2854c.rbkjkj.wy5532.com/
185.107.56.199200 OK 484 B IP 185.107.56.199:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators
Hash b5b094872611f70c8da4ca06891ea8e8
b9b511f92d9de3422e02a80b67e760c8213fa32c
6c2d8d6bba377e1a50df9ed73699fb58f61bae7fa3e28aace889a8320c2339fa
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 2854c.rbkjkj.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=385a0afc-71bf-11ed-9663-fea60cabb48e
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 484
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 01:09:55 GMT
server: nginx
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14055
Expires: Fri, 02 Dec 2022 05:04:11 GMT
Date: Fri, 02 Dec 2022 01:09:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2873
Cache-Control: max-age=122949
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:09:56 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:19:05 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 00:18:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3106
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11939
Expires: Fri, 02 Dec 2022 04:28:55 GMT
Date: Fri, 02 Dec 2022 01:09:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LHU10CsI3IXz5wD3uvZuxmjUFT2U4C3hOcISn1PkBAbyO74whSdZPPyi50BPILSTAcC6Kw3Bi68=
x-amz-request-id: KJPBNJFTN54KE2DP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 00:46:30 GMT
age: 1406
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:09:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
2854c.rbkjkj.wy5532.com/favicon.ico
185.107.56.199404 Not Found 9 B URL HTTP/1.1 2854c.rbkjkj.wy5532.com/favicon.ico
IP 185.107.56.199:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: 2854c.rbkjkj.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2854c.rbkjkj.wy5532.com/
Cookie: sid=385a0afc-71bf-11ed-9663-fea60cabb48e
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Fri, 02 Dec 2022 01:09:56 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 00:11:15 GMT
cache-control: public,max-age=3600
age: 3522
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2888
Cache-Control: max-age=117900
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:09:57 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:54:57 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
2854c.rbkjkj.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTk1MDU5NiwiaWF0IjoxNjY5OTQzMzk2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21kOWF2M2ZlNTBmMTJ1OW8yazV2azIiLCJuYmYiOjE2Njk5NDMzOTYsInRzIjoxNjY5OTQzMzk2NTY4NTAwfQ.dtSNTE8sA298rGS_d7_4lSdNeMkYpkLBtopk8eZaVDE&sid=385a0afc-71bf-11ed-9663-fea60cabb48e
185.107.56.199302 Found 11 B URL HTTP/1.1 2854c.rbkjkj.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTk1MDU5NiwiaWF0IjoxNjY5OTQzMzk2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21kOWF2M2ZlNTBmMTJ1OW8yazV2azIiLCJuYmYiOjE2Njk5NDMzOTYsInRzIjoxNjY5OTQzMzk2NTY4NTAwfQ.dtSNTE8sA298rGS_d7_4lSdNeMkYpkLBtopk8eZaVDE&sid=385a0afc-71bf-11ed-9663-fea60cabb48e
IP 185.107.56.199:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTk1MDU5NiwiaWF0IjoxNjY5OTQzMzk2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21kOWF2M2ZlNTBmMTJ1OW8yazV2azIiLCJuYmYiOjE2Njk5NDMzOTYsInRzIjoxNjY5OTQzMzk2NTY4NTAwfQ.dtSNTE8sA298rGS_d7_4lSdNeMkYpkLBtopk8eZaVDE&sid=385a0afc-71bf-11ed-9663-fea60cabb48e HTTP/1.1
Host: 2854c.rbkjkj.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2854c.rbkjkj.wy5532.com/
Cookie: sid=385a0afc-71bf-11ed-9663-fea60cabb48e
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Fri, 02 Dec 2022 01:09:56 GMT
location: http://click-v4.expmdiadi.com/click?i=dC38cn52jus_0
server: nginx
set-cookie: sid=385a0afc-71bf-11ed-9663-fea60cabb48e; path=/; domain=.wy5532.com; expires=Wed, 20 Dec 2090 04:24:04 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZNkG7bps3tW3Pi+TJlwDNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bdU5qc5wIb83eG/CBPHDePw4ZvE=
click-v4.expmdiadi.com/click?i=dC38cn52jus_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.expmdiadi.com/click?i=dC38cn52jus_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=dC38cn52jus_0 HTTP/1.1
Host: click-v4.expmdiadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://2854c.rbkjkj.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://gracelessbrief.com/wq3ht79x1?key=61640e6829406cb5e3f614ac2a9e21c0&psid=wy5532.com
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a0280d41f8b469bd62bc3c937a9e663
576d031e77d29a3c71bb9f100206b2fdda371bfa
c8c921898f40c05ed4d74e5e5639fb7b7db02a5405193d532bfd196072fe18af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8C921898F40C05ED4D74E5E5639FB7B7DB02A5405193D532BFD196072FE18AF"
Last-Modified: Thu, 01 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19034
Expires: Fri, 02 Dec 2022 06:27:12 GMT
Date: Fri, 02 Dec 2022 01:09:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20991
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:09:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20991
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:09:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20991
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:09:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20991
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 01:09:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 12002
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:43:11 GMT
age: 62807
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5jKfLFWhSvvsiO5WxWbizQhKZdCj1IKR4ijCCZKjUCtni5qQcK5-Zw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 03:29:45 GMT
age: 78013
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 64189
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FhCtGsjgnq83-zRNBH-y9BHUh2IRaN0ahO-BCUw7bTWU8jAanBqdlA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:35 GMT
age: 11783
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 11905
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gracelessbrief.com/wq3ht79x1?key=61640e6829406cb5e3f614ac2a9e21c0&psid=wy5532.com
192.243.61.227200 OK 2.4 kB URL HTTP/1.1 gracelessbrief.com/wq3ht79x1?key=61640e6829406cb5e3f614ac2a9e21c0&psid=wy5532.com
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (321)
Hash 8ec5618cc22a5bfb72a2d4bf5938064c
7fb0430c4a55d5e640af6ef0b8bded1c0004bac9
862471fa86ff89a885cb526b75a5c2b3a763aa62d238586e65a800bfe0500650
GET /wq3ht79x1?key=61640e6829406cb5e3f614ac2a9e21c0&psid=wy5532.com HTTP/1.1
Host: gracelessbrief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://2854c.rbkjkj.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 01:09:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17612737; expires=Sat, 03 Dec 2022 01:09:58 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYxMjczNywiayI6IjYxNjQwZTY4Mjk0MDZjYjVlM2Y2MTRhYzJhOWUyMWMwIiwic2lkIjoid3k1NTMyLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTk2NDM0MywicGlkIjozODgwMTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzIsImFpZCI6MjgsInB0Ijo0LCJwayI6IndxM2h0Nzl4MSIsInQiOjF9LCJwYiI6eyJyZXAiOiJodHRwczovL3d3dy5nb29nbGUuY29tLyIsImlmIjp0cnVlLCJuYyI6ZmFsc2UsIm5qIjpmYWxzZSwiaW4iOmZhbHNlLCJ0cCI6MSwibmEiOmZhbHNlfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly8yODU0Yy5yYmtqa2oud3k1NTMyLmNvbS8ifX0.UrMRLTE30R55tv2l-XQiHd3FoZ3zBwTAQZdDUo6LRSU; expires=Fri, 02 Dec 2022 01:10:58 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f87f1d9d9539fad402c1bfce26b71fdd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
gracelessbrief.com/wq3ht79x1?pst=1669943458&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2F2854c.rbkjkj.wy5532.com%2F&key=61640e6829406cb5e3f614ac2a9e21c0&shu=03f8397038a329db84dcc39a9eb436ac54028d0b3c90545a8e602c958693821b2d6860d8fb32a0cbbb51a69eb33909148c4e60f723e2b4bf3837a50d9a19634a44dd538137cc61e0c503d08853c4159e07e0626a&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002
192.243.61.227302 Found 0 B URL HTTP/1.1 gracelessbrief.com/wq3ht79x1?pst=1669943458&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2F2854c.rbkjkj.wy5532.com%2F&key=61640e6829406cb5e3f614ac2a9e21c0&shu=03f8397038a329db84dcc39a9eb436ac54028d0b3c90545a8e602c958693821b2d6860d8fb32a0cbbb51a69eb33909148c4e60f723e2b4bf3837a50d9a19634a44dd538137cc61e0c503d08853c4159e07e0626a&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wq3ht79x1?pst=1669943458&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2F2854c.rbkjkj.wy5532.com%2F&key=61640e6829406cb5e3f614ac2a9e21c0&shu=03f8397038a329db84dcc39a9eb436ac54028d0b3c90545a8e602c958693821b2d6860d8fb32a0cbbb51a69eb33909148c4e60f723e2b4bf3837a50d9a19634a44dd538137cc61e0c503d08853c4159e07e0626a&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002 HTTP/1.1
Host: gracelessbrief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gracelessbrief.com/wq3ht79x1?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=17612737
Cookie: u_pl=17612737; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYxMjczNywiayI6IjYxNjQwZTY4Mjk0MDZjYjVlM2Y2MTRhYzJhOWUyMWMwIiwic2lkIjoid3k1NTMyLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTk2NDM0MywicGlkIjozODgwMTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzIsImFpZCI6MjgsInB0Ijo0LCJwayI6IndxM2h0Nzl4MSIsInQiOjF9LCJwYiI6eyJyZXAiOiJodHRwczovL3d3dy5nb29nbGUuY29tLyIsImlmIjp0cnVlLCJuYyI6ZmFsc2UsIm5qIjpmYWxzZSwiaW4iOmZhbHNlLCJ0cCI6MSwibmEiOmZhbHNlfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly8yODU0Yy5yYmtqa2oud3k1NTMyLmNvbS8ifX0.UrMRLTE30R55tv2l-XQiHd3FoZ3zBwTAQZdDUo6LRSU; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 01:09:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI=&sub1=pu_remnant&sub2=17612737
Set-Cookie: iprc7e29a9c7c619f5c9bf79ddd0fceeb8a7=2270707; expires=Sat, 03 Dec 2022 01:09:59 GMT
pdhtkv=true; expires=Sat, 03 Dec 2022 01:09:59 GMT
uncs=1; expires=Sat, 03 Dec 2022 01:09:59 GMT
pdhtkv28=true; expires=Sat, 03 Dec 2022 01:09:59 GMT
uncs28=1; expires=Sat, 03 Dec 2022 01:09:59 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c016e2dbee5a6bf1eadfeef774c3f367
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5eca1876e56305eb5fd280e617f1b3f7
98fee2a1511f8e843c1b51c0df1a1c83f6cf3973
0af88ba172074d73bc08f447bd802b024cc14ad793e65c81966190554364a7db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6180
Cache-Control: max-age=168700
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:09:59 GMT
Etag: "6389283f-117"
Expires: Sun, 04 Dec 2022 00:01:39 GMT
Last-Modified: Thu, 01 Dec 2022 22:18:39 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5eca1876e56305eb5fd280e617f1b3f7
98fee2a1511f8e843c1b51c0df1a1c83f6cf3973
0af88ba172074d73bc08f447bd802b024cc14ad793e65c81966190554364a7db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6180
Cache-Control: max-age=168700
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 01:09:59 GMT
Etag: "6389283f-117"
Expires: Sun, 04 Dec 2022 00:01:39 GMT
Last-Modified: Thu, 01 Dec 2022 22:18:39 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6317b73716aa51fe3fd5312f8461c428
7b38f023d55a52fcf0f8aca328deff4ef2b13b33
8c1741571fe717f1754c9ce05367bb703a3a283da715a6d5ddcd88d62196bf0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C1741571FE717F1754C9CE05367BB703A3A283DA715A6D5DDCD88D62196BF0E"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2475
Expires: Fri, 02 Dec 2022 01:51:14 GMT
Date: Fri, 02 Dec 2022 01:09:59 GMT
Connection: keep-alive
supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI=&sub1=pu_remnant&sub2=17612737
104.21.31.221200 OK 11 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI=&sub1=pu_remnant&sub2=17612737
IP 104.21.31.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (564)
Hash 430176398d1884fe3af874b61211e41e
aa0766ec58445549cc5ad637547e3d4c58bb77c3
660c876b8208426f1af50ddcaa869af70543a985ae54f8a63f8dfd4eeda6b0b1
GET /common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI=&sub1=pu_remnant&sub2=17612737 HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gracelessbrief.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:09:59 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnDiRrNt%2Bd0PsDJikjiQZIlD2A%2Fk6g7lpZUv29D0kbLZjMqf2q1zr2jGLUmfnC6lGG2RgUKaKY2OpFaNGMtZaX0ZVc33SSqZUK%2FfVK5ye%2F31MkXBjFYOpqyxIOFDShmSiGzpVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77302e25fc85b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce6584d7cce4780b6f629d76a15c42fc
ec92eccf2955cfdc0046d9ec149313251109fea4
85d83403d3ea99fe317c5d6f01254c18fa1590ac801b66a0bee364838255299f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85D83403D3EA99FE317C5D6F01254C18FA1590AC801B66A0BEE364838255299F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2134
Expires: Fri, 02 Dec 2022 01:45:34 GMT
Date: Fri, 02 Dec 2022 01:10:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce6584d7cce4780b6f629d76a15c42fc
ec92eccf2955cfdc0046d9ec149313251109fea4
85d83403d3ea99fe317c5d6f01254c18fa1590ac801b66a0bee364838255299f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85D83403D3EA99FE317C5D6F01254C18FA1590AC801B66A0BEE364838255299F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2159
Expires: Fri, 02 Dec 2022 01:45:59 GMT
Date: Fri, 02 Dec 2022 01:10:00 GMT
Connection: keep-alive
twistconcept.com/index.min.js?pk=42c6f09dc9e74035608496705631ef5d
104.21.86.46200 OK 377 B URL HTTP/2 twistconcept.com/index.min.js?pk=42c6f09dc9e74035608496705631ef5d
IP 104.21.86.46:0
File type ASCII text, with very long lines (651)
Hash 1bbd15594e64bd1a1e03ccdb99f28d3c
a779fb5853cf4e2923086aa5f3a47a614a76b453
32858f596974eee59048d2b0a177e95bbe00e274bdda4c9fe490bf19acec62fb
GET /index.min.js?pk=42c6f09dc9e74035608496705631ef5d HTTP/1.1
Host: twistconcept.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:10:00 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 08:49:08 GMT
etag: W/"624ea584-28c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6212
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zyfj4nfuo4SZ1eMAV9icbm5%2BKabHzkdOgXC8kY0CG6aiM4rVpIHLqZcRABAXNpOuagDDBdSOVMQG1ploejW5%2BR0mNQe7JCckFo0LJ7XS8c0gMhfZeOAbFMmBC1wavvAf55Td"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77302e2adc47b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash ca7d062811832377ad42a59b892106ec
67be0c305289a37da8014f99ec254bd9d0035d5d
74df98f30d9307bb6332ddcebd292b5ab163710919ff2cdb8fe0d97210d49594
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 01:10:00 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 05 Dec 2022 21:16:15 GMT
ETag: "67be0c305289a37da8014f99ec254bd9d0035d5d"
Last-Modified: Thu, 01 Dec 2022 21:16:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3453
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77302e2bbb80fabc-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f60f02a95664f3be8fd0b4e614010c6a
bb83d56ac8ae98bff5e9954dffc7f2035b47f63f
eddc54420a811685bfd0c2c14dd13340c9380b529bf1bb8c0426baa0375a67f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133524
Date: Fri, 02 Dec 2022 01:10:00 GMT
Etag: "6388ac95-1d7"
Expires: Sat, 03 Dec 2022 14:15:24 GMT
Last-Modified: Thu, 01 Dec 2022 13:31:01 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q82l_pEZ0HwnEadL-KwtQTyya-hoRxQEoHQm0nm0dpby96QD9vXnLg==
Age: 2663
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Fri, 02 Dec 2022 01:10:00 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Fri, 02 Dec 2022 02:10:00 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
simplewebanalysis.com/px.gif?akey=42c6f09dc9e74035608496705631ef5d
52.28.211.11307 Temporary Redirect 0 B URL HTTP/2 simplewebanalysis.com/px.gif?akey=42c6f09dc9e74035608496705631ef5d
IP 52.28.211.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px.gif?akey=42c6f09dc9e74035608496705631ef5d HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Fri, 02 Dec 2022 01:10:00 GMT
content-type: image/gif
content-length: 0
location: https://professionalswebcheck.com/dbs?uuid=782aa8c7-9836-4064-8a4f-ff7b9e73f141&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjM3IjoxNjY5OTQzNDAwfSwiYWNjbCI6eyAiMjAsMSI6MTY2OTk0MzQwMH19.pI2zDxSx1L0Tp0rat_EpRytSJYknnqM8rOlIJuorxTs
server: nginx/1.17.6
set-cookie: uid_id2=782aa8c7-9836-4064-8a4f-ff7b9e73f141:1:1; expires=Mon, 29 Nov 2032 01:10:00 GMT; secure; SameSite=None
ak=37,1669943400; expires=Thu, 02 Mar 2023 01:10:00 GMT; secure; SameSite=None
acl=20,1,1669943400; expires=Thu, 02 Mar 2023 01:10:00 GMT; secure; SameSite=None
expires: Fri, 02 Dec 2022 01:10:00 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 186 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
Hash 4d4966ac54720e31a1e1a699fdd95a28
5ded0ed96bdaa88cdd3f08bc91593df65aab4ba7
746254e9a2068ee50122581f20a0a38b82426eb394ef6fd21a62912a41796586
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 01:10:00 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Fri, 02 Dec 2022 02:10:00 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
professionalswebcheck.com/dbs?uuid=782aa8c7-9836-4064-8a4f-ff7b9e73f141&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjM3IjoxNjY5OTQzNDAwfSwiYWNjbCI6eyAiMjAsMSI6MTY2OTk0MzQwMH19.pI2zDxSx1L0Tp0rat_EpRytSJYknnqM8rOlIJuorxTs
52.28.211.11200 OK 7 B URL HTTP/2 professionalswebcheck.com/dbs?uuid=782aa8c7-9836-4064-8a4f-ff7b9e73f141&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjM3IjoxNjY5OTQzNDAwfSwiYWNjbCI6eyAiMjAsMSI6MTY2OTk0MzQwMH19.pI2zDxSx1L0Tp0rat_EpRytSJYknnqM8rOlIJuorxTs
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /dbs?uuid=782aa8c7-9836-4064-8a4f-ff7b9e73f141&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjM3IjoxNjY5OTQzNDAwfSwiYWNjbCI6eyAiMjAsMSI6MTY2OTk0MzQwMH19.pI2zDxSx1L0Tp0rat_EpRytSJYknnqM8rOlIJuorxTs HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supanimegames.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 01:10:00 GMT
content-type: image/gif
content-length: 7
server: nginx/1.17.6
set-cookie: uid_id2=782aa8c7-9836-4064-8a4f-ff7b9e73f141:1:1; expires=Mon, 29 Nov 2032 01:10:00 GMT; secure; SameSite=None
ak=37,1669943400; expires=Thu, 02 Mar 2023 01:10:00 GMT; secure; SameSite=None
acl=20,1,1669943400; expires=Thu, 02 Mar 2023 01:10:00 GMT; secure; SameSite=None
expires: Fri, 02 Dec 2022 01:10:00 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2
mc.yandex.ru/watch/57021556/1?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI%3D%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A556844843523%3Ahid%3A838047798%3Az%3A0%3Ai%3A20221202010959%3Aet%3A1669943399%3Ac%3A1%3Arn%3A990491540%3Arqn%3A1%3Au%3A1669943399674995202%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C25%2C267%2C0%2C216%2C0%2C%2C442%2C0%2C%2C%2C%2C961%3Aco%3A0%3Ans%3A1669943397490%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669943399%3At%3AEmpire&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/57021556/1?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI%3D%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A556844843523%3Ahid%3A838047798%3Az%3A0%3Ai%3A20221202010959%3Aet%3A1669943399%3Ac%3A1%3Arn%3A990491540%3Arqn%3A1%3Au%3A1669943399674995202%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C25%2C267%2C0%2C216%2C0%2C%2C442%2C0%2C%2C%2C%2C961%3Aco%3A0%3Ans%3A1669943397490%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669943399%3At%3AEmpire&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 9e0c92242630e6a886b64dfa2044466c
6ef96e143c2c22822d6e566503a343050b90cd13
d20b674ae6aca452403837fccfa0d55022d1648b6ebd437891e8d5a65b3d809a
GET /watch/57021556/1?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI%3D%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A556844843523%3Ahid%3A838047798%3Az%3A0%3Ai%3A20221202010959%3Aet%3A1669943399%3Ac%3A1%3Arn%3A990491540%3Arqn%3A1%3Au%3A1669943399674995202%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C25%2C267%2C0%2C216%2C0%2C%2C442%2C0%2C%2C%2C%2C961%3Aco%3A0%3Ans%3A1669943397490%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669943399%3At%3AEmpire&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://supanimegames.com
Referer: https://supanimegames.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Fri, 02 Dec 2022 01:10:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://supanimegames.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 01:10:00 GMT
last-modified: Fri, 02-Dec-2022 01:10:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/57021556?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI%3D%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A556844843523%3Ahid%3A838047798%3Az%3A0%3Ai%3A20221202010959%3Aet%3A1669943399%3Ac%3A1%3Arn%3A990491540%3Arqn%3A1%3Au%3A1669943399674995202%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C25%2C267%2C0%2C216%2C0%2C%2C442%2C0%2C%2C%2C%2C961%3Aco%3A0%3Ans%3A1669943397490%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669943399%3At%3AEmpire&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 11 kB URL HTTP/2 mc.yandex.ru/watch/57021556?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI%3D%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A556844843523%3Ahid%3A838047798%3Az%3A0%3Ai%3A20221202010959%3Aet%3A1669943399%3Ac%3A1%3Arn%3A990491540%3Arqn%3A1%3Au%3A1669943399674995202%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C25%2C267%2C0%2C216%2C0%2C%2C442%2C0%2C%2C%2C%2C961%3Aco%3A0%3Ans%3A1669943397490%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669943399%3At%3AEmpire&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /watch/57021556?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI%3D%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A556844843523%3Ahid%3A838047798%3Az%3A0%3Ai%3A20221202010959%3Aet%3A1669943399%3Ac%3A1%3Arn%3A990491540%3Arqn%3A1%3Au%3A1669943399674995202%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C25%2C267%2C0%2C216%2C0%2C%2C442%2C0%2C%2C%2C%2C961%3Aco%3A0%3Ans%3A1669943397490%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669943399%3At%3AEmpire&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://supanimegames.com
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/57021556/1?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjY5OTQzMzk5fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9MDNmODM5NzAzOGEzMjlkYjg0ZGNjMzlhOWViNDM2YWM1NDAyOGQwYjNjOTA1NDVhOGU2MDJjOTU4NjkzODIxYjJkNjg2MGQ4ZmIzMmEwY2JiYjUxYTY5ZWIzMzkwOTE0OGM0ZTYwZjcyM2UyYjRiZjM4MzdhNTBkOWExOTYzNGE0NGRkNTM4MTM3Y2M2MWUwYzUwM2QwODg1M2M0MTU5ZTA3ZTA2MjZhfGxzPTN8b3R2PWF8MDNiZjgyZGFhZmYxOTEwNWE3NzExM2JjYTA4OGIwYTI%3D%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A964%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A556844843523%3Ahid%3A838047798%3Az%3A0%3Ai%3A20221202010959%3Aet%3A1669943399%3Ac%3A1%3Arn%3A990491540%3Arqn%3A1%3Au%3A1669943399674995202%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C25%2C267%2C0%2C216%2C0%2C%2C442%2C0%2C%2C%2C%2C961%3Aco%3A0%3Ans%3A1669943397490%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669943399%3At%3AEmpire&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 02 Dec 2022 01:10:00 GMT
access-control-allow-origin: https://supanimegames.com
set-cookie: yabs-sid=2459847341669943400; Path=/; SameSite=None; Secure
i=9Ms6WUAV6i6eGgh8wboX90YeoUPUjJUPE4QVm1O7vNdPULPWYggrs1sVgTHhFpkHbzDUARhGrYYJ1OGzTkcGa0HfM5w=; Expires=Mon, 29-Nov-2032 01:09:37 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7956565511669943400; Expires=Sat, 02-Dec-2023 01:10:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7956565511669943400; Expires=Sat, 02-Dec-2023 01:10:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701479400.yc.1669943400#1701479400.yrts.1669943400#1701479400.yrtsi.1669943400; Expires=Sat, 02-Dec-2023 01:10:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 01:10:00 GMT
last-modified: Fri, 02-Dec-2022 01:10:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ln.gamesrevenue.com/px1.js
5.161.79.44200 OK 0 B URL HTTP/2 ln.gamesrevenue.com/px1.js
IP 5.161.79.44:0
ASN #213230 Hetzner Online GmbH
GET /px1.js HTTP/1.1
Host: ln.gamesrevenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 01:09:59 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 11:50:26 GMT
etag: W/"63889502-3c9d"
content-encoding: gzip
X-Firefox-Spdy: h2