r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Sun, 18 Dec 2022 10:04:05 GMT
Date: Sun, 18 Dec 2022 07:45:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6700
Expires: Sun, 18 Dec 2022 09:36:46 GMT
Date: Sun, 18 Dec 2022 07:45:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 06:45:25 GMT
content-type: application/json
age: 3581
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
disk.balllast.shop/Jcfriihubrp/awdbsrx1386kdpuvo/F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
104.21.93.119200 OK 559 B URL HTTP/1.1 disk.balllast.shop/Jcfriihubrp/awdbsrx1386kdpuvo/F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5a8717794e169ff47564fdb66549523
877798796da4318240f69b7de239a190a40f09d4
e18b7ce7ca443b578d7ed8c017317c270f94e029c309e360935a7945dccd72c0
Analyzer Verdict Alert fortinet Malware
GET /Jcfriihubrp/awdbsrx1386kdpuvo/F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN%2BE2zXc7AgvbxzRUPKpKoI9bkjQ%2BTJW%2FNEu%2BMoeDj1bD6%2F31ljms5rAjFTrwTSU0ETd7r7lAsI294udjaxx8oQjFCLZPFSEoOJvrSVqreprl9H3L7vitqRCR%2BvlPTScjJ3KGRA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77b646efec1cb517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10960
Expires: Sun, 18 Dec 2022 10:47:46 GMT
Date: Sun, 18 Dec 2022 07:45:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5KD36A3tiCgueC7iya0UjLfbfk4L1wu7Hi4yh5SHPQp5qbSqVv39sLDwrJm7dG6etw0lnwGdjP4=
x-amz-request-id: 4MDJXTB5VJJE7GYJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 06:52:06 GMT
age: 3180
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 07:45:06 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
disk.balllast.shop/jquery-1.11.0.min.js
104.21.93.119200 OK 33 kB URL HTTP/1.1 disk.balllast.shop/jquery-1.11.0.min.js
IP 104.21.93.119:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
GET /jquery-1.11.0.min.js HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/Jcfriihubrp/awdbsrx1386kdpuvo/F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:20 GMT
ETag: W/"6388f8d4-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3839
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdVTVcoPhNVEqFQUG%2Ff1zog3JzQJ34V8vobAw7mMMyuhscx8sX0do2kO5VigSJ5wumGFaXucc7YVQzslUj%2B1w1y6Lv5esXsZc6nyNvGmoj%2BKx93424BpxQ%2F91w6P6mJGEi2zpHw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f25e26b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
disk.balllast.shop//offer.php?id=172&sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
104.21.93.119200 OK 344 B URL HTTP/1.1 disk.balllast.shop//offer.php?id=172&sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (308)
Hash b2fded8b9471bd963e52ddabd73f9c30
627c62d1a63cf66700044b9b0abad784530740e5
307e866ce964d4df034ab7bdb2554207e5e3dfad5aabc1f9ca974ec0b1564966
GET //offer.php?id=172&sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/Jcfriihubrp/awdbsrx1386kdpuvo/F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Leq5%2FF1094fw%2BX0lW0WQbOj6rzEZAJKw8rW%2Fhq1Y7nXxTJEJwj%2Fjdqg9x78%2FVQ%2BBHyT9b%2FXbXcWbQlZlI8axRTrPMJpIrFIYNFS87i%2BgPt2mV7huCe1%2Fo7He01GK4f9LlvuRuk4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77b646f30ea4b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
104.21.93.119200 OK 6.6 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (485), with CRLF line terminators
Hash 21e611008f7508226409ec8f249d9dbe
e0f1039bf4e7730b6d944e82c097a24488da6eeb
4ecb10205743b2fc05f8f1b69788de2f7ac4d47f4b3e5c81c3cf0384c459e3e8
GET /clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln2l%2Fpn9%2FdLBNZKdUKwgaviBNl4XZ%2B9BqTcBzmc8P0ehoFFL%2BvZglq0lBgov2mUcccQgJjg8vdN9GeutITctzzcYm0aL2P9Dycw5qnxxoQ8NYrWlyEEQ8fzaxo65abrel8XDKd8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77b646f4a849b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/jquery-3.2.1.min.js
104.21.93.119200 OK 30 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/jquery-3.2.1.min.js
IP 104.21.93.119:0
File type ASCII text, with very long lines (32058), with CRLF line terminators
Hash 044dd3ebc6f866d2f19f4461526047a4
72c5978d6ff1ad56b2d33516a7fbb4d5cfd9a97a
7c1fb6c8cda1e037a01d8dfa1b11a57b8e1673c6abb4522ff2a9bb9070ec87e7
GET /clicks/iTrack_files/jquery-3.2.1.min.js HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-15287"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7m2Yfl%2FDbaQ6jBHkMc9sls2zF5fASgIOvM6%2Bb178pnvApNZpwem2LiW4CE1cHR4KWAGFpv2KZVY5bhGCOYkGtPke3eJyo3RiY1EjhF8wW5HQaDcIjQkkWyNUEULQROnOS15YzR8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f67f0c0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/jquery.social.sharing.js
104.21.93.119200 OK 422 B URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/jquery.social.sharing.js
IP 104.21.93.119:0
File type ASCII text, with CRLF line terminators
Hash 0255440ce4b0b41a5e37c3f3b51bff91
c00de34ab49d78cfd1cb76035602afa54f941d8a
288476016aaa0f1c7cf137550ee42642ff3bce6524150fc27ff4cee5b25cb9ff
GET /clicks/iTrack_files/jquery.social.sharing.js HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-327"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ztc81HcFaHM6E7UEpzARpeltkuLeT83vollLL%2BlMPd%2F4mlhkEvH9m5gF85JyaEbL4I6FpHRV7c8JrlrMi%2BJhHfRnco5BUTPeY2fteNCQiPkosFsT%2FA%2FQLoTyfEBm0b8O62t5xhM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f68f190af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 0bea1d0585fc80b7f3f648e9a95e2649
704c944b9c3c53f5c244796da047e9e30fbe3e98
e67e65eb8680fa945911662368d4f6f81d5df99d2ecc86b0bcab4aab1f44ebef
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Dec 2022 07:45:07 GMT
expires: Sun, 18 Dec 2022 07:45:07 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 07:08:00 GMT
age: 2227
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
disk.balllast.shop/clicks/iTrack_files/css_002.css
104.21.93.119200 OK 338 B URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/css_002.css
IP 104.21.93.119:0
Hash 1edd2ac3d7761f916000dfd159d3f42e
dd14df8eb1c659ba50cb8937a69698666414810c
7c9a7d2053ba333d2bba6278fdeeaf857350cc699b1046800ee6c616072d84af
GET /clicks/iTrack_files/css_002.css HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-2d2"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQpCLfEg3S4JTUAoD59YRwvlYXea62WVDHFvvtZVDpj%2B%2BKMvLPo024HCzUyeDx%2F8%2Bbgo6Z78irYGwqqPjbaEcrm41ziu1bQsBKHf65Akd5gMADoCa7WpASZv6uw1iAV16XrQIlo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f65f29b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/css.css
104.21.93.119200 OK 1.0 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/css.css
IP 104.21.93.119:0
Hash dc8145e4dd788530c20987afe075d60a
99db714da7a3ab721155f94d8b362b3d5779191f
f15f9af86d964ea196669f145ccdeb8f127bb43137818c1ae34f3591c79f83ac
GET /clicks/iTrack_files/css.css HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-51a3"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xv%2BeMRhAWLKUQwiR8jCohh%2FOWQNs37x8MO1oWRjlbE5RTj45eh6GNqLRNwJbqzOjLsn%2BzPjsGz597c%2FnzVnj8rZnUYadcYYR0ySNaoiSvZgoPBZHw5DrGBAsf67x72GDE9PZBzw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f65efeb4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/fontawesome-all.min.css
104.21.93.119200 OK 7.3 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/fontawesome-all.min.css
IP 104.21.93.119:0
File type ASCII text, with very long lines (33449), with CRLF line terminators
Hash 1a585fded87bc56098e8fe467748178b
f0514c23a710ec537dcece0e54542b13377e2026
70c74854160e08e8bf298f54fa0eec4307b68d1d69e8126e85ab094b5c149ca5
GET /clicks/iTrack_files/fontawesome-all.min.css HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-835f"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1biye6GcEJifAe6iTHH3n9%2FfT0FdFShZp4PLrolVQdfVxH6KZnhPfxmt3JoPBH5EVmnPPno3Xw5VhiWaOGWiDLllQOp8420AIwlfu9IHvZRTSXWv2PtJE3j%2FZY75DqZSiHeHmc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f65f50b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3118
Cache-Control: max-age=94422
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:07 GMT
Etag: "639d86ab-1d7"
Expires: Mon, 19 Dec 2022 09:58:49 GMT
Last-Modified: Sat, 17 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
disk.balllast.shop/clicks/iTrack_files/bootstrap.min.css
104.21.93.119200 OK 20 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/bootstrap.min.css
IP 104.21.93.119:0
File type ASCII text, with very long lines (65371)
Hash ec33cc046e01c53aec64024058d8de78
d7df0f7a5a950ec42f3f950d5a4eb5dfa0993aa0
73fdef7c62fb183ccf51e35598666c094b3a3b92de0160fb946a708fb1c0f1b9
GET /clicks/iTrack_files/bootstrap.min.css HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-1d970"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7hLJs6UPWoVjgAk12JctqgBDGVx%2BtyCdpQHDdn7UXAblhxyOeVX86%2FfcIclYelKCIkyejNYDyufeWF24Za838eQDoJ7pG7TwDgxAhpausIxVn%2FFHeV6K9t8fYhu3SB3ojiRDcw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f64988b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/style.css
104.21.93.119200 OK 3.0 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/style.css
IP 104.21.93.119:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 1b5c0b8026b3f679da38c907364d9e37
cea7b729a8e03f5a4e8dcb0f4977490a7263a2d0
aaf369e727724cc8cd567cfc0c0b3891a374e445de29a3954f91df4cfdc0c33b
GET /clicks/iTrack_files/style.css HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:51:12 GMT
ETag: W/"6396c150-36d7"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=884ShmOo5vLSkWtS8tJ8PymU1%2BSASL3LK3yn1eSS%2F%2FCYjmc3iZAWorfByCX%2B4X55Gb4BNanzDbg3TRmBhiTyBkU06O%2F0D7XxllkCqUV5fwKI3nZnkHUmLfVQajV3fRHEsXUEC3k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f6594db4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/sisi.png
104.21.93.119200 OK 6.0 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/sisi.png
IP 104.21.93.119:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash ce2a05cd7f9e6d28e3b9e40fd203174b
416c50090b454770f13ebab74142896b6ba7ab97
0473da3eb3015c81e346a4b576dbc6a0623d3c7d4d8daa7bbf260f0662f09024
GET /clicks/iTrack_files/sisi.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 6021
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1785"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7198
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8GAfJyJFMJlobyNhQyDafwgZQzNwf5XQ8e%2Fs9a%2FJYwYH%2BW%2B%2Fg3isC5GjFdqL4i3qe1Sd0v72cli9hZc7LZ9TVDVVZFz4Q6YmIgcAfObqEgmd4OSaAxpOgOBfSZXdOczYZr3Pjs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f838b8b523-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/jenny_user.png
104.21.93.119200 OK 7.2 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/jenny_user.png
IP 104.21.93.119:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 8418f3a855bb1648809b2d4afa5a8fdb
f9f832dbe7054763b3a873e43b77a32a9023157c
0aa5489dcf4270f744437f912baf36538f1d54d04face93dfd4a740c3d306a94
GET /clicks/iTrack_files/jenny_user.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 7170
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1c02"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7198
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP%2B0iTEy6hHrMbRIe%2FK4lSyJJsChsMQTTZgOaUZFoeOwLstF13FdfRIYtiYUhds32zeUAMmgbT6v74jxNCBFWWbreGF4P8rIBDbITUJZOJioIb7WO7hJTgDfW3qIbuXE9RpiOs4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f8388eb505-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/jenny_b_sm.png
104.21.93.119200 OK 79 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/jenny_b_sm.png
IP 104.21.93.119:0
File type PNG image data, 610 x 400, 8-bit colormap, non-interlaced\012- data
Hash cc292e7fc0a14c3ba375cf40810298dd
7da3885b8376a06f38b328972180cd9df713dbd7
d74b039e6cc013d8cf139ac882572278a534bf9749da080c2471b3c769071fdf
GET /clicks/iTrack_files/jenny_b_sm.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 79275
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-135ab"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7198
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCKGSNMPZJ9Mc0BfEURBi%2FSrZdaeOTNWsko1jQRLCkyZ1QQB2Kuo09uhtDf08Fehlo2CANrolreVQ6%2F5idjWW8PsOr0Z3TEm5QenJy99Kd3%2BMEB%2F7dfwUiMuZP8ziug15DXhKGI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f83b0ab517-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/win.png
104.21.93.119200 OK 22 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/win.png
IP 104.21.93.119:0
File type PNG image data, 300 x 384, 8-bit colormap, non-interlaced\012- data
Hash 0c80602d00c6e811d591527c6d879b6a
6f7740f4170a46c9f01743fc964f5e0ee573fc0b
a6b41a873b54b0d8fcac150fac65446002149d9fed53248f48ce4864457adbab
GET /clicks/iTrack_files/win.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 22413
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-578d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7198
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9rLv%2FdPSddG05Diib4WU2tOVhe8YZbh0okR79KwoFjGi6ZmapzaGxMfNR8tF%2BLsiMzhDY6tMME6daeW9Zl6s%2F38x4%2BrSXM1UgO1i9x2As74hOM7d%2BCuvdPyEzTnMLqSi5DkaXs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f83afeb4f1-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/sara_user.png
104.21.93.119200 OK 6.4 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/sara_user.png
IP 104.21.93.119:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 1c0a3ca0873745fcfab45ab10baa42e7
ffa7619c6ad70cc86706274581fc834ac5a80d40
1516c7f4d64bf52f28fb9310908dde2357ebe9e34a431d2eb00c3ac5ce0c0b96
GET /clicks/iTrack_files/sara_user.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 6414
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-190e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7198
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4GIEedpHGTDAv9%2F3AtjLNcpTS%2BMdimbltjnCPuIg0P%2F7ytPRgrKc7p%2B%2FXAPVVwlNhuC7UJ02G2tsw3CUu78OxRJS9IkPLN9mVLMfFCTP8QYLlnUIC1sx9OBkU3IQJ9ak6dR9dU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f8387fb4fd-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/logo_white.png
104.21.93.119200 OK 2.9 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/logo_white.png
IP 104.21.93.119:0
File type PNG image data, 190 x 60, 8-bit colormap, non-interlaced\012- data
Hash b525beff76a55e6db77732f69c94263b
5548005acf609af30a4ac575212c251872e56789
cf830a1c4a340625c010c646438bc0ef0832df9541a8c76916de38ba30e0e8d7
GET /clicks/iTrack_files/logo_white.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 2891
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-b4b"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7198
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOyhA2l65aMbHlG42p%2FdNGI%2B4EJPssDoaPs1gL6MEvu2RMu1SBJWFlh6m%2F3uVkfNCSni4Pgdcw3g6LlEc5MEYjx505gw%2FMNg54WuE0kPFBOoREM65WsYmPSmXHqAmBN0DNQdSno%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f838beb523-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/itrack_right.png
104.21.93.119200 OK 40 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/itrack_right.png
IP 104.21.93.119:0
File type PNG image data, 300 x 454, 8-bit colormap, non-interlaced\012- data
Hash 6cea86e0a0be249a273d5ac6673488d7
8ce27ff4cf2a9f9f9376d742477faffcffbc1c65
08f41aac45dcfac36dd2f8db34daa55682e9ce4eb0dcd754913ebab68e6111a0
GET /clicks/iTrack_files/itrack_right.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 39499
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-9a4b"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebIeB3HvRq54EOtaXi20pyQ32tvhOpE89%2FJ53kiZntSn0qxEGweNWchh1fot4cf%2FtRRZNh98Fu0LORZq1WrvxdZO7Hd0FZ9slrstq6Vem5%2B%2BgmC7m3yywLuZPuMH2unk2y723Fo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f8389eb505-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/cuting_edge_image.png
104.21.93.119200 OK 4.7 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/cuting_edge_image.png
IP 104.21.93.119:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash 9632923c638b41d5e862e8097e2f3043
6317b0edce17e64a3c681114bff1a5c7557486e0
3bfbd0de404e654b352a659328cb626e8e6eedd2b8800aaf37541197f9be2beb
GET /clicks/iTrack_files/cuting_edge_image.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 4672
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1240"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg3FGKSDZf2pKitzPZ8C8b1G%2F6B0XyUdI71rlBcRhhrew%2FRCz2fDXKt9XklTmB%2Fv636rUHbgviGxj7xkQfSRAstcy6GD7VxorJ0a91i2VYwsVd4o4t3A6JTZKL659rcox5UNYoY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f84896b4fd-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/how_it_works_image.png
104.21.93.119200 OK 146 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/how_it_works_image.png
IP 104.21.93.119:0
File type PNG image data, 750 x 480, 8-bit colormap, non-interlaced\012- data
Size 146 kB (145878 bytes)
Hash 286e53c489534a386c7dae43de5b3837
69b376933428dd563d05acf051124ce4cd0be146
174a10f422bf0ec54d7ca1e8224e9b09f460e3b90edb195135255fea04ed7777
GET /clicks/iTrack_files/how_it_works_image.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 145878
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-239d6"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWGajlEHORFeitaQEOVOLTeG1js%2F56Px4o1G%2F9NyG5gd7qUnlRyWCBXOxUSGblgRTl%2BuN%2B3YYL9kl79uxl2%2FBLpM8yLVYfDPuonECPUABuLPfT%2BlXbCQF8AqhZ31rNCNATm8jTM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f84b16b4f1-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/why_should_background.png
104.21.93.119200 OK 62 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/why_should_background.png
IP 104.21.93.119:0
File type PNG image data, 731 x 388, 8-bit colormap, non-interlaced\012- data
Hash 22fa761c4e80913d0c8866f72162a8bb
b397e49f022678833fddb18f428593685b767e26
216b53f95e0dfbebea152712e946795a586d392d1a2d9fdddb2a1777e2c8e9a8
GET /clicks/iTrack_files/why_should_background.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 61559
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-f077"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpuAiow2oybfUFBkCCKXzPrapseJ7zexrP5GysSe8nofovTkzv26AGQp8XmDUSWth%2FEN1SCqRLHdohE48e3v7fk2x7lzZBVV3rAK65AAB4cXTZ91uCEogk3MUzRRVxiAfPcJEgk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f84b25b517-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/small_and_discrete.png
104.21.93.119200 OK 4.6 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/small_and_discrete.png
IP 104.21.93.119:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash 0321ae8c549c261e5d515434b55874f1
b8628c44bc019b802b21aaf7ef830ff0ed93d9ab
deaf0449940694c6674aab08c1a2cd5624ea98e667f6ea07c6ed1ff4b29eb6f2
GET /clicks/iTrack_files/small_and_discrete.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 4601
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-11f9"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYjYCfA2B6d6D8bE9WS640lcaB%2BMOFE%2F11OJW5F7WRuHzvzD8G3fAjuyZjxkwBqHEJksKs3sOtmBm%2FS3vnB7FlnUV0jaCvsZdahAGETlAsj7rAmsk6mvo7DECmetJ2G8Ie%2BcQ6E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f858ceb523-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/free_access.png
104.21.93.119200 OK 5.2 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/free_access.png
IP 104.21.93.119:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash 62817f297087b34bb3d29dca0ccd8c09
adfeba6771d16eefc05185436dd6bb08d33ac467
4d5b236eb6eb5396cbb0d295a54103c86c3ba02a353a7be1fe7758e967d855db
GET /clicks/iTrack_files/free_access.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 5151
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-141f"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVK%2FFo61OYGkAgYwoJVwAOEuRyWwGGYxT%2FE24vidc9dvYQH86XUbD%2FK5o9bp2swH1LQUFGrIQjs6yENEkHoumsw4%2FHZJx%2FD3tEyxvvrw%2BKkKj0Z8zQZd2eN3egdbfjT7eVkKjIY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f858afb505-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/set_alerts.png
104.21.93.119200 OK 4.9 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/set_alerts.png
IP 104.21.93.119:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash 64ef5f8fde58811d6ea6828050c412c5
1b2a287711e06f70b686c53ba9243340c8e75360
44bf1b46342194be7fc73fb32d31d9c36212b6651c509825e373b4b7d896521e
GET /clicks/iTrack_files/set_alerts.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 4856
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-12f8"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diRH%2B39Ntsu5oEfMYJ7YvZZbKuQvINgeByxux8JxqBRsRn8%2FUloWkETnNFjXWnwctk1qAk6wJwzSNo5lz5Qjz4QLbEIW2IakicEockQ2qFGf%2FdGF%2BiVwq3XuvkkkmSuGQVjP6WI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f858a4b4fd-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/any_car.png
104.21.93.119200 OK 4.9 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/any_car.png
IP 104.21.93.119:0
File type PNG image data, 149 x 150, 8-bit colormap, non-interlaced\012- data
Hash bba6edb84b71a14becd191af4054cefb
d63f14933e1bf187b98bac33b2ab040b20ef4eec
361415d77c8b00cc59c280211cadb83d92e7eafd821cd506c668e166827386a6
GET /clicks/iTrack_files/any_car.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 4888
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1318"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBYtmW3nl%2B6bXbGDsaNvfrFMUGkQP4Q4%2FMemUlqqg0Fn5sR2kohfLipQM%2Buy7boHiAyCGUlhIer5LrmoaeqqGx4Za%2FsA6WLWuEPY1JOUPsSzAV0epb7ZhKEPXTqkBvu6XAMHgYg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f86b26b4f1-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/script.js
104.21.93.119404 Not Found 131 B URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/script.js
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/iTrack_files/script.js HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiK3n2C2iYlFiLPLXkxtjYBQuAtK%2BczfrqUdBUQrf7maxpwOc10Mmiw67Wand28IGJKdGFXtCmWG85BT%2B1ios4o3q8ZFTU6r8ydc03sBCdcCwLBRMJGVBZI%2BWfZrMvqmx27G%2F%2Fo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f6af210af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/gps_track.png
104.21.93.119200 OK 88 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/gps_track.png
IP 104.21.93.119:0
File type PNG image data, 543 x 373, 8-bit colormap, non-interlaced\012- data
Hash 833539ad94309373ae997da0282134aa
649fbe66909f754cbbb58af82f2b65a62f974e11
231e97a8d1bedf2c8c15e76a0345ab2002da9621442729973c5e12bca76e28fa
GET /clicks/iTrack_files/gps_track.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 88244
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-158b4"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwTrqP%2Fv6RkzhhqLLY%2B%2F6NtUcRkJHZHJAQ2NUgG8%2FjtekNOT7EPGRSGZ92Ftdwivyk2rdwi%2BkfMy4853zhWcxCXw3tc9MtbuQfXs91zk8HHAInnLe3vjIUw3R%2FD67Q%2BpGaWcOyU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f868e4b523-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/brahim.png
104.21.93.119200 OK 6.1 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/brahim.png
IP 104.21.93.119:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash b87886205663e0bf0968e5686949a531
ae946736843b6d9b20ff0956977b4fc03da6ca05
f52ab98bd382e27042a046485de7e9f1ab08c3c95db02a3468efd55705385c6c
GET /clicks/iTrack_files/brahim.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 6136
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-17f8"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHr9E2bE1cphpUJn9nOTtEJwq9cd8%2FUku%2FEvIMWX5YofUDKCDW%2BY3K1dR9GFWiqhL6ewaHhudZwNY%2FALe7l9tU7ZrulaoXZrelFIoPA4nxzyuxeQ%2FJ63bUpbYY8P37ltxLU1Bvo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f868c7b505-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/hurry_image.png
104.21.93.119200 OK 59 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/hurry_image.png
IP 104.21.93.119:0
File type PNG image data, 750 x 480, 8-bit colormap, non-interlaced\012- data
Hash 765192cad7f03e050291bf5f97298d40
38dd0b500aaa6e9e9d268cbb572a58c0aaa74e15
3aa8f081ed82aad1900fab8eebfca8d7abd383a439abe63a5913146f067b070b
GET /clicks/iTrack_files/hurry_image.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 59232
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-e760"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3N%2F%2BAMpSz4Y4%2FABYm5MrD7%2F2%2FCSuJpLcmfBPKlbBJWE%2BZZQkZkfrJjCCzVDhjhqtjKt9ITK7oIoPK7hfegR31%2F3kfm4b0Yk%2BYsVdXw%2FcdsB1vESyzUKW0xmKAtlriC5pO4Kvoc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f86b32b517-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/amine_user.png
104.21.93.119200 OK 6.0 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/amine_user.png
IP 104.21.93.119:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 134488bacacf9b44edaf989d6bfcad1c
3ac624c103eb4dfef65dc7e5a823f1b311794fcd
4db2e068c0287ae9aae0eb22620cb8e14c74cc67e42d08b543f94be336011c06
GET /clicks/iTrack_files/amine_user.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 6024
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1788"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BP9p4j4fj0ChYsqAPxL3FnQfTI3eOa%2B8jaFOOG9WlODfURLDi7R7agq%2BdbHn3fColHE%2BZp7vd7HPOx1LBGCGomnsRLwx7lN6cK99cNXbRj%2FEEZZZEp6V%2BneeUnZgNlr66Zg4Wtw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f86b2fb4f1-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/conclusion_image.png
104.21.93.119200 OK 123 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/conclusion_image.png
IP 104.21.93.119:0
File type PNG image data, 750 x 420, 8-bit colormap, non-interlaced\012- data
Size 123 kB (122637 bytes)
Hash ee800efe19b89a8e43c719bd7b640937
31cdce78ad1ae08653efa960262c9573b20135c9
33eb021719b2aca56a99fae8ba5d4a017fb002d246e758cc7a55d6d1fa9a8a51
GET /clicks/iTrack_files/conclusion_image.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 122637
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1df0d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjbXSybk9JpyQDOq2k0KGHYEzWvP9I1BAKAO0M8erZvoE%2Ba%2FEXZiLJcpkVAAifrxwxTl1NxYjufBArTVD%2B6P7shHhBIHbuDZ8VBNj%2F%2BAzGekSib5b8EZX9Mk7am1haQaDoF2tRo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f868b5b4fd-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/mac_iphone.png
104.21.93.119200 OK 62 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/mac_iphone.png
IP 104.21.93.119:0
File type PNG image data, 830 x 305, 8-bit colormap, non-interlaced\012- data
Hash 84cd9215595fcb6285dc993edd8c1305
d990985089521b3334f6590e99a10ecf5f735877
5b9a22cd6b95ae48e670b83e636362cc798b0b3d4026d501c1382c64514cec3c
GET /clicks/iTrack_files/mac_iphone.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 61906
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-f1d2"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3qNsakwdm7PZF9xb0W%2Bc9hG%2BUuQ3sB%2Ffbx7xxH51K8%2FND%2Flytebx3bbO%2BbKs41WzxCeaGfZB0puJEpvsjlNp0c5e8AuemhI58s6dtWfrvZJBnMir9nt%2F8jEOq5HJi3HqjdAp%2FI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f888f4b523-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/green_b_sm.jpg
104.21.93.119200 OK 44 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/green_b_sm.jpg
IP 104.21.93.119:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 29394dd07fd148ebdb5c4d5d96eb4db5
1175a269be794310e83dc07f1b150b57690c73d4
451e5ac2beaf6d1c0f51da43556324f1197d7e21aa4fb100e8ea7c5a9090612c
GET /clicks/iTrack_files/green_b_sm.jpg HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/jpeg
Content-Length: 44000
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-abe0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL%2BVs%2BE4vpuRJKKO9D35RqtK5cRAFtg7QDZd2DdJALkrVQJaXeO8F0%2BHKxU73YhD2TtyQjYdB3V3ly7io2DsfZIBGjWmJNEdc%2FQqN5z7X%2BDDbOroCNRQyLYhRmEaFX8L1u%2FOlSo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f888dcb505-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/zarisa_del.png
104.21.93.119200 OK 5.8 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/zarisa_del.png
IP 104.21.93.119:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 249b777e4fa6987cf5cce44f74423a20
91bebe21d5536a25783c437e6ccea0a7244872ca
f13251a8da4d9812bdbf9913ec11f448fdb47235683b9aa3df299cd869b44412
GET /clicks/iTrack_files/zarisa_del.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 5822
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-16be"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3nDYXmk6T49ydQeVZ9K6Oh%2BV0R92mNoVUm0%2FFM4dh5hwp0y%2F%2BJNWK5b6SNYSYYp9JckPG6djmkLL7dPoIWdxTIW3138%2F35DpOlpc0NXk8%2FtJCb3Sl3kS9mo6JWKxI%2BRJB2Xa6w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f878c60af6-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/top_bg.png
104.21.93.119200 OK 182 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/top_bg.png
IP 104.21.93.119:0
File type PNG image data, 1600 x 360, 8-bit colormap, non-interlaced\012- data
Size 182 kB (182100 bytes)
Hash 5326d166fd0c3b7befc5ed55eaa4542b
26a6dfabd7e33577de394e0959fc9817003bb615
df9dac5f2de99f92fdf5563cf0795992def5651c7f68bbd81c315263c16a118c
GET /clicks/iTrack_files/top_bg.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack_files/style.css
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 182100
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:50:34 GMT
ETag: "6396c12a-2c754"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChGX6P%2F6lfFl%2B4BqRb1qv7nmBRaRnBNbLLuSGNol6DZYkWzJJ6%2F9eFXi2ZU1OAOH%2FFBUYmBf2yqpUvrPH7dWvoiGRUVv5DNwS17Whx77uf6lhcOqB%2F%2BBFXn8CGVYI3idE1MDsLs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f88b41b517-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/nabil_user.png
104.21.93.119200 OK 6.9 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/nabil_user.png
IP 104.21.93.119:0
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash c8d699c779a55f472c20c39932a01e29
69fee4363c7af8384ae76e9de8c0a56ad3728a0e
9e73f77be494e8d8ca35cba7f00897dcceb5b145734f4a9028aa6e8bd9f22b86
GET /clicks/iTrack_files/nabil_user.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/png
Content-Length: 6887
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-1ae7"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ec02dKfHjWG8cNQSrNAW5aefLyJ7jCpqihQVuj92priH0W2NWxgolVnqhoXp7xr9HoMZGk%2FRZYU9Xw6fWsnX80cFb6Zz5FVNDG25%2ByJXONpO6Vbgd6UF1R2%2BHgYgpNswQMEU66k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f88b47b4f1-OSL
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/amine_image_mes.jpg
104.21.93.119200 OK 75 kB URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/amine_image_mes.jpg
IP 104.21.93.119:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x750, components 3\012- data
Hash be0a7541ada8c899dc75f11e4ce3f899
02a7fa2dac12839ee392cfd86f91edb2603078c9
709c26aac82d281592c7232c943a43bcb769562dea67359d19960b3c99d12f57
GET /clicks/iTrack_files/amine_image_mes.jpg HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:07 GMT
Content-Type: image/jpeg
Content-Length: 74977
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: "6396c0f4-124e1"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7199
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgMwTobYUcSnOIHVeuVdLHC7W6LryK%2Fdu%2BweRuvxqpzpXf%2FDb9f6LeFYwsOvEtgqTzj5sKZL8%2B4qxSTvGHGxJhn9YizMwJxLxx71F3oFokLKF9308un50wJ6l%2ByYKPehnUqJZxs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f898e8b4fd-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.162.50.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.50.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LbjUmKUG9lz7zBi6SJXkZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7/Tcmn0AZMneTDwi9AlWlpzwZPw=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23600, version 1.0\012- data
Hash 96535c146ffa5386af6a241b26a3a6b4
23cd84c531d12b9ee5e2fa0d1dd7620f4d6cff57
5a993ab2e9326ab9a1d3f403acf8eed16029f1113c786bcfef3f5b529343ab81
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://disk.balllast.shop
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 15:44:21 GMT
expires: Wed, 13 Dec 2023 15:44:21 GMT
cache-control: public, max-age=31536000
age: 403247
last-modified: Thu, 21 Apr 2022 16:51:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13176, version 1.0\012- data
Hash c505a5b998cf70c98db25dd8d644c688
2a72710cb88d894cc7059122213728aefca69b97
a177f542e3506952479f8ee19c5f3fd6d20ac2e030b17e86c39a473931c990bf
GET /s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://disk.balllast.shop
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:22 GMT
expires: Sat, 16 Dec 2023 13:33:22 GMT
cache-control: public, max-age=31536000
age: 151906
last-modified: Tue, 19 Apr 2022 18:49:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22592, version 1.0\012- data
Hash 4528524c7142b4e2d5c0438763223328
d439d881fd8c4f41e77c2fb07678e53fce3e331a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://disk.balllast.shop
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 15:42:53 GMT
expires: Wed, 13 Dec 2023 15:42:53 GMT
cache-control: public, max-age=31536000
age: 403335
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data
Hash 2ca1253c8e47277b38c02353cdf32102
3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://disk.balllast.shop
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 20:36:30 GMT
expires: Fri, 15 Dec 2023 20:36:30 GMT
cache-control: public, max-age=31536000
age: 212918
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22760, version 1.0\012- data
Hash d36cf1e01f039283292b186b9c85c883
569131c8375a808d1f6a1ad22786cc6b32ec9820
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://disk.balllast.shop
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 18:56:59 GMT
expires: Wed, 13 Dec 2023 18:56:59 GMT
cache-control: public, max-age=31536000
age: 391689
last-modified: Thu, 21 Apr 2022 16:56:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
disk.balllast.shop/clicks/images/user_img.png
104.21.93.119404 Not Found 131 B URL HTTP/1.1 disk.balllast.shop/clicks/images/user_img.png
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/images/user_img.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack_files/style.css
HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KzO85K4Jdi%2BAndvhzrWOGoF7Pu6ogvnTNtYdFtxVJKvEVlkGV2pgUa%2BRcDs2vnVCV%2FOFULF1ixffHaB5g9He0TSONY5b8jWIQN8zofzLJpPKXd45WfgXp1x0UzWXfucowQ%2BAC0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f8990eb523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
disk.balllast.shop/clicks/images/ul_stile_img.png
104.21.93.119404 Not Found 131 B URL HTTP/1.1 disk.balllast.shop/clicks/images/ul_stile_img.png
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/images/ul_stile_img.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack_files/style.css
HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZZv6kFM6CcGG%2FJ%2BtmcH3Wlb%2FOGt78zxWBe6e6VEF3pgD0%2FdluwoRVHpGNSp9ZimUwtzXccOQIOYWEw%2BrJkBVVJPEUKI0VH0IT0ImK5E6modscsT%2FezH%2FXZWBgUOkWYGiZ5cjzc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f8a8fa0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/webfonts/fa-brands-400.woff2
104.21.93.119404 Not Found 162 B URL HTTP/1.1 disk.balllast.shop/clicks/webfonts/fa-brands-400.woff2
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /clicks/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack_files/fontawesome-all.min.css
HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuKeehaVkwmyoCUkrSo8wauhywBF5tE6Vqbj0O9Q%2B6856RNK3XWWUVoZHPYlXp6FMeyYwKY0YKBvrzob%2BwGxB%2FuQbm0zCbbAy0XNYX2yHSA6u0PDOgkMMe6leoUcvky%2Fg8BbTlo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f8ab68b4f1-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2
216.58.207.227200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 24712, version 1.0\012- data
Hash 251cc4687a7f55281ab73945b1f9c993
2e802717ec3767117d32fd0df9d5def4e9cb067f
d0430beb254891a46106c24d7bd556893899b3417501cf55a9315f1dd9a07fd9
GET /s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrByRCf4VFk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://disk.balllast.shop
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:49 GMT
expires: Sat, 16 Dec 2023 13:33:49 GMT
cache-control: public, max-age=31536000
age: 151879
last-modified: Thu, 21 Apr 2022 16:51:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
disk.balllast.shop/clicks/iTrack_files/blank.htm
104.21.93.119200 OK 548 B URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/blank.htm
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash cd64b4aeec0a8560c0d6527312e2c806
3b84cb918c9cf6a06d81b2aee07f5fec52ec6878
7dc0902142b34ea216d209ad68f58687c2190ebb974b2f540f61cc64b2b22ef4
GET /clicks/iTrack_files/blank.htm HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack.php?sid=1001297&h=F1QLUp4kW2LBA1JvUcSStxndPtpSXlibbmX_zKX2i2E/_-vR5vrDWfSSTxTxqikeBdPYGhAUpuzRE6FlXbtJCX7vmm7VdX7em_rBqJI_7PYH2bACApNebmjPBMH2k-fboRJPrVe4EKyxs6UKPWi1ml3ekq0uUkx97TmFn9t7AO1Z6ZM39abkWiHpokjRP72-Yw
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVAJEo37HIQSCY4dY2Wii2s9w0N%2B6lCgOTyL7zgdrMp3eDH0fxn1AYePWVdq3IDG%2FLckilr1PxTQxcZRJRmVykvC1e8c3Ajdqb9MS%2Ftgt6WDp21wsomhm9j5TgD%2F55l8KqfivqM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77b646f9599eb4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/images/calen_data.png
104.21.93.119404 Not Found 131 B URL HTTP/1.1 disk.balllast.shop/clicks/images/calen_data.png
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/images/calen_data.png HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack_files/style.css
HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br1WSrJ51cBktzJweiE%2BV0OoKuuSHVh1EoQSempdhLY21x4ke06NOLd08cx%2FAHCQcspXoLEYxQJOv3sqD9YQ6QYwHhA3cT93QqX%2BfpiH%2FfVU66DyA3Zb7j8GksWuJXimM%2Bltmz0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f8a8f7b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/iTrack_files/blank_data/inject.css
104.21.93.119200 OK 928 B URL HTTP/1.1 disk.balllast.shop/clicks/iTrack_files/blank_data/inject.css
IP 104.21.93.119:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
GET /clicks/iTrack_files/blank_data/inject.css HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack_files/blank.htm
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Dec 2022 05:49:40 GMT
ETag: W/"6396c0f4-f28"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7200
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe7ItEw5pN3ntuSJOYfcgBA560D2g9wM6sAx6%2BEEMz68af%2BbZCAkuHQiMoq%2B5uTyGxD4l%2B7bDa71hjQzzUW8IU5CI%2BM%2FJD5P%2FaYicMaJLl%2FRwTqzoOWaPIrzbR9ijeImI4VSAqs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646fa7aa0b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
disk.balllast.shop/clicks/webfonts/fa-brands-400.woff
104.21.93.119404 Not Found 162 B URL HTTP/1.1 disk.balllast.shop/clicks/webfonts/fa-brands-400.woff
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /clicks/webfonts/fa-brands-400.woff HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack_files/fontawesome-all.min.css
HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54LuV3nZ%2Fz2wVrDZJ4Z%2F6EAkwGGiSpFb%2BguveyO9Sq%2FChRkHcWmWGzNUCFZmlsV8TxzSIM%2FhoRCK0bFJdThhpE69aCEg62xsuME3DxdRJ0ieNdH%2BxkYCYkOOhgNRa%2BErrzglTpE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646f9cc52b4f1-OSL
alt-svc: h2=":443"; ma=60
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 18 Dec 2022 06:41:08 GMT
expires: Sun, 18 Dec 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 3840
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
disk.balllast.shop/clicks/webfonts/fa-brands-400.ttf
104.21.93.119404 Not Found 131 B URL HTTP/1.1 disk.balllast.shop/clicks/webfonts/fa-brands-400.ttf
IP 104.21.93.119:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/webfonts/fa-brands-400.ttf HTTP/1.1
Host: disk.balllast.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://disk.balllast.shop/clicks/iTrack_files/fontawesome-all.min.css
HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FR5DVo3jyKR0mXGACJLJBP4uPHVrd1O4wXA569ydISjYB47JXDf6znt3Qp1R%2F96aYdkeZCeSgHL8eWPBBO%2FAR3%2B6J5PnLW054Res6hFvfOdzVz11L86fv9zfmEs%2FhAVLSkpEUE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77b646facd50b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&gjid=251728228&_gid=901313074.1671349505&_u=YEBAAUAAAAAAACAAI~&z=654768602
209.85.233.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&gjid=251728228&_gid=901313074.1671349505&_u=YEBAAUAAAAAAACAAI~&z=654768602
IP 209.85.233.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&gjid=251728228&_gid=901313074.1671349505&_u=YEBAAUAAAAAAACAAI~&z=654768602 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://disk.balllast.shop
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://disk.balllast.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Dec 2022 07:45:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43db6e9d5e53c6f09a620156efe1d498
acb8be25039695ad7b757230bab40ea1815ddb8e
8f8963389ef4079412a77355df52d22c0f3501782764dca533b3d88e63d04c75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8963389EF4079412A77355DF52D22C0F3501782764DCA533B3D88E63D04C75"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20125
Expires: Sun, 18 Dec 2022 13:20:33 GMT
Date: Sun, 18 Dec 2022 07:45:08 GMT
Connection: keep-alive
hqgeeks.com/iTrack/images/favicon.png
207.154.203.102200 OK 8.9 kB URL HTTP/1.1 hqgeeks.com/iTrack/images/favicon.png
IP 207.154.203.102:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 4be60e63e7201b661538faf13c00e2ea
6150961b23b2e17cf687bfa6bbba11d5903b4a5f
ce01a9239bd33f9b872257b8cd789396114fdbf463bbbb87fa51364de989e079
GET /iTrack/images/favicon.png HTTP/1.1
Host: hqgeeks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 18 Dec 2022 07:45:08 GMT
Content-Type: image/png
Content-Length: 8850
Last-Modified: Tue, 06 Mar 2018 16:07:50 GMT
Connection: keep-alive
ETag: "5a9ebcd6-2292"
Expires: Sat, 18 Mar 2023 07:45:08 GMT
Pragma: public
Cache-Control: max-age=7776000, public
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 953635cff82596ecfcbd7ff83474031a
5ea2fa051d49d203df6582bc273639a90348f8d2
bb63f27f12c917fccddd13680972fc6e12a8e0e4dcb9b9340f7f911c8b1db9ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&_u=YEBAAUAAAAAAACAAI~&z=1158081918
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&_u=YEBAAUAAAAAAACAAI~&z=1158081918
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&_u=YEBAAUAAAAAAACAAI~&z=1158081918 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 07:45:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&_u=YEBAAUAAAAAAACAAI~&z=1158081918
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&_u=YEBAAUAAAAAAACAAI~&z=1158081918
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=210081078.1671349505&jid=178467005&_u=YEBAAUAAAAAAACAAI~&z=1158081918 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://disk.balllast.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 07:45:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f3dbc33499e42ecb967c87f0df23a85
96a87c596ae880eb482b0e8a5fdb6e09bb728895
aee03631139a47dfbb4dbbfd4257d10afc3b814b5f70366759bdff153e9e2bd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 157b62091fad279063f540564a4c72e6
9db33b844db31eed03695c97daf4c84a4d7d265f
92904432175c023613dea4d660d2c9098e00b7f3b628c8519bf5b404cad450a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 07:45:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11295
Expires: Sun, 18 Dec 2022 10:53:24 GMT
Date: Sun, 18 Dec 2022 07:45:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11295
Expires: Sun, 18 Dec 2022 10:53:24 GMT
Date: Sun, 18 Dec 2022 07:45:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KyEMrUTeuVTPJ3EIkrH1DLYqa4bHK7fe6dApTAFP4XY0G4airnflGA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:06 GMT
age: 36483
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11295
Expires: Sun, 18 Dec 2022 10:53:24 GMT
Date: Sun, 18 Dec 2022 07:45:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11295
Expires: Sun, 18 Dec 2022 10:53:24 GMT
Date: Sun, 18 Dec 2022 07:45:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12c4c2232b6d09e9085f0214b3260c1e
a24f8e949a2f2a973fe2dd5af994cd970d37f13a
000475ed7d0aab9a7dab3e25f0a29f82552739fea99f98cbf5131282d0db7d63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: d72e1904-caf4-4c72-a811-d1bde023f4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11JGCsIAMFRDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3687-7789040d71253d00378f9162;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8qqSQbj22k16ApKTT8y5BQItInb8EjZuACdWcsW_FnMysvnDADbLxQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:11 GMT
age: 36478
etag: "a24f8e949a2f2a973fe2dd5af994cd970d37f13a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4a5f117-9f4b-424b-9fa6-90cc78f66709.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4a5f117-9f4b-424b-9fa6-90cc78f66709.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6272c50d983ad7a1dc4ffdac8af30bd3
f85d27fe6f179b734ebc693de64ad2c94ad4cf13
fdb3764c309f38b2b7d4fc0020897f011daad7ce120dace7dffeaaaed6ffdc98
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4a5f117-9f4b-424b-9fa6-90cc78f66709.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7839
x-amzn-requestid: 173ca9af-c95f-4a33-a9af-ca2df02168f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11nFC0IAMFl-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e368a-276da17e300ced9a5ee66b65;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wtUgpUFQ5mFblne0aNFiHboQ7QkW0OE3fBIpYjwRTKOFDyEs2kigjQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:28 GMT
age: 35441
etag: "f85d27fe6f179b734ebc693de64ad2c94ad4cf13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345d372d-49ec-4387-99c1-d3cf9f5906f5.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345d372d-49ec-4387-99c1-d3cf9f5906f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e9d18ca29ccd52a2d503336cd466b00d
d9efd68382ccd3309c943690088cca4e5934ecff
de202292f0930aaaf434fc9b54652707b9da5ef7ccd7a1f888d3bf46755874be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345d372d-49ec-4387-99c1-d3cf9f5906f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5439
x-amzn-requestid: 52d18b91-20fd-417a-9fb2-2d039e05e6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2Z2HCXoAMFsqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3772-2f8d69d42408b30e4725763a;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:41:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LXJDMcnNM5qf9LmdkozPQOR1WBoiXGA4e4jrw9CE41NtDs_NxTuueQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:54:23 GMT
age: 35446
etag: "d9efd68382ccd3309c943690088cca4e5934ecff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmeWRYIlUMCR8Nds0-n0a9ju0ySR7ZuTAS82Lu8sZxPXQpBJkqzvww==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:52:21 GMT
age: 35568
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada04738696f861648635c9ba98841e4
ce644cd4349d88aa7c24b2503b0b18b444061639
e5cee777efbf1d8a0f95f6cce71199e5f016a91f90cf0afe38bc86654b9d730d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JecluZu8ExMmP-UHM8QbK-bjm_yqULU1tl2QQDfKMea8NHM6y2JI7g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:37:06 GMT
age: 36483
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2