c3c5cde66cd96a67ab50a1cde6bf37
4358cb8830987168faa5ed5937805d6ce1dfba8e5cb1e6c088f4fea4b6e8b5a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4358CB8830987168FAA5ED5937805D6CE1DFBA8E5CB1E6C088F4FEA4B6E8B5A2"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Thu, 26 Jan 2023 20:58:40 GMT
Date: Thu, 26 Jan 2023 19:29:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e739703f7f87386784639edcbbb04dbd
83a98913c0c3c5cde66cd96a67ab50a1cde6bf37
4358cb8830987168faa5ed5937805d6ce1dfba8e5cb1e6c088f4fea4b6e8b5a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4358CB8830987168FAA5ED5937805D6CE1DFBA8E5CB1E6C088F4FEA4B6E8B5A2"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Thu, 26 Jan 2023 20:58:40 GMT
Date: Thu, 26 Jan 2023 19:29:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32be160c8894e1fbdd45f4ef27c5a2ec
4654d177cc5d1dfa90d49cb1d8030bdca45935f1
147cb1e6d9bb4b9951215cab06d93a4f8833820358a94174bcfd99ed067c9b00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "147CB1E6D9BB4B9951215CAB06D93A4F8833820358A94174BCFD99ED067C9B00"
Last-Modified: Tue, 24 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5676
Expires: Thu, 26 Jan 2023 21:04:34 GMT
Date: Thu, 26 Jan 2023 19:29:58 GMT
Connection: keep-alive
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/e4/22/53/e42253c2a4873d2bc70f3340202a4ab4/1665156843.jpg
45.133.44.10200 OK 15 kB URL HTTP/2 cdn.cloudimagesb.com/bi/e4/22/53/e42253c2a4873d2bc70f3340202a4ab4/1665156843.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 160x300, components 3\012- data
Hash e2003cc1398972faef5c40561d472c2e
ef334e8bfaee54604ae9fa982adc3b4e48ded6f1
13793497c156cb93e85fa398c5e4e3d556ca9ba7bba4c07265cd28037a554e56
GET /bi/e4/22/53/e42253c2a4873d2bc70f3340202a4ab4/1665156843.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: image/jpeg
content-length: 14999
server: nginx/1.17.6
last-modified: Fri, 07 Oct 2022 15:34:12 GMT
etag: "634046f4-3a97"
expires: Sat, 28 Jan 2023 19:29:58 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c07c0754e7277704366b1137a9d0bf37
227bcec2a1a8c42400e03565dda2c728995b7c4f
11dbfe8e41f231dc28d749b90940fff5f9a15f67019b54f6941573f29db763a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11DBFE8E41F231DC28D749B90940FFF5F9A15F67019B54F6941573F29DB763A2"
Last-Modified: Tue, 24 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1835
Expires: Thu, 26 Jan 2023 20:00:34 GMT
Date: Thu, 26 Jan 2023 19:29:59 GMT
Connection: keep-alive
widgets.wp.com/likes/
192.0.77.32200 OK 126 B IP 192.0.77.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62beca8ce9279bdc33570151e223a0dc
13a322b7a3523410a90afdd58832b89ce7b62902
6c79541d416470cf6276c0fe3e41528c51c823d125a45a1678355897fe9f3dc3
GET /likes/ HTTP/1.1
Host: widgets.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:59 GMT
content-type: text/html
content-length: 126
last-modified: Sat, 23 Dec 2017 00:24:47 GMT
etag: "5a3da24f-7e"
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2018ffd389a930f3eed837cb55011de
34e693736557f485989f90dd198e7ad166fb48b4
addf4f4e5fa6d113ad9c79f2cb9d8ebc9de03cd35de85926417df7ee64ee453a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADDF4F4E5FA6D113AD9C79F2CB9D8EBC9DE03CD35DE85926417DF7EE64EE453A"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6942
Expires: Thu, 26 Jan 2023 21:25:41 GMT
Date: Thu, 26 Jan 2023 19:29:59 GMT
Connection: keep-alive
s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
192.0.77.32200 OK 11 kB URL HTTP/2 s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
IP 192.0.77.32:0
File type Unicode text, UTF-8 text, with very long lines (3416)
Hash 55ff5af4d18cc34f6c466a658f098960
5c0e6fe0c43e0ce14e3925590666b4191cef27ff
06f27d9ac5890f89a13ef4c6aafefb93a98485a1d9742bab7dc890c535e0c4fb
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15231508
192.243.59.12200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15231508
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e15320d3732a27f9319a0621d781e6a2
cb5d7a5ef838ce55c9b8867c4b5076c6c17a9971
741b77413fb131b2afb86726fcf508cbb54f72898d5eacd5146de4b3ba1af1d1
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15231508 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 27 Jan 2023 19:29:59 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTUyMzE1MDgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly96dC16YS5saW5rLyJ9fQ.KxuSmfBBmjH1yOPD47pKxET0N67-E5eRqXOBRdeQFmk; expires=Thu, 26 Jan 2023 19:30:59 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 697d12d24bf6474cc05fc57274b1ac9c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=3462fcb8772245a1acbf7865dd8301a81d2729dfce14873037caac98cec2089b93d08ed5226395afe7525329b8ee9e49bd004b7b9c35a5df355a8696c60cff172d272aa9d9225f74680e3600c0b5b7580ad85ebfe57601318c2bf51304a0a253&pst=1674761459&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fzt-za.link%2F&psid=15231508
192.243.59.12302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=3462fcb8772245a1acbf7865dd8301a81d2729dfce14873037caac98cec2089b93d08ed5226395afe7525329b8ee9e49bd004b7b9c35a5df355a8696c60cff172d272aa9d9225f74680e3600c0b5b7580ad85ebfe57601318c2bf51304a0a253&pst=1674761459&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fzt-za.link%2F&psid=15231508
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=3462fcb8772245a1acbf7865dd8301a81d2729dfce14873037caac98cec2089b93d08ed5226395afe7525329b8ee9e49bd004b7b9c35a5df355a8696c60cff172d272aa9d9225f74680e3600c0b5b7580ad85ebfe57601318c2bf51304a0a253&pst=1674761459&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fzt-za.link%2F&psid=15231508 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTUyMzE1MDgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly96dC16YS5saW5rLyJ9fQ.KxuSmfBBmjH1yOPD47pKxET0N67-E5eRqXOBRdeQFmk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 19:29:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://binomnet3.com/click?key=bd79853bbd97a1c116dd&PLACEMENT_ID=16122660&CAMPAIGN_ID=723632&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2135631&COST_CPA=0.900000&SUB_ID_SHORT=1c9cc696909ad40dd128910259f8b42b
Set-Cookie: iprcc529ef54cfbc9e9742ad55466c7ef2ef=3964802; expires=Mon, 30 Jan 2023 19:29:59 GMT
pdhtkv=true; expires=Fri, 27 Jan 2023 19:29:59 GMT
uncs=1; expires=Fri, 27 Jan 2023 19:29:59 GMT
pdhtkv28=true; expires=Fri, 27 Jan 2023 19:29:59 GMT
uncs28=1; expires=Fri, 27 Jan 2023 19:29:59 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5585fd2c84f4a61ae5d469e5f0ab08ff
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1f142ca7fb70ceaf6865d5a362e8dfbd
539f840384b09fa8f1d01d99261def867d4943a5
5803b85bdb6673f8c8c694466df9c7078c17727d7c5bbd4b9f25054bc512a5de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5803B85BDB6673F8C8C694466DF9C7078C17727D7C5BBD4B9F25054BC512A5DE"
Last-Modified: Tue, 24 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11554
Expires: Thu, 26 Jan 2023 22:42:34 GMT
Date: Thu, 26 Jan 2023 19:30:00 GMT
Connection: keep-alive
binomnet3.com/click?key=bd79853bbd97a1c116dd&PLACEMENT_ID=16122660&CAMPAIGN_ID=723632&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2135631&COST_CPA=0.900000&SUB_ID_SHORT=1c9cc696909ad40dd128910259f8b42b
65.108.142.21307 Temporary Redirect 0 B URL HTTP/2 binomnet3.com/click?key=bd79853bbd97a1c116dd&PLACEMENT_ID=16122660&CAMPAIGN_ID=723632&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2135631&COST_CPA=0.900000&SUB_ID_SHORT=1c9cc696909ad40dd128910259f8b42b
IP 65.108.142.21:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=bd79853bbd97a1c116dd&PLACEMENT_ID=16122660&CAMPAIGN_ID=723632&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2135631&COST_CPA=0.900000&SUB_ID_SHORT=1c9cc696909ad40dd128910259f8b42b HTTP/1.1
Host: binomnet3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
location: https://ak.hetapus.com/afu.php?zoneid=5668484&ymid=cf9d9e4r92vnsr8ej1ug&var=16122660&clickinfo=yrepluDwFcJPZkh1KWqKjreplU4/0SyPMJUo2T5fhBtLxhGfBNBH2qi07dW/l8UhikWTtWmyuleuBIKKgPDKMaZVI8552ix9jh3zotzERCDg==
set-cookie: uclick=zryIlV1VOYo10uvxO2CYvzTx96Ivbj8bDL6csoSVnWXlJDA4El+aht5aR1ZTLVI0DwZHUQ==; Max-Age=31536000; HttpOnly; SameSite=Lax
clickinfo=yrepluDwFcJPZkh1KWqKjreplU4/0SyPMJUo2T5fhBtLxhGfBNBH2qi07dW/l8UhikWTtWmyuleuBIKKgPDKMaZVI8552ix9jh3zotzERCDg==; Max-Age=31536000; HttpOnly; SameSite=Lax
x-request-id: 05881ae0-20cd-4930-a94f-09989b4375d7
content-length: 0
date: Thu, 26 Jan 2023 19:30:00 GMT
X-Firefox-Spdy: h2
ak.hetapus.com/afu.php?zoneid=5668484&ymid=cf9d9e4r92vnsr8ej1ug&var=16122660&clickinfo=yrepluDwFcJPZkh1KWqKjreplU4/0SyPMJUo2T5fhBtLxhGfBNBH2qi07dW/l8UhikWTtWmyuleuBIKKgPDKMaZVI8552ix9jh3zotzERCDg==
95.101.10.43200 OK 9.4 kB URL HTTP/2 ak.hetapus.com/afu.php?zoneid=5668484&ymid=cf9d9e4r92vnsr8ej1ug&var=16122660&clickinfo=yrepluDwFcJPZkh1KWqKjreplU4/0SyPMJUo2T5fhBtLxhGfBNBH2qi07dW/l8UhikWTtWmyuleuBIKKgPDKMaZVI8552ix9jh3zotzERCDg==
IP 95.101.10.43:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12966)
Hash 9833e60dc19a47279e64ffa1a42480fa
b09066d3b64c61dd0900fb55c7a2e362b6b3f623
53eeab2479f1262b1e7574aedb1ec0c153edf3ed514719079de120e9235f06a9
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=5668484&ymid=cf9d9e4r92vnsr8ej1ug&var=16122660&clickinfo=yrepluDwFcJPZkh1KWqKjreplU4/0SyPMJUo2T5fhBtLxhGfBNBH2qi07dW/l8UhikWTtWmyuleuBIKKgPDKMaZVI8552ix9jh3zotzERCDg== HTTP/1.1
Host: ak.hetapus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: d558ca9b9543c09dbe5a3ba91fcb6a97
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Thu, 26 Jan 2023 19:30:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 19:30:00 GMT
content-length: 9430
vary: Accept-Encoding
set-cookie: OAID=b6573ca142d34a2d880aea3aed42fc86; expires=Fri, 26 Jan 2024 19:30:00 GMT; path=/; secure; SameSite=None
oaidts=1674761400; expires=Fri, 26 Jan 2024 19:30:00 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
jetpack.wordpress.com/jetpack-comment/?blogid=202414215&postid=2109&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Laisser+un+commentaire&jetpack_comments_nonce=4be3c62863&greeting_reply=R%C3%A9pondre+%C3%A0+%25s&color_scheme=light&lang=fr_FR&jetpack_version=11.7.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=f6ad383e1c49cd4b65255c77ba1795ab38cf24d8
192.0.78.32200 OK 29 kB URL HTTP/2 jetpack.wordpress.com/jetpack-comment/?blogid=202414215&postid=2109&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Laisser+un+commentaire&jetpack_comments_nonce=4be3c62863&greeting_reply=R%C3%A9pondre+%C3%A0+%25s&color_scheme=light&lang=fr_FR&jetpack_version=11.7.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=f6ad383e1c49cd4b65255c77ba1795ab38cf24d8
IP 192.0.78.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1816)
Hash bca74768b5d3d8fe8c78c1a8c71be7df
205275e520a3ea63b497ef507aeb181e79ff3ff1
7ecec0bb0b3810ef3eda7e3a5367aa43ac85e3d86860c79e4a943d940b5a138a
GET /jetpack-comment/?blogid=202414215&postid=2109&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=mystery&greeting=Laisser+un+commentaire&jetpack_comments_nonce=4be3c62863&greeting_reply=R%C3%A9pondre+%C3%A0+%25s&color_scheme=light&lang=fr_FR&jetpack_version=11.7.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=f6ad383e1c49cd4b65255c77ba1795ab38cf24d8 HTTP/1.1
Host: jetpack.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
content-encoding: br
x-ac: 4.arn _dca MISS
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
widgets.wp.com/likes/style.css
192.0.77.32200 OK 1.1 kB URL HTTP/2 widgets.wp.com/likes/style.css
IP 192.0.77.32:0
File type ASCII text, with very long lines (1967)
Hash a89e2fae6eb742ed4169ceabfe556de8
46988eaed04e57d504ea13e1f440ed4c25ed6d76
e04bb09c4c0f8c67e344a626775b5f455bfc026aa1d0c5e1e53a4e6e8e123fcd
GET /likes/style.css HTTP/1.1
Host: widgets.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/likes/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:59 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"5bfee306-12d7"
content-encoding: br
expires: Fri, 10 Nov 2023 15:10:54 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
ak.hetapus.com/?z=5668484&syncedCookie=true&rhd=false
95.101.10.43302 Found 0 B URL HTTP/2 ak.hetapus.com/?z=5668484&syncedCookie=true&rhd=false
IP 95.101.10.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=5668484&syncedCookie=true&rhd=false HTTP/1.1
Host: ak.hetapus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 744
Origin: https://ak.hetapus.com
Connection: keep-alive
Referer: https://ak.hetapus.com/afu.php?zoneid=5668484&var=5668484&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=b6573ca142d34a2d880aea3aed42fc86; oaidts=1674761400
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
content-length: 0
x-trace-id: 1295f692ddc4e552e5fa18b986cf297e
link: <http://bem.cdnctrl.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
location: http://bem.cdnctrl.com/go/59fb1f41-9449-401e-9125-77481186b96b?cost=0.000262&clickid=642558485904757708&zoneid=5668484&campaignid=6207804&bannerid=15273496&passcost={passcost}&rdk=rk3
access-control-allow-origin: https://ak.hetapus.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Thu, 26 Jan 2023 19:30:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 19:30:00 GMT
set-cookie: OAID=b6573ca142d34a2d880aea3aed42fc86; expires=Fri, 26 Jan 2024 19:30:00 GMT; path=/; secure; SameSite=None
oaidts=1674761400; expires=Fri, 26 Jan 2024 19:30:00 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 02 Feb 2023 19:30:00 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ebb52ae860e35aeb31ba6d5347b8c30f
e8cf327f2307f7da76168a2472137c0b8c45ceab
e5e692eef6fd9c2a4dd9602e3522fd18ec861c80c8f9933b76bec80e50b5c497
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 19:30:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 14:07:11 GMT
Expires: Thu, 02 Feb 2023 14:07:10 GMT
Etag: "e8cf327f2307f7da76168a2472137c0b8c45ceab"
Cache-Control: max-age=584829,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fba9217a60b512-OSL
bem.cdnctrl.com/go/59fb1f41-9449-401e-9125-77481186b96b?cost=0.000262&clickid=642558485904757708&zoneid=5668484&campaignid=6207804&bannerid=15273496&passcost={passcost}&rdk=rk3
3.70.16.242200 OK 248 B URL HTTP/1.1 bem.cdnctrl.com/go/59fb1f41-9449-401e-9125-77481186b96b?cost=0.000262&clickid=642558485904757708&zoneid=5668484&campaignid=6207804&bannerid=15273496&passcost={passcost}&rdk=rk3
IP 3.70.16.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 3f86bf68b1dcc0818ecd746b0099062c
b855a1627bc5e99064b540855ecdab45d2641eef
6b3d02dcfa1b65e346c580138345d3bb9c1ec022a830f5856e207dd85bfa701a
GET /go/59fb1f41-9449-401e-9125-77481186b96b?cost=0.000262&clickid=642558485904757708&zoneid=5668484&campaignid=6207804&bannerid=15273496&passcost={passcost}&rdk=rk3 HTTP/1.1
Host: bem.cdnctrl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 26 Jan 2023 19:30:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
ETag: W/"125-fJgnQ/59eIyt/6YDBpMArSb734c"
Set-Cookie: bemob-uniq-visit:59fb1f41-9449-401e-9125-77481186b96b=1; Domain=bem.cdnctrl.com; Path=/; Expires=Fri, 27 Jan 2023 19:30:00 GMT; HttpOnly
bemob-rotation:59fb1f41-9449-401e-9125-77481186b96b:random:569288e7f9acf09375c3f4295af38266=0-0-0; Domain=bem.cdnctrl.com; Path=/; Expires=Fri, 27 Jan 2023 19:30:00 GMT; HttpOnly
bemob-click-id=T6GNaabWTpxmRRZ7zk4vbP; Domain=bem.cdnctrl.com; Path=/; Expires=Fri, 27 Jan 2023 19:30:00 GMT; HttpOnly
X-Response-Time: 17.180ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b3c294195969c7a8b91e78d42f5d616
b5be141a51ad1dc3caca2cdbcadafdaa77f85963
f8a6338036b515341c1194e8948171c5d7d4779ae06a6241893a87b509b350e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8A6338036B515341C1194E8948171C5D7D4779AE06A6241893A87B509B350E2"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8631
Expires: Thu, 26 Jan 2023 21:53:52 GMT
Date: Thu, 26 Jan 2023 19:30:01 GMT
Connection: keep-alive
zt-za.link/tenor1/
104.21.71.80200 OK 0 B IP 104.21.71.80:0
GET /tenor1/ HTTP/1.1
Host: zt-za.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
set-cookie: wordpress_sec_895460512207fb0cfc4450d456065ddd=; expires=Fri, 10 Feb 2023 07:29:55 GMT;secure; HttpOnly; path=/wp-content/plugins; SameSite=None
wordpress_sec_895460512207fb0cfc4450d456065ddd=; expires=Fri, 10 Feb 2023 07:29:55 GMT;secure; HttpOnly; path=/wp-admin; SameSite=None
wordpress_logged_in_895460512207fb0cfc4450d456065ddd=; expires=Fri, 10 Feb 2023 07:29:55 GMT;secure; HttpOnly; path=/; SameSite=None
x-pingback: https://zt-za.link/xmlrpc.php
link: <https://zt-za.link/wp-json/>; rel="https://api.w.org/", <https://zt-za.link/wp-json/wp/v2/posts/2109>; rel="alternate"; type="application/json", <https://zt-za.link/?p=2109>; rel=shortlink
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzsNBylv6XYu6DNAK0Kg0d%2BIB8YCLpYB6b8ajhYp1Gu0vnySIhb7MJwPKfd1rr210ciEFJvyVtAu9lGKUx3uRyQhPBhZAh3U2Yh4sfP2ItOCOvD7No4Y7nrgfFmJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fba8f95ac90afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/-DgjaQtcEr8?feature=oembed
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/embed/-DgjaQtcEr8?feature=oembed
IP 142.250.74.110:0
GET /embed/-DgjaQtcEr8?feature=oembed HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 19:29:56 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=iciyXMJyhyg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Ylb6tl3qDSc; Domain=.youtube.com; Expires=Tue, 25-Jul-2023 19:29:56 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpBME5UUXlORFl6T1RBME1qRTJOQT09ELSpy54GGLSpy54G; Domain=.youtube.com; Expires=Tue, 25-Jul-2023 19:29:56 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+212; expires=Sat, 25-Jan-2025 19:29:56 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
IP 192.0.77.32:0
GET /wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"63242ce6-45a9"
content-encoding: br
expires: Sat, 16 Sep 2023 07:59:40 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
0.gravatar.com/js/gprofiles.js?ver=202304z
192.0.73.2200 OK 0 B URL HTTP/2 0.gravatar.com/js/gprofiles.js?ver=202304z
IP 192.0.73.2:0
GET /js/gprofiles.js?ver=202304z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Thu, 02 Feb 2023 19:29:57 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJx9jksOwjAMRC+E61Z8ukIcBZnELUmTtMSOELcnRYgV6mr8mTc2Phcwc1JOirHAEsrokqBnXchM3x5FqcqIcbYlsOBKkFEY5hzRC64Koq+6a7zs8H9ocFNlH4UL3ynZwHnDTDa6BDfKGEmUc61Ac/1p6wJNTiIr7JsWry6Z32DIH7Ot7CWeu1O/P/Rd2x79G9iAXtA=
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??-eJx9jksOwjAMRC+E61Z8ukIcBZnELUmTtMSOELcnRYgV6mr8mTc2Phcwc1JOirHAEsrokqBnXchM3x5FqcqIcbYlsOBKkFEY5hzRC64Koq+6a7zs8H9ocFNlH4UL3ynZwHnDTDa6BDfKGEmUc61Ac/1p6wJNTiIr7JsWry6Z32DIH7Ot7CWeu1O/P/Rd2x79G9iAXtA=
IP 192.0.77.32:0
GET /_static/??-eJx9jksOwjAMRC+E61Z8ukIcBZnELUmTtMSOELcnRYgV6mr8mTc2Phcwc1JOirHAEsrokqBnXchM3x5FqcqIcbYlsOBKkFEY5hzRC64Koq+6a7zs8H9ocFNlH4UL3ynZwHnDTDa6BDfKGEmUc61Ac/1p6wJNTiIr7JsWry6Z32DIH7Ot7CWeu1O/P/Rd2x79G9iAXtA= HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 11 Jan 2023 21:03:38 GMT
etag: W/"63bf242a-861a"
content-encoding: br
expires: Wed, 24 Jan 2024 19:48:13 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
zt-za.link/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
104.21.71.80200 OK 0 B URL HTTP/2 zt-za.link/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP 104.21.71.80:0
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: zt-za.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/tenor1/
Cookie: wordpress_sec_895460512207fb0cfc4450d456065ddd=; wordpress_logged_in_895460512207fb0cfc4450d456065ddd=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 01 Feb 2023 22:31:22 GMT
last-modified: Thu, 21 Jul 2022 12:23:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 75513
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsxjr%2BfzijVS8hZa5bHXq2yLsMZjrFj9ZiuxUkBLbZN1gK82SgPQyvJwYGa%2FTXaXIss41WXALic0ER88DU0EHIo2r2VTlB05UcfHKtfXxgiFErqHJK8ZXoXBbl%2F8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fba902bbbf0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
IP 192.0.77.32:0
GET /_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 Aug 2022 20:22:35 GMT
etag: W/"62f6b68b-4b6b"
content-encoding: br
expires: Thu, 23 Nov 2023 21:55:46 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d3/92/14/d39214d9ce22b91f42ca0c079367d213/1627917082.png
45.133.44.10200 OK 0 B URL HTTP/2 cdn.cloudimagesb.com/cti/d3/92/14/d39214d9ce22b91f42ca0c079367d213/1627917082.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
GET /cti/d3/92/14/d39214d9ce22b91f42ca0c079367d213/1627917082.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: image/png
content-length: 33594
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 15:11:31 GMT
etag: "61080b23-833a"
expires: Sat, 28 Jan 2023 19:29:58 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
bemc.cdnctrl.com/?redirectUrl=https%3A%2F%2Fecomuster.com%2Fzaful%2Fzaful.php%3Ftrgid%3D82742416%26gasc%3D1%26subid%3D5668484%26cid%3DT6GNaabWTpxmRRZ7zk4vbP
3.70.16.242200 OK 0 B URL HTTP/2 bemc.cdnctrl.com/?redirectUrl=https%3A%2F%2Fecomuster.com%2Fzaful%2Fzaful.php%3Ftrgid%3D82742416%26gasc%3D1%26subid%3D5668484%26cid%3DT6GNaabWTpxmRRZ7zk4vbP
IP 3.70.16.242:0
GET /?redirectUrl=https%3A%2F%2Fecomuster.com%2Fzaful%2Fzaful.php%3Ftrgid%3D82742416%26gasc%3D1%26subid%3D5668484%26cid%3DT6GNaabWTpxmRRZ7zk4vbP HTTP/1.1
Host: bemc.cdnctrl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 26 Jan 2023 19:30:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
etag: W/"e4-TNonb6qyzpVcl7lLSDSLzcm5nGc"
x-response-time: 40.502ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/_inc/build/related-posts/related-posts.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/_inc/build/related-posts/related-posts.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.7.1/_inc/build/related-posts/related-posts.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.109.35200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.109.35:0
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d8e397c3ccc0a0274bb6684dd5303c51
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 26 Jan 2023 19:29:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7Xi7EvJ2tx4357qgL964UoxJtvgLIGRkT%2FqdzslyaQKyPIDHAbrNkjQUBrr3gsDabjcwm2VfHZJ3C%2FFkPhUDsmzEvuo0j4zN2qJpqEVEIaVm6lWtgyArjkdujA0ISfvCXwHoqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fba90dca118e38-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/services.min.css?ver=202304z
192.0.73.2200 OK 0 B URL HTTP/2 0.gravatar.com/dist/css/services.min.css?ver=202304z
IP 192.0.73.2:0
GET /dist/css/services.min.css?ver=202304z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: text/css
last-modified: Tue, 03 Jan 2023 09:10:35 GMT
etag: W/"63b3f10b-ca5"
content-encoding: br
expires: Thu, 02 Feb 2023 19:29:58 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/hovercard.min.css?ver=202304z
192.0.73.2200 OK 0 B URL HTTP/2 0.gravatar.com/dist/css/hovercard.min.css?ver=202304z
IP 192.0.73.2:0
GET /dist/css/hovercard.min.css?ver=202304z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: text/css
last-modified: Tue, 03 Jan 2023 09:10:35 GMT
etag: W/"63b3f10b-1f86"
content-encoding: br
expires: Thu, 02 Feb 2023 19:29:58 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
IP 192.0.77.32:0
GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5ffc31a9-465"
content-encoding: br
expires: Fri, 10 Nov 2023 15:10:53 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/hoverIntent.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/hoverIntent.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/hoverIntent.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/_inc/build/photon/photon.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.7.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/css/jetpack.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/css/jetpack.css
IP 192.0.77.37:0
GET /p/jetpack/11.7.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 16 Jan 2023 17:26:50 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.7.1/_inc/social-logos/social-logos.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.7.1/_inc/social-logos/social-logos.min.css
IP 192.0.77.37:0
GET /p/jetpack/11.7.1/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:55 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
content-encoding: br
expires: Fri, 26 Jan 2024 19:29:55 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.wp.com/likes/master.html?ver=202304
192.0.77.32200 OK 0 B URL HTTP/2 widgets.wp.com/likes/master.html?ver=202304
IP 192.0.77.32:0
GET /likes/master.html?ver=202304 HTTP/1.1
Host: widgets.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zt-za.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:57 GMT
content-type: text/html
last-modified: Wed, 05 Jan 2022 13:04:34 GMT
vary: Accept-Encoding
etag: W/"61d59762-ae1"
content-encoding: br
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
public-api.wordpress.com/wp-admin/rest-proxy/
192.0.78.23200 OK 0 B URL HTTP/2 public-api.wordpress.com/wp-admin/rest-proxy/
IP 192.0.78.23:0
GET /wp-admin/rest-proxy/ HTTP/1.1
Host: public-api.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.wp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 19:29:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
set-cookie: wp_api=%20; expires=Wed, 26-Jan-2022 19:29:58 GMT; Max-Age=0; path=/wp-admin/rest-proxy/; domain=public-api.wordpress.com; secure; SameSite=None
wp_api_sec=%20; expires=Wed, 26-Jan-2022 19:29:58 GMT; Max-Age=0; path=/; domain=public-api.wordpress.com; secure; HttpOnly; SameSite=None
content-encoding: br
x-ac: 2.arn _dca BYPASS
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2