magaze.tv/86
62.149.144.107301 Moved Permanently 231 B IP 62.149.144.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0947afc0bb876f170f8dda27c5e44320
75a4648031e96c96532dc1488875c6bc35467876
db19b8e91781e54dbf8532bba6023d781b2ba2158900ff9ffd8d275df8cc7cb8
Analyzer Verdict Alert fortinet Malware
GET /86 HTTP/1.1
Host: magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 08 Oct 2022 20:05:48 GMT
Server: Apache
Location: http://www.magaze.tv/86
Content-Length: 231
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1aac651ec250c598683dd17ca2002c07
11595ac82e017f95190c2a36dc77323a3fedcbfc
93fa640d042452ae8455d026e30e3b4594c13d4be65f3552a4b5edae027c02f9
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 08 Oct 2022 19:38:24 GMT
Expires: Sat, 08 Oct 2022 20:23:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qnZyZp8gU5NdbU2Er7u1AQs-tcF1x2bOkHILOjK66WOBkAAaSu2Whw==
Age: 1644
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2886
Expires: Sat, 08 Oct 2022 20:53:54 GMT
Date: Sat, 08 Oct 2022 20:05:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2346
Expires: Sat, 08 Oct 2022 20:44:54 GMT
Date: Sat, 08 Oct 2022 20:05:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eNzEHvWSPYX7pOEmxpU8SpS6ZuBZj89a6MgFPMVRj49XvQnoQOCW13tkLOcOs70CJJIAEQpXWCg=
x-amz-request-id: 5Y14RSN0RFFB3XHG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 19:59:44 GMT
age: 364
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:05:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 08 Oct 2022 19:29:41 GMT
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 20:23:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zcEtzrns2B5Y2PgH6_36WGfrZlU-yWrfPmOFRfGCrA0FZyQTitsrxQ==
Age: 2168
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5479444ef227af03029fbb9d154f0107
0563678ec07ab3707b716ca4c638ece4c8ad7de4
4850d49786a140003b90ae108104ffbfe80a6e0d9f584656a09f0fff11dc9d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:49 GMT
Last-Modified: Sat, 08 Oct 2022 18:52:31 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.magaze.tv/86
62.149.144.107301 Moved Permanently 0 B IP 62.149.144.107:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /86 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 08 Oct 2022 20:05:48 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2
Connection: Upgrade, Keep-Alive
Location: http://www.magaze.tv/86/
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RCruWYTc8sAnYUTWM49qOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZM9fx83pr7qcybpVm/3zsp27oBM=
fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
142.250.74.10200 OK 1.3 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
IP 142.250.74.10:0
Hash af495d4776810ba587c8130d9d60a106
540e75b1cd7fb672df4ae09407f8282e7d4a7279
257d0b96dacf33c439696c5e62144a5e39303daec555b50883c2ba5829bf15d8
GET /css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 08 Oct 2022 20:05:50 GMT
Date: Sat, 08 Oct 2022 20:05:50 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.magaze.tv/86/
62.149.144.107200 OK 57 kB IP 62.149.144.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2494), with CRLF, LF line terminators
Hash 27eba59e80ee658c816220106aac76b4
4dc845945f8176788a7f1f007ab90140d593f363
1081d558af45c9e945fbea624ed53ddbb4aa9166fd68314a12e05c7853a80a43
Analyzer Verdict Alert fortinet Malware
GET /86/ HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:49 GMT
Server: Apache
Link: <https://www.magaze.tv/wp-json/>; rel="https://api.w.org/", <https://www.magaze.tv/?p=86>; rel=shortlink
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.magaze.tv/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.2.3
62.149.144.107200 OK 9.5 kB URL HTTP/1.1 www.magaze.tv/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.2.3
IP 62.149.144.107:0
File type ASCII text, with very long lines (9457)
Hash 94825a2be0c52bf1b9a0d25bdfc57f8f
79a7c674fafcfe46b0d8ac865a3660c0757b7e26
1f247b93786900218dd58cfbced6a6873652f70fb71476d68b9f5cc01d221127
GET /wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.2.3 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Sat, 28 Mar 2020 07:55:30 GMT
ETag: "24f2-5a1e58abac6e3"
Accept-Ranges: bytes
Content-Length: 9458
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.magaze.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
62.149.144.107200 OK 10 kB URL HTTP/1.1 www.magaze.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 62.149.144.107:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 28 Dec 2018 09:25:17 GMT
ETag: "2748-57e11a4253940"
Accept-Ranges: bytes
Content-Length: 10056
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript
www.magaze.tv/wp-content/plugins/fwduvp/css/fwduvp.css?ver=5.3.13
62.149.144.107200 OK 18 kB URL HTTP/1.1 www.magaze.tv/wp-content/plugins/fwduvp/css/fwduvp.css?ver=5.3.13
IP 62.149.144.107:0
File type ASCII text, with CRLF line terminators
Hash 2e843cf848fca9167050b55e071733ca
ddeb638bfdb46824cb64ece68dea322442ffe4b5
caaad7e190ac207c462dba597bf9fd19fe13eaee52faa17fdcbb92a5f33ff883
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fwduvp/css/fwduvp.css?ver=5.3.13 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Nov 2019 21:29:40 GMT
ETag: "46c9-5986ecf949900"
Accept-Ranges: bytes
Content-Length: 18121
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=100
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9f0247fb5bf6e6458f14094551436e1
0ac483f7caef89a55829041189790c8fc7eb8cd7
1b157a9bf613ddbf329225759780db82a249f8502b1b7cb6742907224b4c775e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.magaze.tv/wp-includes/js/wp-emoji-release.min.js?ver=5.3.13
62.149.144.107200 OK 14 kB URL HTTP/1.1 www.magaze.tv/wp-includes/js/wp-emoji-release.min.js?ver=5.3.13
IP 62.149.144.107:0
File type ASCII text, with very long lines (10927)
Hash d6aeffd9e0126160ff89d369c05a5fbe
8480b15ad38e8e1d67960e72b513fa4f463e2cc1
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.13 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 06:11:42 GMT
ETag: "3619-5bffcbcb61202"
Accept-Ranges: bytes
Content-Length: 13849
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.magaze.tv/wp-includes/css/dist/block-library/style.min.css?ver=5.3.13
62.149.144.107200 OK 41 kB URL HTTP/1.1 www.magaze.tv/wp-includes/css/dist/block-library/style.min.css?ver=5.3.13
IP 62.149.144.107:0
File type ASCII text, with very long lines (41045), with no line terminators
Hash 612b7ab9f699e968f5b3206ca16ee834
12685fd0b83dabb9a2004dd4c74de4515fea3013
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.13 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 11 Jun 2020 06:31:11 GMT
ETag: "a055-5a7c91b43eb67"
Accept-Ranges: bytes
Content-Length: 41045
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=100
Content-Type: text/css
www.magaze.tv/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.2.3
62.149.144.107200 OK 6.1 kB URL HTTP/1.1 www.magaze.tv/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.2.3
IP 62.149.144.107:0
File type ASCII text, with very long lines (6136)
Hash b21ffcb41b808b594f8ebbe05c1192be
1fc553b3771623b2b6f787e28990ede3c547fec6
cc29d9f69561a08175e5ce7d2b503dbb202b5a3b6a77e80ceb3830cd9640c1e0
GET /wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.2.3 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Sat, 28 Mar 2020 07:55:30 GMT
ETag: "17f9-5a1e58abc8d71"
Accept-Ranges: bytes
Content-Length: 6137
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=UA-131809806-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-131809806-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 71cec2482e4b145cf56a391c5183133a
7ab81c2444dbc66ef0cdd00a7cd58a4f16bc5a9f
ccb5267b098dd10f021001a235847348ea4ffa13e29b4073d0c8203aea2205ca
GET /gtag/js?id=UA-131809806-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 08 Oct 2022 20:05:50 GMT
expires: Sat, 08 Oct 2022 20:05:50 GMT
cache-control: private, max-age=900
last-modified: Sat, 08 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.magaze.tv/wp-includes/js/comment-reply.min.js?ver=5.3.13
62.149.144.107200 OK 2.3 kB URL HTTP/1.1 www.magaze.tv/wp-includes/js/comment-reply.min.js?ver=5.3.13
IP 62.149.144.107:0
File type ASCII text, with very long lines (2337), with no line terminators
Hash 3cd8856198e0175189f2c27d2e9b630f
ecbb3c0e398b3d652d3f1ce73633083459a71445
3d5ae546163be6946a8ae9f9040891688b6ef62d1852a0d5d72f8e04ddbe7af5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=5.3.13 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 06:11:42 GMT
ETag: "921-5bffcbcb51033"
Accept-Ranges: bytes
Content-Length: 2337
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9f0247fb5bf6e6458f14094551436e1
0ac483f7caef89a55829041189790c8fc7eb8cd7
1b157a9bf613ddbf329225759780db82a249f8502b1b7cb6742907224b4c775e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.magaze.tv/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.2.3
62.149.144.107200 OK 2.3 kB URL HTTP/1.1 www.magaze.tv/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.2.3
IP 62.149.144.107:0
File type HTML document, ASCII text, with very long lines (2287)
Hash f3b6abf696c750e6a786f88254799b64
d63b45e9dfc907abedb9ae8fdca8c88e789ce09c
77c4626839cbe9befb54fab08d869ce1963f79cd4a107a86fd4cfcd5413f90eb
GET /wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.2.3 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Sat, 28 Mar 2020 07:55:30 GMT
ETag: "8f0-5a1e58aba62bd"
Accept-Ranges: bytes
Content-Length: 2288
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.magaze.tv/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
62.149.144.107200 OK 97 kB URL HTTP/1.1 www.magaze.tv/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 62.149.144.107:0
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 31 Jul 2019 22:51:25 GMT
ETag: "17a69-58f01f7041ca8"
Accept-Ranges: bytes
Content-Length: 96873
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript
www.magaze.tv/wp-includes/js/wp-embed.min.js?ver=5.3.13
62.149.144.107200 OK 1.4 kB URL HTTP/1.1 www.magaze.tv/wp-includes/js/wp-embed.min.js?ver=5.3.13
IP 62.149.144.107:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
GET /wp-includes/js/wp-embed.min.js?ver=5.3.13 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 06:11:42 GMT
ETag: "56f-5bffcbcb60613"
Accept-Ranges: bytes
Content-Length: 1391
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp06.actalis.it/VA/AUTHDV-G3
109.70.240.114200 3.9 kB URL HTTP/1.1 ocsp06.actalis.it/VA/AUTHDV-G3
IP 109.70.240.114:0
Hash 1cd62e63c6701ee667c2692401e2fb1f
87d155e435c69731a3b5ce02d4c9baa90555cd29
dc3a92943c04e7df31102a777f6cc65f5e32d3f89316e46a0d84213914d8d6e4
POST /VA/AUTHDV-G3 HTTP/1.1
Host: ocsp06.actalis.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Sat, 08 Oct 2022 20:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 3926
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 14:49:25 GMT
Expires: Sun, 09 Oct 2022 14:49:24 GMT
ETag: "87d155e435c69731a3b5ce02d4c9baa90555cd29"
ocsp06.actalis.it/VA/AUTHDV-G3
109.70.240.114200 3.9 kB URL HTTP/1.1 ocsp06.actalis.it/VA/AUTHDV-G3
IP 109.70.240.114:0
Hash 1cd62e63c6701ee667c2692401e2fb1f
87d155e435c69731a3b5ce02d4c9baa90555cd29
dc3a92943c04e7df31102a777f6cc65f5e32d3f89316e46a0d84213914d8d6e4
POST /VA/AUTHDV-G3 HTTP/1.1
Host: ocsp06.actalis.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Sat, 08 Oct 2022 20:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 3926
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 14:49:25 GMT
Expires: Sun, 09 Oct 2022 14:49:24 GMT
ETag: "87d155e435c69731a3b5ce02d4c9baa90555cd29"
ocsp06.actalis.it/VA/AUTHDV-G3
109.70.240.114200 3.9 kB URL HTTP/1.1 ocsp06.actalis.it/VA/AUTHDV-G3
IP 109.70.240.114:0
Hash 1cd62e63c6701ee667c2692401e2fb1f
87d155e435c69731a3b5ce02d4c9baa90555cd29
dc3a92943c04e7df31102a777f6cc65f5e32d3f89316e46a0d84213914d8d6e4
POST /VA/AUTHDV-G3 HTTP/1.1
Host: ocsp06.actalis.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: nginx
Date: Sat, 08 Oct 2022 20:05:50 GMT
Content-Type: application/ocsp-response
Content-Length: 3926
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 14:49:25 GMT
Expires: Sun, 09 Oct 2022 14:49:24 GMT
ETag: "87d155e435c69731a3b5ce02d4c9baa90555cd29"
www.magaze.tv/wp-content/themes/Newspaper2/js/tagdiv_theme.min.js?ver=9.6
62.149.144.107200 OK 228 kB URL HTTP/1.1 www.magaze.tv/wp-content/themes/Newspaper2/js/tagdiv_theme.min.js?ver=9.6
IP 62.149.144.107:0
File type ASCII text, with very long lines (670)
Size 228 kB (228414 bytes)
Hash b6fcfa64d546835bb49c4bc69531472b
06f34915d958479c8e2a998600c76e5d8725d0d6
eb78c477ad54f113858789553c8d6a570c0bb27a5a88bea27093923c21e29fe6
GET /wp-content/themes/Newspaper2/js/tagdiv_theme.min.js?ver=9.6 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Tue, 12 Mar 2019 17:54:29 GMT
ETag: "37c3e-583e9617bf764"
Accept-Ranges: bytes
Content-Length: 228414
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.magaze.tv/wp-content/plugins/fwduvp/js/FWDUVP.js?ver=5.3.13
62.149.144.107200 OK 840 kB URL HTTP/1.1 www.magaze.tv/wp-content/plugins/fwduvp/js/FWDUVP.js?ver=5.3.13
IP 62.149.144.107:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size 840 kB (840193 bytes)
Hash 588b08c992f95e070e60c27ab1f2fb31
9660606f7a2cb5acb9a11c4c75a4efb3021b8040
41e851e1c257e7a875ac3ec9601a69777134895f097abe167edb6df8bfb1c4cc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fwduvp/js/FWDUVP.js?ver=5.3.13 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Nov 2019 21:29:40 GMT
ETag: "cd201-5986ecf949900"
Accept-Ranges: bytes
Content-Length: 840193
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2936
Expires: Sat, 08 Oct 2022 20:54:46 GMT
Date: Sat, 08 Oct 2022 20:05:50 GMT
Connection: keep-alive
www.magaze.tv/wp-content/themes/Newspaper2/style.css?ver=9.6
62.149.144.107200 OK 1.2 MB URL HTTP/1.1 www.magaze.tv/wp-content/themes/Newspaper2/style.css?ver=9.6
IP 62.149.144.107:0
Size 1.2 MB (1221905 bytes)
Hash be9ce78bb2d00dafe15397f5436a1678
7d6d82a4f368f7187b15e92e19d4207f19ad9736
7364672bd763862a889fe900f5bb3abc22770c709eebd9f0064cd28833198530
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Newspaper2/style.css?ver=9.6 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Tue, 12 Mar 2019 17:54:22 GMT
ETag: "12a511-583e961152af3"
Accept-Ranges: bytes
Content-Length: 1221905
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2936
Expires: Sat, 08 Oct 2022 20:54:46 GMT
Date: Sat, 08 Oct 2022 20:05:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6207431ae268d805fb92237925c8fc0
075b576b0d47e0f6cbbb9dc85f87e8ca4e8eca87
bb8966bd5b80f1ba6c974925df0610e0a219759ab92df062e135baae02fa0071
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e9e3511-179a-47a1-a41a-7b5f6ecbf14f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5440
x-amzn-requestid: c9408e3c-29f6-4a53-b09d-0c3f49e99287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp3AzFQ3oAMF_Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409ed1-1da6e8c500879b080c66fdfe;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:49:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M8TN3UdactHymyCJFQHV86X0fYsS-_V7Yu-7dUWFnOUyRonAqQHpGw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 22:14:30 GMT
age: 78680
etag: "075b576b0d47e0f6cbbb9dc85f87e8ca4e8eca87"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcf23b32642f7a82a0a7d734a631bca
9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7
add9aab4427819610f8d693758a752910cf314346e974b7636a82381ab9daa4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4252
x-amzn-requestid: 8d6a225c-6389-4f20-9b90-494841f47c99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R4GjCIAMFX-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-4076dc933185d9fd6b68e802;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Wb1JAlWtR9sSEi_KuYZivvMivSxZjo92LGpWgFppol5zgapK6eQ-dg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:39:48 GMT
etag: "9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7"
content-type: image/jpeg
age: 80762
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc28ec4d4-ad94-4fbc-83a3-2675118e5987.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc28ec4d4-ad94-4fbc-83a3-2675118e5987.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e282fb952c8c81b3369d747b9fa837c8
038e45c00f7f0c55c4160b6d3fa25fd129ff9ef8
735fd68ef05cdcae00eaeac826b0fb291daad2b35bbad07a8a67745f1799b211
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc28ec4d4-ad94-4fbc-83a3-2675118e5987.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 23b13773-c294-497d-971c-9fe56f88d5dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R4Fm9IAMFbbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-7fc0b69250f718693a8aeec0;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J5qJIh9Eq17ONk9gm62j-SUa29Ivrso78FBoH1VCz2lQlyK-M4-D-Q==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:39:48 GMT
age: 80762
etag: "038e45c00f7f0c55c4160b6d3fa25fd129ff9ef8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc50d1380ae8fc980ae1cc38f2371c7
be79aecfd7eefa89c409ed743402a292ff0ce6c0
43e015802ba453d4cd79984b53efa8a529ece62760f6693f9daeb2388179201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6366
x-amzn-requestid: ddcd915d-2606-4243-969e-19fb02b5b6d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1EJGoSIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb3-1c7bd17a2dcdd25e4da6d346;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaHDHE38nByvpccXO4wHgHk6BAOPZDsFdXxi2-KgjUaXvjC58nlGUQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:55:27 GMT
age: 79823
etag: "be79aecfd7eefa89c409ed743402a292ff0ce6c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Vy9jQu1a8BGypY4C4u_9gao5wPEkVHgArhG2zMNdH8KfBS0lfmyHBA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:43:41 GMT
age: 80529
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5c4757ceb6dce32d0f9d26d5b3df038
d8209d82f61c7a09e00756e5dd32c99bc61af4a8
6aa007279ba4cdea3f772e0601e4082d40ee947ef8cc1201ce0009fb42ca9885
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56d7dd70-3706-4d51-94da-88fa19a58ad8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3c3ff89f-8a8c-44ae-981a-0e9adaf7d959
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dSEs8IAMFqFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-6c97b82d137c2f1951270b82;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6wWlD3C6HI9oxa0VAYA6N5afAcUDTQXdO8X31eZUglfdC6jSQo_gew==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 04:44:42 GMT
age: 55268
etag: "d8209d82f61c7a09e00756e5dd32c99bc61af4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.magaze.tv/wp-content/uploads/2019/01/logo-magaze-TV-300x106.png
62.149.144.107200 OK 6.0 kB URL HTTP/1.1 www.magaze.tv/wp-content/uploads/2019/01/logo-magaze-TV-300x106.png
IP 62.149.144.107:0
File type PNG image data, 300 x 106, 8-bit/color RGBA, non-interlaced\012- data
Hash 93aa4e10c74e661e2dea49d161707900
1457988bd4abdaf56f0f5b2e98ac8881171af511
893a7a90d8d5782c9665e6cb484a670c286b87e7844540d67fbe96b0b55cdca4
GET /wp-content/uploads/2019/01/logo-magaze-TV-300x106.png HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:50 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 09:08:53 GMT
ETag: "1772-57e75fec01208"
Accept-Ranges: bytes
Content-Length: 6002
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.magaze.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15920
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 21:42:42 GMT
Expires: Thu, 05 Oct 2023 21:42:42 GMT
Cache-Control: public, max-age=31536000
Age: 253389
Last-Modified: Wed, 11 May 2022 19:24:45 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.magaze.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 20:16:34 GMT
Expires: Thu, 05 Oct 2023 20:16:34 GMT
Cache-Control: public, max-age=31536000
Age: 258557
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.magaze.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 03 Oct 2022 21:39:33 GMT
Expires: Tue, 03 Oct 2023 21:39:33 GMT
Cache-Control: public, max-age=31536000
Age: 426378
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.195200 OK 48 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.magaze.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 47952
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 01:11:18 GMT
Expires: Wed, 04 Oct 2023 01:11:18 GMT
Cache-Control: public, max-age=31536000
Age: 413673
Last-Modified: Mon, 15 Aug 2022 18:22:41 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.195200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.magaze.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17368
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 06 Oct 2022 16:00:29 GMT
Expires: Fri, 06 Oct 2023 16:00:29 GMT
Cache-Control: public, max-age=31536000
Age: 187522
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.magaze.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 20:16:34 GMT
Expires: Thu, 05 Oct 2023 20:16:34 GMT
Cache-Control: public, max-age=31536000
Age: 258557
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
216.58.207.195200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Hash eec8dbfc49267c4d33cf31b49661bf37
0f49d4563cf9e22e3af6907d0785b9a6facadbf0
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.magaze.tv
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17336
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 06 Oct 2022 16:47:14 GMT
Expires: Fri, 06 Oct 2023 16:47:14 GMT
Cache-Control: public, max-age=31536000
Age: 184717
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
www.magaze.tv/wp-content/themes/Newspaper2/images/icons/newspaper.woff?16
62.149.144.107200 OK 123 kB URL HTTP/1.1 www.magaze.tv/wp-content/themes/Newspaper2/images/icons/newspaper.woff?16
IP 62.149.144.107:0
File type Web Open Font Format, TrueType, length 122756, version 0.0\012- data
Size 123 kB (122756 bytes)
Hash 19da11f0d9b9fb573e829229308c1134
ed4d47a9cb88ccd455eb000f74a8ccdb416f4cb2
765376402c1662f9456c85c6712339b6e8be5bf07fe700f77187c8b87a0d45a6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/Newspaper2/images/icons/newspaper.woff?16 HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.magaze.tv/wp-content/themes/Newspaper2/style.css?ver=9.6
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:51 GMT
Server: Apache
Last-Modified: Tue, 12 Mar 2019 17:54:42 GMT
ETag: "1df84-583e96246f006"
Accept-Ranges: bytes
Content-Length: 122756
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-font-woff
0.gravatar.com/avatar/?s=80&d=mm&r=g
192.0.73.2200 OK 1.3 kB URL HTTP/1.1 0.gravatar.com/avatar/?s=80&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 80x80, components 3\012- data
Hash 1127a8ec43092614d584219c5bc7f114
d2632fef16f0a845bb730f4f33605af59a9baefe
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
GET /avatar/?s=80&d=mm&r=g HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 08 Oct 2022 20:05:52 GMT
Content-Type: image/jpeg
Content-Length: 1323
Connection: keep-alive
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Link: <http://www.gravatar.com/avatar/?s=80&d=mm&r=g>; rel="canonical"
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="none.png"
Expires: Sat, 08 Oct 2022 20:10:52 GMT
Cache-Control: max-age=300
X-nc: HIT arn 4
Accept-Ranges: bytes
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 08 Oct 2022 18:41:09 GMT
expires: Sat, 08 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 5083
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 58 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (2910)
Hash 752306ad2094a8162d742d8729c6e9e8
55ad8df4cb91510645b52b5f4da41590493251d2
dc532a953267c31932ec959ebfe5d09138362383cdc7097bc1f732f8aeb1ddc6
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 08 Oct 2022 20:05:52 GMT
Expires: Sat, 08 Oct 2022 20:05:52 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 8782808578892179806
Vary: Accept-Encoding, Origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 57982
X-XSS-Protection: 0
www.google-analytics.com/j/collect?v=1&_v=j98&a=1525472353&t=pageview&_s=1&dl=http%3A%2F%2Fwww.magaze.tv%2F86%2F&ul=en-us&de=UTF-8&dt=Magaze.tv&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=462344127&gjid=261925775&cid=1883135165.1665259552&tid=UA-131809806-1&_gid=1903600627.1665259552&_r=1>m=2oua50&z=1683611610
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1525472353&t=pageview&_s=1&dl=http%3A%2F%2Fwww.magaze.tv%2F86%2F&ul=en-us&de=UTF-8&dt=Magaze.tv&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=462344127&gjid=261925775&cid=1883135165.1665259552&tid=UA-131809806-1&_gid=1903600627.1665259552&_r=1>m=2oua50&z=1683611610
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1525472353&t=pageview&_s=1&dl=http%3A%2F%2Fwww.magaze.tv%2F86%2F&ul=en-us&de=UTF-8&dt=Magaze.tv&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=462344127&gjid=261925775&cid=1883135165.1665259552&tid=UA-131809806-1&_gid=1903600627.1665259552&_r=1>m=2oua50&z=1683611610 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.magaze.tv
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://www.magaze.tv
date: Sat, 08 Oct 2022 20:05:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.magaze.tv/wp-content/uploads/2019/01/favicon.png
62.149.144.107200 OK 48 kB URL HTTP/1.1 www.magaze.tv/wp-content/uploads/2019/01/favicon.png
IP 62.149.144.107:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 26683eaed46f6d42c743235d523f8202
ccbc4bbd59f148bf1b4bc24afd6fb034ab86bff9
f85a36340efed626d1b679fbb5e6043f64fdbad851b7b9680a2ca75e26e37a99
GET /wp-content/uploads/2019/01/favicon.png HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/86/
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:52 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 09:40:19 GMT
ETag: "b9df-57e766f25cb5f"
Accept-Ranges: bytes
Content-Length: 47583
X-Aruba-Cache: NA
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
216.58.207.194200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221003/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sat, 08 Oct 2022 05:39:19 GMT
expires: Sat, 22 Oct 2022 05:39:19 GMT
cache-control: public, max-age=1209600
age: 51993
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2146749caed8f2243332d25e4d59185b
9373a9ded30fb65bdeba7a0596fc4fa4c843971c
57905558f8d0fcf560dce5a3a28fb4b1d06da0fcd2977cbab3e53fb16608ac8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57905558F8D0FCF560DCE5A3A28FB4B1D06DA0FCD2977CBAB3E53FB16608AC8D"
Last-Modified: Fri, 07 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 09 Oct 2022 02:05:52 GMT
Date: Sat, 08 Oct 2022 20:05:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0aca7edf23f6d8fb3c0b5a89400d3118
67e4a61460cb43d6882f3378d0455835d323c63f
acf66c6d19fa651d5a9a59b67b3e4c116485a2f60a5dd4d753afa411811019e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
forwardmytraffic.com/ad.js?port=2
192.102.6.94200 OK 312 B URL HTTP/1.1 forwardmytraffic.com/ad.js?port=2
IP 192.102.6.94:0
File type ASCII text, with CRLF, LF line terminators
Hash 16b6266a012feb7ea9f58d6cedee3087
c1c31bdc63f030c288bdf500a01d74dc309019b6
a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd
GET /ad.js?port=2 HTTP/1.1
Host: forwardmytraffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 08 Oct 2022 20:05:52 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.4
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1443518023913199&plah=www.magaze.tv
142.250.74.162200 OK 117 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1443518023913199&plah=www.magaze.tv
IP 142.250.74.162:0
File type ASCII text, with very long lines (6002)
Size 117 kB (117221 bytes)
Hash 0260057a2352d102682f091dc8f688a1
45e84e97e46f53c50b3034e4c3377a4c958f02bc
f87098769fc546ab57e84618ff6528f3474a5b82b633d165dec98f561351949c
GET /pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1443518023913199&plah=www.magaze.tv HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 08 Oct 2022 20:05:52 GMT
expires: Sat, 08 Oct 2022 20:05:52 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 12454247813171514336
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 117221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
odnaknopka.ru/ok9.js
142.132.202.70200 OK 143 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 01d104f1d2a961f6fc241ec08ba1af54
2e9f73a9137283c94c79bff44fd10f5b1a2738b6
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
GET /ok9.js HTTP/1.1
Host: odnaknopka.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:52 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
ETag: 6264103f7c6bfa520eb45620b7901527
odnaknopka.ru/stat.js
142.132.202.70200 OK 358 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
Hash f5c3d96c1d423c74a127cac2e0a58597
066d46aa9dc0959abb54f2cf805ce9af30c3fde1
8d3d75a202bfeacc981a2bfae3e215e2d137afc6f7d8cc31a955505bf5411bc3
GET /stat.js HTTP/1.1
Host: odnaknopka.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.magaze.tv/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
www.magaze.tv/wp-content/uploads/2015/11/35158t-150x150.jpg
62.149.144.107404 Not Found 13 kB URL HTTP/2 www.magaze.tv/wp-content/uploads/2015/11/35158t-150x150.jpg
IP 62.149.144.107:0
Hash 7636db10460b3e13a6350cf35485f12c
84870f9516a032586eca030b39e38d0ef92e342e
5c5864a2d45f7025d023083b0aae3b74148832b7c1c4054770001ce4dad8ab3b
GET /wp-content/uploads/2015/11/35158t-150x150.jpg HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.magaze.tv/wp-json/>; rel="https://api.w.org/"
x-aruba-cache: NA
content-type: text/html; charset=UTF-8
date: Sat, 08 Oct 2022 20:05:50 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a5bb2ca079b8c15c921933d39c57ae47
7ae6e38c3e12ef05164b04df7f2a65be3a3ec440
336607c0f56b4a97511339d2437520aa8c9d6cb07b5b5ddf535efe65561d2890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.magaze.tv&callback=_gfp_s_&client=ca-pub-1443518023913199
172.217.21.162200 OK 198 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.magaze.tv&callback=_gfp_s_&client=ca-pub-1443518023913199
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 86792f7a724502efea2126109c494d1d
53f4bd5654d6ea97551a56c01b2758d72fc057a4
4e9e112efe37d12e8b36d26ba3c1b367a3700a453317a6d74c5b406e1f55e48b
GET /gampad/cookie.js?domain=www.magaze.tv&callback=_gfp_s_&client=ca-pub-1443518023913199 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Oct 2022 20:05:52 GMT
server: cafe
cache-control: private
content-length: 198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.magaze.tv
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.magaze.tv
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.magaze.tv HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Oct 2022 20:05:52 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.magaze.tv
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.magaze.tv
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.magaze.tv HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Oct 2022 20:05:52 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2e92c2f8118b9db8661adaac937d4f34
0811391576e9e90c07d907baa9df85cc9b5a62ca
3ce87e96b38a3b8daf0e567cfa6d95a1f9035249e6f797a67b65f1e03f1944ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07e328c57909afc5a9e79d7d6907e7cf
38f1cc086938281fb5fbbd1877edf17263ae1fda
76c5865adaa292511aeeea981863ca4acbb44f82980998b6aafe64c1f6feedcb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a5bb2ca079b8c15c921933d39c57ae47
7ae6e38c3e12ef05164b04df7f2a65be3a3ec440
336607c0f56b4a97511339d2437520aa8c9d6cb07b5b5ddf535efe65561d2890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ed6666bb75f7d3936a8a0b7910dc0c26
14f14a7ca5a4cca101a4113fbdac8690098004fe
dfb3e9a6501c14d1fa3bb3b1d143c8447ac6f6cca9d7b2dcb15d16ce38122f21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFB3E9A6501C14D1FA3BB3B1D143C8447AC6F6CCA9D7B2DCB15D16CE38122F21"
Last-Modified: Sat, 08 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12285
Expires: Sat, 08 Oct 2022 23:30:37 GMT
Date: Sat, 08 Oct 2022 20:05:52 GMT
Connection: keep-alive
resistcorrectly.com/stat
176.9.60.211302 Moved Temporarily 0 B IP 176.9.60.211:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stat HTTP/1.1
Host: resistcorrectly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.12.2
Date: Sat, 08 Oct 2022 20:05:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Set-Cookie: qwerty_stat=0; expires=Sat, 08-Oct-2022 21:05:52 GMT; Max-Age=3600; path=/
Location: https://hlmiq.com/vu/a/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 53eebe870b3dda848d103e090bfe9d3d
3b0739849495f5e535bfc9c81f7cfbd6c4900b9f
920fadeb881977af804fc934be5fa6e3afdbf519a6acc751607f0c41dcb2c311
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920FADEB881977AF804FC934BE5FA6E3AFDBF519A6ACC751607F0C41DCB2C311"
Last-Modified: Sat, 08 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10190
Expires: Sat, 08 Oct 2022 22:55:42 GMT
Date: Sat, 08 Oct 2022 20:05:52 GMT
Connection: keep-alive
hlmiq.com/vu/a/
142.132.202.70200 OK 165 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f144c872426a71034a4da02c9abae11d
ba98d7ebf9f8f69303dfdbce0245e0e80a528fcf
976c61ab51ecf964a62bae8659ddfe60c79a7eeb3134a47487faf417a0cc9c79
GET /vu/a/ HTTP/1.1
Host: hlmiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.magaze.tv/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
hlmiq.com/vu/a/?
142.132.202.70200 OK 1.1 kB IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 8f522ceb7136c26e3897a9f34bb86987
c0bd52c7b6be008baa1702527d6aee6cd80cab30
4a78973e346f9532bf36c39db09ebb8a2d61b37387473deab466fff475633ea9
GET /vu/a/? HTTP/1.1
Host: hlmiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/vu/a/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
hlmiq.com/to2/uatest/
142.132.202.70307 Temporary Redirect 0 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /to2/uatest/ HTTP/1.1
Host: hlmiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/vu/a/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=6341d598ea9e7e0001e51bf7_14330&mpre=
hlmiq.com/to2/iherbcd/
142.132.202.70307 Temporary Redirect 0 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /to2/iherbcd/ HTTP/1.1
Host: hlmiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/vu/a/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://www.iherb.com/?clickref=1011lwf3eZ34&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
hlmiq.com/to2/dhgate/
142.132.202.70307 Temporary Redirect 0 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /to2/dhgate/ HTTP/1.1
Host: hlmiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/vu/a/?
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://de.dhgate.com/?f=bm|aff|admitad|1019090|d8e3bcaf7650ceb67f1622c87331b0b6|197649||
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c8ac6325ca2a6c19f62fcc9b2d22f7f9
58a80066e94dd65b3bfbc4dc4ada700d47d812ac
d595e371fffaec4098d241071f7cd4e1df1bdb14ad3143fc06a1bb0d56be1dde
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D595E371FFFAEC4098D241071F7CD4E1DF1BDB14AD3143FC06A1BB0D56BE1DDE"
Last-Modified: Fri, 07 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14749
Expires: Sun, 09 Oct 2022 00:11:42 GMT
Date: Sat, 08 Oct 2022 20:05:53 GMT
Connection: keep-alive
adservice.google.no/adsid/integrator.js?domain=www.magaze.tv
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.magaze.tv
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.magaze.tv HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Oct 2022 20:05:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 048b1793e966e6b33586ee0ec1bc37ba
9ad8245c7378c51f08f4822a03f064b541048838
b875e142b8bbc5540f0e2c7637dfefe5abaade1b6253580d38c4e6706e40e53d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 178
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:53 GMT
Last-Modified: Sat, 08 Oct 2022 20:02:55 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 278
www.binance.com/ru/register?ref=KZTDOPQP
54.230.111.107301 Moved Permanently 239 B URL HTTP/2 www.binance.com/ru/register?ref=KZTDOPQP
IP 54.230.111.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /ru/register?ref=KZTDOPQP HTTP/1.1
Host: www.binance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 239
location: https://accounts.binance.com/ru/register?ref=KZTDOPQP
date: Sat, 08 Oct 2022 20:05:50 GMT
server: Tengine
cache-control: no-store,max-age=0,must-revalidate
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5kFkwBw8YeD-vF9UCyGl5zYJYW7hlTJ4BUXXYYzzW3Y0tpEAXUlTXA==
age: 3
X-Firefox-Spdy: h2
localbitcoins.com/?ch=1cmsy
104.16.83.19302 Found 0 B URL HTTP/2 localbitcoins.com/?ch=1cmsy
IP 104.16.83.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?ch=1cmsy HTTP/1.1
Host: localbitcoins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: /
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Language, Cookie
content-language: en
x-frame-options: DENY
set-cookie: visit_id=530206346; expires=Sun, 08 Oct 2023 20:05:53 GMT; Max-Age=31536000; Path=/
lbc_browser_id=LTMEAHTUVHXSUOIGLAFOUQCYVAGGVKAD; expires=Thu, 06 Apr 2023 20:05:53 GMT; HttpOnly; Max-Age=15552000; Path=/; Secure
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e6f9e7db51e-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4656258bdbad9f385f6ad24a41931ad4
d9e1b19c2365a2eb91886893c8a91439d5df0f96
35fa460af507c486ea33045cd4acabb837ae8be1fc211d5a468f29c7db069984
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3855
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:53 GMT
Last-Modified: Sat, 08 Oct 2022 19:01:38 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2189350e2c694031a815a4190c4d014c
01187540f9f481902e9a0f2d3c4b56d8bf870f8b
cfd48754762854b14ecf98acfb5ca655657e39ce9fa03e8e86830ac3855751a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3172
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:53 GMT
Last-Modified: Sat, 08 Oct 2022 19:13:01 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
bongacams10.com/track?v=2&c=287325
195.85.23.222302 Found 138 B URL HTTP/2 bongacams10.com/track?v=2&c=287325
IP 195.85.23.222:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /track?v=2&c=287325 HTTP/1.1
Host: bongacams10.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html
content-length: 138
location: https://trkbng.com/hit.php?v=2&c=287325
x-bc: ded7848
x-zone: 5a-web44
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=NZfJaOEdy1sPFkheL_CBd40Jl3NBqd30i5tLI8ZpsEQ-1665259553-0-AXO0m+1kbNccH2zizBBPjI8MnYLRGbrkV8hMBj3CWOmreKGqxcsEACNlVqSqL5y9rSzubOJHlFc1qYvvNjK8EGQ=; path=/; expires=Sat, 08-Oct-22 20:35:53 GMT; domain=.bongacams10.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75717e70dfa5b4ee-OSL
X-Firefox-Spdy: h2
www.iherb.com/?clickref=1011lwf3eZ34&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
172.64.154.123301 Moved Permanently 0 B URL HTTP/2 www.iherb.com/?clickref=1011lwf3eZ34&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
IP 172.64.154.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?clickref=1011lwf3eZ34&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP/1.1
Host: www.iherb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 08 Oct 2022 20:05:53 GMT
content-length: 0
location: https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
cache-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: iher-pref1=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax
iher-pref1=storeid=0; expires=Sun, 08 Oct 2023 20:05:53 GMT; domain=.iherb.com; path=/; secure; samesite=none
ih-preference=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax
ih-preference=store=0; expires=Sun, 08 Oct 2023 20:05:53 GMT; domain=.iherb.com; path=/; secure; samesite=none
ihr-ea=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax
ihr-ea=PerformanceHorizon-1011lwf3eZ34; expires=Sat, 15 Oct 2022 20:05:53 GMT; domain=.iherb.com; path=/; secure; samesite=none
__cf_bm=SLp9J1vh.hGVLVpZi9ZavrQBHbyHAHps4dxX.mJdaN0-1665259553-0-AdZGwJjiNclw9BcTh9Hm9P+5YjdmtwNnFCdvv/76XVzjfY1PxGp0jWFITqXEOwdAxbZ6nyXp0ZS8TK+hpdgNe9zPanMCytjkXRQtElbnfjKH; path=/; expires=Sat, 08-Oct-22 20:35:53 GMT; domain=.iherb.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75717e70eef00b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resistcorrectly.com/w
176.9.60.211302 Moved Temporarily 0 B IP 176.9.60.211:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w HTTP/1.1
Host: resistcorrectly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.12.2
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
Set-Cookie: qwerty_w=0; expires=Mon, 10-Oct-2022 22:05:53 GMT; Max-Age=180000; path=/
Location: https://hlmiq.com/to2/iherbr10/
www.agoda.com/deals?pcs=1&cid=1818886
104.110.12.18200 OK 24 kB URL HTTP/2 www.agoda.com/deals?pcs=1&cid=1818886
IP 104.110.12.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (27664), with CRLF, LF line terminators
Hash 4aea210458067321310e33d3d44afe6e
ececb97d0d66e0fa7862f634da908f069adcfba1
d0c3eb22cece4ec57df43d4a2d18fb2ab36ee8ab24d9809368ad53f8e5cf4a26
GET /deals?pcs=1&cid=1818886 HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
cache-control: no-store, no-cache
pragma: no-cache
request-context: appId=
ag-correlation-id: e3dc0e79-ee26-4c75-a997-45f9e340b10c
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
ag-dc: am
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN
content-encoding: gzip
content-length: 23813
date: Sat, 08 Oct 2022 20:05:53 GMT
set-cookie: agoda.version.03=; path=/; expires=Fri, 07-Oct-2022 20:05:53 GMT; secure
agoda.l2=; domain=www.agoda.com; path=/; expires=Fri, 07-Oct-2022 20:05:53 GMT; secure; HttpOnly
ASP.NET_SessionId=1iboxije0kbk53kvyz3mh5gr; domain=www.agoda.com; path=/; SameSite=Lax; secure; HttpOnly
agoda.version.03=CookieId=42561f94-05e6-41b8-8a81-63df12e468e5&TItems=2$1818886$10-09-2022 03:05$10-10-2022 03:05$&DLang=en-us&CurLabel=NOK; domain=.agoda.com; path=/; expires=Mon, 09-Oct-2023 00:00:00 GMT; secure
agoda.firstclicks=1818886||||2022-10-09T03:05:53||1iboxije0kbk53kvyz3mh5gr||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Mon, 09-Oct-2023 00:00:00 GMT; secure; HttpOnly
agoda.lastclicks=1818886||||2022-10-09T03:05:53||1iboxije0kbk53kvyz3mh5gr||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Mon, 09-Oct-2023 00:00:00 GMT; secure; HttpOnly
agoda.landings=1818886|||1iboxije0kbk53kvyz3mh5gr|2022-10-09T03:05:53|True|19----1818886|||1iboxije0kbk53kvyz3mh5gr|2022-10-09T03:05:53|True|20----1818886|||1iboxije0kbk53kvyz3mh5gr|2022-10-09T03:05:53|True|99; domain=.agoda.com; path=/; expires=Mon, 09-Oct-2023 00:00:00 GMT; secure; HttpOnly
agoda.attr.03=ATItems=1818886$10-09-2022 03:05$; domain=.agoda.com; path=/; expires=Mon, 09-Oct-2023 00:00:00 GMT; secure; HttpOnly
xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYy0LThqx-sYvBNRcDX--3fatQ1Ko6GVjBsopNdS8rSWNzuHJZkmPy6R1vaKY2LcBVN8jIPAIGJj_JAH8Y_1l1Y98QpPNFTIgZc0QFL5etaFEr3Qufd5F3572BtIH3nndTo; path=/; samesite=strict; httponly
agoda.user.03=UserId=25b14f7b-b834-4520-8533-88e38cfee41c; domain=.agoda.com; path=/; expires=Sun, 08-Oct-2023 20:05:53 GMT; secure
agoda.analytics=Id=-2567782020101337182&Signature=-2999985913082522705&Expiry=1665263153438; domain=.agoda.com; path=/; expires=Sat, 08-Oct-2022 21:05:53 GMT; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=.agoda.com; path=/; expires=Sun, 08-Oct-2023 20:05:53 GMT
X-Firefox-Spdy: h2
www.exness.com/a/vps0b6j3
45.60.78.64301 Moved Permanently 0 B URL HTTP/2 www.exness.com/a/vps0b6j3
IP 45.60.78.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/vps0b6j3 HTTP/1.1
Host: www.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://www.exness.com/?utm_source=partners&_8f4x=1
expires: Sat, 08 Oct 2022 20:05:53 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
set-cookie: track_uid=a26e13ff-fdbc-4da3-b2f9-85db5c3b2871; Domain=.exness.com; expires=Tue, 05 Oct 2032 20:05:53 GMT; Max-Age=315360000; Path=/; SameSite=Lax
track_uid=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/
agent=vps0b6j3; Domain=.exness.com; expires=Fri, 06 Jan 2023 20:05:53 GMT; Max-Age=7776000; Path=/; SameSite=Lax
agent=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/
agent_timestamp=1665259553458; Domain=.exness.com; expires=Fri, 06 Jan 2023 20:05:53 GMT; Max-Age=7776000; Path=/; SameSite=Lax
agent_timestamp=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/
agent_platform=mt4; Domain=.exness.com; expires=Fri, 06 Jan 2023 20:05:53 GMT; Max-Age=7776000; Path=/; SameSite=Lax
agent_platform=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/
agent_link="/a/vps0b6j3"; Domain=.exness.com; expires=Fri, 06 Jan 2023 20:05:53 GMT; Max-Age=7776000; Path=/; SameSite=Lax
agent_link=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/
agent_full_path="/a/vps0b6j3"; Domain=.exness.com; expires=Fri, 06 Jan 2023 20:05:53 GMT; Max-Age=7776000; Path=/; SameSite=Lax
agent_full_path=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/
partnercode_enabled=true; Domain=.exness.com; expires=Fri, 06 Jan 2023 20:05:53 GMT; Max-Age=7776000; Path=/; SameSite=Lax
partnercode_enabled=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/
nlbi_961876=/08xJKrp214ESLDKzTYrKwAAAAClLUGkfzFQ+V7xpxSd2Lxu; path=/; Domain=.exness.com
visid_incap_961876=YXWOei0UR1yi4FJ92NOgaSDYQWMAAAAAQUIPAAAAAACT0g7jBy0h0XOJS9vW/uAg; expires=Sat, 07 Oct 2023 23:24:57 GMT; HttpOnly; path=/; Domain=.exness.com
incap_ses_631_961876=L0kUCuT1zR3cKHFe/sPBCCDYQWMAAAAAz3lXo1NWpwgjY1p3jsbAIg==; path=/; Domain=.exness.com
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-37138023-37136646 pNNN RT(1665259552529 210) q(0 0 0 0) r(0 0) U11
X-Firefox-Spdy: h2
remitano.com/join/2716653
104.18.29.12302 Found 23 B URL HTTP/2 remitano.com/join/2716653
IP 104.18.29.12:0
File type ASCII text, with no line terminators
Hash 19f1429ad5f6eb308725dc533ddbf8be
58ed14b4156f90188137f0328c9201825426a934
4a420424a2c575891b5947fe46615eb7968fc4e8d212361d6a631dc01407558b
GET /join/2716653 HTTP/1.1
Host: remitano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/plain; charset=utf-8
content-length: 23
x-powered-by: Remitano
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src * 'self' https: wss: data: blob: 'unsafe-inline' 'unsafe-eval'
permissions-policy: camera=(*)
location: /
vary: Accept
cf-cache-status: DYNAMIC
set-cookie: AWSALB=zvjwCwnQ6OFWbag9kb2v3Aq94GVXwma9IOzWsYlIXVED8/e7NntBoVt/YtmsF0cIodVRKNYYJE0wP2zbRFvpOOs7OfgsFCYIKQOkqwA1aikSiC9v30i1ks1MEIBs; Expires=Sat, 15 Oct 2022 20:05:53 GMT; Path=/
AWSALBCORS=zvjwCwnQ6OFWbag9kb2v3Aq94GVXwma9IOzWsYlIXVED8/e7NntBoVt/YtmsF0cIodVRKNYYJE0wP2zbRFvpOOs7OfgsFCYIKQOkqwA1aikSiC9v30i1ks1MEIBs; Expires=Sat, 15 Oct 2022 20:05:53 GMT; Path=/; SameSite=None; Secure
AWSALB=iuk8K0J/cEJpIHOW4mdG4QCQhn5IBTcLPvZ+ptE08OB6w3w86D7I2Q6FMs4/r6brRGbMuUFKoDu+lEvlG1ymBBrVrl8L/4+jlRW1jAqgQZQTYLz4Ee+/r1Nkzqs3; Expires=Sat, 15 Oct 2022 20:05:53 GMT; Path=/
AWSALBCORS=iuk8K0J/cEJpIHOW4mdG4QCQhn5IBTcLPvZ+ptE08OB6w3w86D7I2Q6FMs4/r6brRGbMuUFKoDu+lEvlG1ymBBrVrl8L/4+jlRW1jAqgQZQTYLz4Ee+/r1Nkzqs3; Expires=Sat, 15 Oct 2022 20:05:53 GMT; Path=/; SameSite=None; Secure
connect.sid=s%3A7wi-Z7ngGdA0Ghm0HFpYEgD26TpLdMHr.0erQKCi3QLQlvEmApesuiikJlQEZXRg2G5aEZYmr27A; Path=/; Expires=Sun, 09 Oct 2022 20:05:53 GMT; HttpOnly
__cf_bm=E.CRZC.POX3TTBV1Zp4vMMu4sokko4dlrM1x6CmXwsQ-1665259553-0-AYF9I2njmO1AH13J9Me50l9u/E0vWR463YEjLCxZM2MR3ULAY/upJagyD4OVj5fO7OCAMbQzOlmmmPWFCzhZDpQ=; path=/; expires=Sat, 08-Oct-22 20:35:53 GMT; domain=.remitano.com; HttpOnly; Secure; SameSite=None
_cfuvid=3wi2y4BoccPo.dEMgXEp1LgkrNtLoPg0Sd9LqBMke7I-1665259553501-0-604800000; path=/; domain=.remitano.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75717e7078c61c0a-OSL
X-Firefox-Spdy: h2
www.hotelscombined.com/?a_aid=172493
151.101.85.29302 Found 0 B URL HTTP/2 www.hotelscombined.com/?a_aid=172493
IP 151.101.85.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a_aid=172493 HTTP/1.1
Host: www.hotelscombined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: KAYAK/1.0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
content-security-policy-report-only: default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp
feature-policy: camera 'none'; microphone 'none'; midi 'none'; usb 'none'; geolocation 'self'
location: /
set-cookie: p1.med.token=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Apache=W1oqmg-AAABg7k0Qqw-08-SSTopA; Max-Age=86400000; Expires=Fri, 04 Jul 2025 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
cluster=5; Max-Age=2700; Expires=Sat, 08 Oct 2022 20:50:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
kayak=xzuj6WdFj84F3eye79lQ; Max-Age=94608000; Expires=Tue, 07 Oct 2025 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
p1.med.sid=R-5Y2EKRudwibclt4b_g7P0-oOVlgX7_lpyE2ZyEcfxfcTDoHgxBslJZiIGwa9mOU; Path=/; Secure; HTTPOnly; SameSite=None
kanid=kan_172493; Max-Age=2592000; Expires=Mon, 07 Nov 2022 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
kanid=kan_172493; Max-Age=2592000; Expires=Mon, 07 Nov 2022 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
languageCode=EN; Max-Age=946080000; Expires=Mon, 30 Sep 2052 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
currencyCode=USD; Max-Age=946080000; Expires=Mon, 30 Sep 2052 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
kmkid=ACtzKS039ByufVO_cIsngf0; Max-Age=94608000; Expires=Tue, 07 Oct 2025 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
a_aid=172493; Expires=Mon, 7 Nov 2022 20:05:53 GMT; Path=/; Secure; HttpOnly; SameSite=None
brandId=; Expires=1970-01-01T00:00Z; Path=/; Secure; HttpOnly; SameSite=None
label=; Expires=1970-01-01T00:00Z; Path=/; Secure; HttpOnly; SameSite=None
Mobile=0; Expires=Mon, 7 Nov 2022 20:05:53 GMT; Path=/; Secure; HttpOnly; SameSite=None
visitor=id=4fc4fcdd-df4a-4547-9270-5286f626870a&tracked=false; Expires=Mon, 7 Nov 2022 20:05:53 GMT; Path=/; Secure; HttpOnly; SameSite=None
visit=date=2022-10-09T07:05:53.487279+11:00&id=c9554bba-8bbf-406d-a7ea-9fc2331da8da; Expires=Sun, 9 Oct 2022 00:05:53 GMT; Path=/; Secure; HttpOnly; SameSite=None
QueryBasedAffiliate=11; Path=/; Secure; HttpOnly; SameSite=None
kayak.mc=Abr1CIiTf_9bQhIsJIThpmvviMJTNmItZJjUhrXcH0TBqKL_9s_ofQksUAqcHAz_oj1w82H3UWCYC-ncNeroEDpQ_uQDV3pelepC6sYQsV8krggn6huIZFRhyMSUNgpehiA2PMvcV87CHIAcDgWLZY35d-iO5hH3EYKDQvirQ83gYlCrxjurkhCsld3NaaL2Yq2SaHqk53jfW6hYKwN50bVXhw0kzxofh6PXs9X-9HUmDsjKC8MkzxcxW4i6FOqAx3AbeOeFAZpl8NGKaUM97xdKo_qcxsrFHpvQkfjjhSVvfvxfhbGZm5lW3F3qKekJ9Q; Max-Age=94608000; Expires=Tue, 07 Oct 2025 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
NSC_q5-tqbslmf=ffffffff0989b66045525d5f4f58455e445a4a422a59;expires=Sat, 08-Oct-2022 20:25:53 GMT;path=/;httponly
accept-ranges: bytes
date: Sat, 08 Oct 2022 20:05:53 GMT
content-length: 0
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c8ac6325ca2a6c19f62fcc9b2d22f7f9
58a80066e94dd65b3bfbc4dc4ada700d47d812ac
d595e371fffaec4098d241071f7cd4e1df1bdb14ad3143fc06a1bb0d56be1dde
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D595E371FFFAEC4098D241071F7CD4E1DF1BDB14AD3143FC06A1BB0D56BE1DDE"
Last-Modified: Fri, 07 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14749
Expires: Sun, 09 Oct 2022 00:11:42 GMT
Date: Sat, 08 Oct 2022 20:05:53 GMT
Connection: keep-alive
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 773d6dcf3a05d584df90fe76e6f4aa21
514229a2f7ffe979d507930700affc3341a17f02
9b08e544703e23766e73cce1b0ec4e16a3b57aa517b61e276d51d359a0952a5e
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 15:56:31 GMT
Expires: Sat, 15 Oct 2022 15:56:30 GMT
Etag: "514229a2f7ffe979d507930700affc3341a17f02"
Cache-Control: max-age=602741,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1172
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75717e71bb96b512-OSL
hlmiq.com/to2/iherbr10/
142.132.202.70307 Temporary Redirect 0 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /to2/iherbr10/ HTTP/1.1
Host: hlmiq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://www.iherb.com/?clickref=1011lwf3jgIW&utm_source=cityads&utm_medium=affiliate&utm_content=1jf
www.exness.com/?utm_source=partners&_8f4x=1
45.60.78.64302 Found 0 B URL HTTP/2 www.exness.com/?utm_source=partners&_8f4x=1
IP 45.60.78.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_source=partners&_8f4x=1 HTTP/1.1
Host: www.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache
content-length: 0
location: https://www.exness.uk/?utm_source=partners&_8f4x=1
set-cookie: nlbi_961876=bMFEP7Qw91xNpA5VzTYrKwAAAAB0XbJqNEHr1e5fOQLckL8/; path=/; Domain=.exness.com
visid_incap_961876=YXWOei0UR1yi4FJ92NOgaSDYQWMAAAAAQUIPAAAAAACT0g7jBy0h0XOJS9vW/uAg; expires=Sat, 07 Oct 2023 23:24:57 GMT; HttpOnly; path=/; Domain=.exness.com
incap_ses_631_961876=lcy6GSBGykncKHFe/sPBCCDYQWMAAAAAm6sryd4SqHfMPaHeqmvZzw==; path=/; Domain=.exness.com
x-cdn: Imperva
x-iinfo: 3-37138023-37136646 pNNN RT(1665259552529 305) q(0 0 0 0) r(0 0) U11
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d2ac39ac11e4b6e0239c47b2268a811d
7dea4b85b310d8099177e093a91a9941d3ddb4c5
1f48d3448ae065550caad4b5fd45e4b94763eec3a97fcf918e09d8dcd2bc6f14
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 07:04:20 GMT
Expires: Thu, 13 Oct 2022 07:04:19 GMT
Etag: "7dea4b85b310d8099177e093a91a9941d3ddb4c5"
Cache-Control: max-age=384505,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75717e70ac0fb50b-OSL
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2189350e2c694031a815a4190c4d014c
01187540f9f481902e9a0f2d3c4b56d8bf870f8b
cfd48754762854b14ecf98acfb5ca655657e39ce9fa03e8e86830ac3855751a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3233
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:53 GMT
Last-Modified: Sat, 08 Oct 2022 19:12:00 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cbea200f5943b912ef7ed54f6ce29966
d442bfdfc1f05e8b1a4fa21ae8aca7eb772989db
c05fa7868804483f9013e732085739a43ba548551c55dbef8f1f69fa63715ada
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C05FA7868804483F9013E732085739A43BA548551C55DBEF8F1F69FA63715ADA"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1561
Expires: Sat, 08 Oct 2022 20:31:54 GMT
Date: Sat, 08 Oct 2022 20:05:53 GMT
Connection: keep-alive
www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
172.64.154.123302 Found 0 B URL HTTP/2 www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
IP 172.64.154.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP/1.1
Host: www.iherb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: iher-pref1=storeid=0; ih-preference=store=0; ihr-ea=PerformanceHorizon-1011lwf3eZ34; __cf_bm=SLp9J1vh.hGVLVpZi9ZavrQBHbyHAHps4dxX.mJdaN0-1665259553-0-AdZGwJjiNclw9BcTh9Hm9P+5YjdmtwNnFCdvv/76XVzjfY1PxGp0jWFITqXEOwdAxbZ6nyXp0ZS8TK+hpdgNe9zPanMCytjkXRQtElbnfjKH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-length: 0
location: https://no.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
cache-control: no-cache
datacenter: production/catalog/frankfurt
buildnumber: 1730
x-client-id: page-home
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 75717e714f610b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my28.roboforex.org/ru/?a=zkeb
167.71.140.86302 Moved Temporarily 145 B URL HTTP/1.1 my28.roboforex.org/ru/?a=zkeb
IP 167.71.140.86:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bfe2c1d1b36c62666ce9ba537d324bd4
4d52a7c6d2909a506a4e81559eb24e8af077c741
5216ad883da8fe250db6892c9abca11bae07572d49a4c48a3c42276ffe6a9fb8
GET /ru/?a=zkeb HTTP/1.1
Host: my28.roboforex.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: https://adsexample.com/krug.gif
www.exness.uk/?utm_source=partners&_8f4x=1
45.60.78.64200 OK 4.7 kB URL HTTP/2 www.exness.uk/?utm_source=partners&_8f4x=1
IP 45.60.78.64:0
Hash 6f1a135125c7da64272a4f441822f7fa
508d987ead977e7bcf746280670efe1311a3aef3
09cf916217d20da1803f701894a6b9e9c27ff3ac5dfeea85fedeb15c145dd8a5
GET /?utm_source=partners&_8f4x=1 HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html
last-modified: Thu, 15 Sep 2022 10:08:39 GMT
etag: W/"6322f9a7-cf1c"
x-frame-options: DENY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
link: </webpack-runtime-8ed8ac7d895a39c079c7.js>; rel=preload; as=script, </framework-503975f2ecca4dec5b9e.js>; rel=preload; as=script, </app-d08a33fc236d893c86a0.js>; rel=preload; as=script, </d31dfba0d8a2627e52b662160effaf0aef569c96-b881065e0d0b56be2e52.js>; rel=preload; as=script, </component---src-templates-page-home-js-f8a6acf05f0d2cc9dad4.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/index/page-data.json>; rel=preload; as=fetch; crossorigin
x-router-node: pw-uk-577cfdbfb8-7rx59
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache, private
x-content-type-options: nosniff
set-cookie: language=en;Path=/;Max-Age=2628000
nlbi_1243376=jSR8X271O2YtQCeuhB7R3QAAAACniFVaeYMJdit9hjETuQts; path=/; Domain=.exness.uk
visid_incap_1243376=20I4ZoZFT/u5WvU5bYQDvyDYQWMAAAAAQUIPAAAAAACPjsi/E+R9QRF5xGNiiPtw; expires=Sat, 07 Oct 2023 23:26:24 GMT; HttpOnly; path=/; Domain=.exness.uk
incap_ses_631_1243376=J9zwU6LrWgDiKHFe/sPBCCDYQWMAAAAA8clxMcGtmNkN0D9Jg93shQ==; path=/; Domain=.exness.uk
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 9-35895421-35868963 pNYN RT(1665259552916 24) q(0 0 0 0) r(0 0) U12
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d2ac39ac11e4b6e0239c47b2268a811d
7dea4b85b310d8099177e093a91a9941d3ddb4c5
1f48d3448ae065550caad4b5fd45e4b94763eec3a97fcf918e09d8dcd2bc6f14
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 07:04:20 GMT
Expires: Thu, 13 Oct 2022 07:04:19 GMT
Etag: "7dea4b85b310d8099177e093a91a9941d3ddb4c5"
Cache-Control: max-age=384505,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75717e733f6db50b-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 15dc1a4828c1f6f453ec6e0da9367307
f9a3dbcdf41801cd82656965ade525804737b5f3
a8021a28801a46e95c1f16ba9328caca2f8f10cd9a7ce499146aff876eec56d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8021A28801A46E95C1F16BA9328CACA2F8F10CD9A7CE499146AFF876EEC56D8"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16840
Expires: Sun, 09 Oct 2022 00:46:34 GMT
Date: Sat, 08 Oct 2022 20:05:54 GMT
Connection: keep-alive
iqbroker.com//lp/ultimate-trading/?active=forex2&aff=7792
185.117.134.138200 OK 18 kB URL HTTP/2 iqbroker.com//lp/ultimate-trading/?active=forex2&aff=7792
IP 185.117.134.138:0
ASN #204006 Iqoption Europe Ltd
Hash f851bc0af749c5b1eb9b8462935c55ef
84b1dde351d6108439c54041dadbbabe7b4e6bbb
ae7cce9a4c0a418b2df66a5662f2cf1f0e470d73ec8bf479deb0778ad48d1668
GET //lp/ultimate-trading/?active=forex2&aff=7792 HTTP/1.1
Host: iqbroker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 07 Oct 2022 14:32:53 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
set-cookie: IsRestrictedCountry=false; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
IsRegulatedCountry=true; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
Country=no; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
CountryID=149; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
landing=/lp/ultimate-trading/; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
aff=7792; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
retrack=; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
affextra=; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
afftrack=; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
aff_model=; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
aff_ts=2022-10-08T20:05:53Z; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
AffTrackGroup=Black_team_(partnerka); expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
Serv=NL; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
referrer=https://hlmiq.com/; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
AppID=id871125783; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
brand_id=1; expires=Sat, 15 Oct 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
platform=9; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
client_platform_id=9; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
support_email=support@eu.iqoption.com; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
company_id=1; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
IsAppStoreCountry=true; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
RedirectDomain=iqoption.com; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
RedirectDomains=iqoption.com,iqtrading.asia; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
linkPolicy=/en/terms-and-conditions/privacy-policy-new; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
linkTerms=/en/terms-and-conditions/terms-and-conditions; expires=Tue, 08 Nov 2022 20:05:53 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None
link: <https://iqbroker.com/lp/ultimate-trading/en/forex2/>; rel="canonical"
backend: arbitre_v4
remote-addr: 91.90.42.154
content-encoding: gzip
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
X-Firefox-Spdy: h2
m.mexc.com/auth/signup?inviteCode=1RQUG
2.21.240.226200 OK 4.8 kB URL HTTP/2 m.mexc.com/auth/signup?inviteCode=1RQUG
IP 2.21.240.226:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4986)
Hash 21ef7fa635292c761e0dad16bac1a503
478493c22c1c6fa01d28992bb016336cdc6a2d9c
1226f79c950d95bb29a4325b40d84eae954315bca6fc5778832d86a1883421eb
GET /auth/signup?inviteCode=1RQUG HTTP/1.1
Host: m.mexc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
content-encoding: gzip
etag: "634165e5-180d"
last-modified: Sat, 08 Oct 2022 11:58:29 GMT
content-security-policy: frame-ancestors 'self' *.mexc.me *.mexc.com *.mexceu.com *.mexc.kr *.mexc.co sensors.xiaoxiame.com *.365huo.xyz
x-content-type-options: nosniff
x-akamai-transformed: 9 2747 0 pmb=mRUM,2
expires: Sat, 08 Oct 2022 20:05:54 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 08 Oct 2022 20:05:54 GMT
content-length: 4821
vary: Accept-Encoding
server-timing: cdn-cache; desc=MISS, edge; dur=712, origin; dur=16
X-Firefox-Spdy: h2
get.mona.co/1mLxRmFn1bb
52.52.65.65307 Temporary Redirect 0 B IP 52.52.65.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1mLxRmFn1bb HTTP/1.1
Host: get.mona.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: openresty
Date: Sat, 08 Oct 2022 20:05:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: _s=Kl8B%2BD2Bz0bQ2avxcRLN%2BCPjkOzSprPD9QxOW78pRkzEKmSmW%2Fh9gOMU0abWzRzU; Max-Age=31536000; Path=/; Expires=Sun, 08 Oct 2023 20:05:54 GMT; Secure
Location: https://monaco.app.link/1mLxRmFn1bb?_p=c91529cb981c60f2fc1c8bf9
Strict-Transport-Security: max-age=31536000; includeSubDomains
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 47c5f5dca40526861be927bd361c612c
549b56fe5adb8793b1353f08e301455aa41bb54f
b6c3f38713754b274bfa661513fd3f708d6ab8da17e9fd365968ce9d864fe9fb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 20:05:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 15:53:35 GMT
Expires: Wed, 12 Oct 2022 15:53:34 GMT
Etag: "549b56fe5adb8793b1353f08e301455aa41bb54f"
Cache-Control: max-age=329859,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75717e7a1966b50b-OSL
rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=6341d598ea9e7e0001e51bf7_14330&mpre=
209.140.135.138301 Moved Permanently 0 B URL HTTP/1.1 rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=6341d598ea9e7e0001e51bf7_14330&mpre=
IP 209.140.135.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=6341d598ea9e7e0001e51bf7_14330&mpre= HTTP/1.1
Host: rover.ebay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
strict-transport-security: max-age=31536000
x-ebay-pop-id: SLBSLCAZ01
location: https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=6341d598ea9e7e0001e51bf7_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
date: Sat, 08 Oct 2022 20:05:54 GMT
server: ebay-proxy-server
content-length: 0
platinum.crypto.com/r/8mk2bghn8f
104.18.112.58302 Found 12 kB URL HTTP/2 platinum.crypto.com/r/8mk2bghn8f
IP 104.18.112.58:0
Hash 4ef96aba5464dec20af197bc56add13b
2c408686ff9ec67479f71e1f4ab32eb5cd9f258f
88f5898836136439dc0a7fde0b742d793d9c3c073e6a1f504d8fbac954680b86
GET /r/8mk2bghn8f HTTP/1.1
Host: platinum.crypto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Cookie: __cf_bm=e1LM5h9qFNehqGV3yGydm.19BHv_nIlBOpmiRx7k4as-1665259553-0-ASbC4M370rxu1aJqk17SBT9PMri0KdniLgpt35KAI0JYR5ia95eycyZF9SqiT0cE2S2zLomuItCKJgo9M6R2qUM=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
location: https://get.mona.co/1mLxRmFn1bb
cf-ray: 75717e710c8e0b59-OSL
cache-control: no-cache, no-store
expires: Mon, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=604800
cf-cache-status: DYNAMIC
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: f828be76-1f0c-476f-8e2e-b6900cf7893f
x-runtime: 0.012536
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Rg.vw_nyhzuKA4ChtuzjKoc24rf.gga7C9zugQziXoY-1665259553-0-Af9mpBYjSTV5q9VaXTTl8bR1cLGFjgdCoOP9jHbsESjeidMzcvsD8fFt6afBBRKJWTjrYsaZZJ-FChAQHwsfF0vs5BOI7Aec4aeKdvblKD1R"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Rg.vw_nyhzuKA4ChtuzjKoc24rf.gga7C9zugQziXoY-1665259553-0-Af9mpBYjSTV5q9VaXTTl8bR1cLGFjgdCoOP9jHbsESjeidMzcvsD8fFt6afBBRKJWTjrYsaZZJ-FChAQHwsfF0vs5BOI7Aec4aeKdvblKD1R; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.tomtop.com/?aid=agru
54.69.130.55200 OK 14 kB IP 54.69.130.55:0
Hash 5a75d8ddb7e8be949d2ab8b0bfaa8fac
9bd2faf9e420e722f474afe975e2c38953d40d47
3b38d7d288d952fb90adec4a5660c7cff61cf7396fb0ab8119e86f2b4141838b
GET /?aid=agru HTTP/1.1
Host: www.tomtop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:54 GMT
content-type: text/html; charset=UTF-8
server: nginx/
vary: Accept-Encoding
set-cookie: PLAY_LANG=en; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
country=United+States%7CUS; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
TT_CURR=USD; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
TT_LANG=1; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
USERID_COOKIE_NAME=20221008200303863337; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
PLAY_LANG=en; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
country=United+States%7CUS; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
TT_CURR=USD; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
TT_LANG=1; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
USERID_COOKIE_NAME=20221008200303231789; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
PLAY_LANG=en; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
country=United+States%7CUS; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
TT_CURR=USD; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
TT_LANG=1; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
USERID_COOKIE_NAME=20221008200303899797; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
PLAY_LANG=en; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
country=United+States%7CUS; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
TT_CURR=USD; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
TT_LANG=1; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
USERID_COOKIE_NAME=20221008200303017086; expires=Sun, 08-Oct-2023 20:03:03 GMT; Max-Age=31536000; path=/; domain=.tomtop.com
Secure
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expires: Sat, 08 Oct 2022 20:08:54 GMT
cache-control: max-age=180
x-cache: HIT from 172.31.31.38
content-encoding: gzip
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 08 Oct 2022 20:05:55 GMT
expires: Sat, 08 Oct 2022 20:05:55 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 20:36:17 GMT
expires: Thu, 05 Oct 2023 20:36:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 257378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 20:05:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
104.19.182.41200 OK 80 kB URL HTTP/2 stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
IP 104.19.182.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators
Hash 8da222350d83088f0b8ce02398ae863e
15e6a28e9dcb9583cd666a6136b06941eb5541f0
e77e8dc0f884a577214a54cc5820d94883fb6e92df41ae39a66dfe9e107b0e83
GET /?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727 HTTP/1.1
Host: stripchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:54 GMT
content-type: text/html; charset=utf-8
content-security-policy-report-only: default-src 'self' *.stripchat.com data: blob: *.amplitude.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org *.trafficjunky.net main.exoclick.com tsyndicate.com *.hotjar.com *.hotjar.io;img-src 'self' * data: blob: android-webview-video-poster:;script-src 'self' *.stripchat.com data: 'unsafe-inline' 'unsafe-eval' blob: *.amplitude.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.hpyrdr.dev *.hytto.com *.lovense.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.trafficjunky.net cometmaster.com *.google.com platform.twitter.com main.exoclick.com tsyndicate.com wss://*.sc-apps.com www.googleadservices.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.2/fingerprint2.min.js *.crowdin.com cdntechone.com *.dmskgo.com *.nktrdr.com *.ktkjmp.com *.xhamster.com *.llyjmp.com *.lxzrdr.com *.mdyjmp.com *.mgdjmp.com *.rdfxgo.com *.smljmp.com *.stripcash.com *.xxxjmp.com *.xxxivjmp.com *.xxxvjmp.com *.xxxvijmp.com *.xxxviijmp.com *.xxxviiijmp.com *.xlrdr.com *.xlirdr.com *.xliirdr.com *.xliiirdr.com *.xlivrdr.com *.xlvrdr.com *.xlvirdr.com *.xlviirdr.com *.xlviiirdr.com *.zybrdr.com;connect-src 'self' *.stripchat.com *.amplitude.com *.doubleclick.net *.flixstorage.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.hytto.com *.lovense.club *.lovense.club:34568 *.lovense.com *.stripcdn.com *.xhamsterlive.com *.xlivesex.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org syndication.twitter.com wss://*.stripchat.com wss://*.stripcdn.com wss://*.stripcdn.com:8090 wss://*.stripst.com wss://*.stripst.dev wss://*.strpst.com wss://*.strwst.com wss://*.doppiocdn.com wss://*.lovense.com wss://cometmaster.com wss://*.sc-apps.com *.crowdin.com crowdin.com datatechone.com *.dmskgo.com *.nktrdr.com *.ktkjmp.com *.xhamster.com *.llyjmp.com *.lxzrdr.com *.mdyjmp.com *.mgdjmp.com *.rdfxgo.com *.smljmp.com *.stripcash.com *.xxxjmp.com *.xxxivjmp.com *.xxxvjmp.com *.xxxvijmp.com *.xxxviijmp.com *.xxxviiijmp.com *.xlrdr.com *.xlirdr.com *.xliirdr.com *.xliiirdr.com *.xlivrdr.com *.xlvrdr.com *.xlvirdr.com *.xlviirdr.com *.xlviiirdr.com *.zybrdr.com;media-src 'self' *.stripchat.com data: blob: *.ahcdn.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org;style-src 'self' *.stripchat.com 'unsafe-inline' *.googleapis.com *.hytto.com *.lovense.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.tagmanager.google.com *.crowdin.com;frame-src * data:;report-uri /_csp
strict-transport-security: max-age=15768000
x-frame-options: deny
cf-cache-status: DYNAMIC
set-cookie: stripchat_com_guestId=de9f0bcdf2d85e4f6985db4e1044ee83ed23deee9bc8b1bab51568492737; expires=Fri, 06-Jan-2023 20:05:53 GMT; path=/; domain=stripchat.com; sameSite=None; secure; httponly
stripchat_com_firstVisit=2022-10-08T20%3A05%3A53Z; expires=Sun, 08-Oct-2023 20:05:53 GMT; path=/; domain=stripchat.com; httponly
stripchat_com_affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727; expires=Fri, 06-Jan-2023 20:05:53 GMT; path=/; domain=stripchat.com; sameSite=None; secure; httponly
ABTest_ab_25_tokens_instead_20_key=A; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
ABTest_ab_signup_link_for_models_on_mobile_key=B; path=/; domain=stripchat.com; expires=Mon, 31 Oct 2022 00:00:00 GMT
ABTest_recommended_v40_key=A; path=/; domain=stripchat.com; expires=Mon, 31 Oct 2022 00:00:00 GMT
ABTest_start_private_with_price_key=B; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
__cflb=02DiuFntVtrkFMde1diFXc6auiQ5NotZkpjnF6x2Ehf4G; SameSite=None; Secure; path=/; expires=Sun, 09-Oct-22 19:05:54 GMT; HttpOnly
server: cloudflare
cf-ray: 75717e70a907b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.instaforex.com/?x=LVYG
104.22.12.246302 Found 0 B URL HTTP/2 www.instaforex.com/?x=LVYG
IP 104.22.12.246:0
GET /?x=LVYG HTTP/1.1
Host: www.instaforex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
location: https://www.instaforex.com/
x-powered-by: PHP/7.3.33
set-cookie: secure_partner_cookie=hlmiq.comxllxLVYG; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.instaforex.com
secure_partner_cookie=hlmiq.comxllxLVYG; expires=Sat, 15-Oct-2022 20:05:53 GMT; Max-Age=604800; path=/; domain=.instaforex.com
cookie1h=1; expires=Sat, 08-Oct-2022 21:05:53 GMT; Max-Age=3600; path=/
cookie24h=1; expires=Sun, 09-Oct-2022 20:05:53 GMT; Max-Age=86400; path=/
cookieForever=1; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/
lang=en; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.instaforex.com
PHPSESSID=dftjrbod1tgt02lp83mfeb7g2r; path=/
x=LVYG; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.instaforex.com
x_time=08-10-2022+22%3A05; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.instaforex.com
d=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.instaforex.com
d=https%3A%2F%2Fhlmiq.com%2F; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.instaforex.com
expires: Sat, 08 Oct 2022 20:05:52 GMT
pragma: no-cache
cache-control: no-cache
strict-transport-security: max-age=31536000;
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e704e690b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.semrush.com/?ref=2017024630&refer_source=&utm_source=berush&utm_medium=promo&utm_campaign=link_other
34.120.45.191200 OK 0 B URL HTTP/2 www.semrush.com/?ref=2017024630&refer_source=&utm_source=berush&utm_medium=promo&utm_campaign=link_other
IP 34.120.45.191:0
GET /?ref=2017024630&refer_source=&utm_source=berush&utm_medium=promo&utm_campaign=link_other HTTP/1.1
Host: www.semrush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-service-response-time: 0.01933
content-language: en
x-service: index
server-timing: service;dur=20.99594, backend;dur=47.72437
set-cookie: PHPSESSID=6106b2deb199f3b229274352a36a2c37; Path=/; Domain=semrush.com; Expires=Sun, 09 Oct 2022 20:05:53 GMT; HttpOnly; Secure
SSO-JWT=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI2MTA2YjJkZWIxOTlmM2IyMjkyNzQzNTJhMzZhMmMzNyIsImlhdCI6MTY2NTI1OTU0OCwiaXNzIjoic3NvIn0.I2dP0x_01h8j5KBwmERDU17SfoemKf08XBIzzHrCQrLEirwuB_2QfFC397pubb2OYcAdRllU4Vua_eXjwj6Kpw; Path=/; Domain=semrush.com; Expires=Sun, 09 Oct 2022 20:05:53 GMT; HttpOnly; Secure
GCLB=CLfnq8v1sZTNNw; path=/; HttpOnly; expires=Sun, 09-Oct-2022 20:05:53 GMT
sm-log-id: flb-6025677f88ef0ecbd07079da169d7342
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
remitano.com/
104.18.29.12200 OK 0 B IP 104.18.29.12:0
GET / HTTP/1.1
Host: remitano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Cookie: AWSALBCORS=iuk8K0J/cEJpIHOW4mdG4QCQhn5IBTcLPvZ+ptE08OB6w3w86D7I2Q6FMs4/r6brRGbMuUFKoDu+lEvlG1ymBBrVrl8L/4+jlRW1jAqgQZQTYLz4Ee+/r1Nkzqs3; __cf_bm=E.CRZC.POX3TTBV1Zp4vMMu4sokko4dlrM1x6CmXwsQ-1665259553-0-AYF9I2njmO1AH13J9Me50l9u/E0vWR463YEjLCxZM2MR3ULAY/upJagyD4OVj5fO7OCAMbQzOlmmmPWFCzhZDpQ=; _cfuvid=3wi2y4BoccPo.dEMgXEp1LgkrNtLoPg0Sd9LqBMke7I-1665259553501-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
x-powered-by: Remitano
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src * 'self' https: wss: data: blob: 'unsafe-inline' 'unsafe-eval'
permissions-policy: camera=(*)
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
set-cookie: AWSALB=ysShJTM8EaE3g5Qba+qj455XpQK2Vt+kIqqoibaKhg0zbSnHL/U1rAH9iA6Ql+S4HS65QMsNgvB1GReGxwmMDAn9s3DXIxTUFWZZSDk9OLhE919ILt3uBVHzdE4TVmVO4Ra0ZIdn4iRrQ4jHN+TKs7+xl8cLTEZLWVO2Z8+hhQajEqSLurVDs/HgyB1QRg==; Expires=Sat, 15 Oct 2022 20:05:53 GMT; Path=/
AWSALBCORS=ysShJTM8EaE3g5Qba+qj455XpQK2Vt+kIqqoibaKhg0zbSnHL/U1rAH9iA6Ql+S4HS65QMsNgvB1GReGxwmMDAn9s3DXIxTUFWZZSDk9OLhE919ILt3uBVHzdE4TVmVO4Ra0ZIdn4iRrQ4jHN+TKs7+xl8cLTEZLWVO2Z8+hhQajEqSLurVDs/HgyB1QRg==; Expires=Sat, 15 Oct 2022 20:05:53 GMT; Path=/; SameSite=None; Secure
AWSALB=L0e1zSqL5h16hl+wUBstS6bON43Odv2yiWwJGvzQqkxuLc692GKGLoxHZ9vYSQ7H3730CwzADJzLQNWa99NeLjg49Zj5sIvSBYXsb7NFWjpdDo/KQmZUJ8S+k/JP; Expires=Sat, 15 Oct 2022 20:05:53 GMT; Path=/
AWSALBCORS=L0e1zSqL5h16hl+wUBstS6bON43Odv2yiWwJGvzQqkxuLc692GKGLoxHZ9vYSQ7H3730CwzADJzLQNWa99NeLjg49Zj5sIvSBYXsb7NFWjpdDo/KQmZUJ8S+k/JP; Expires=Sat, 15 Oct 2022 20:05:53 GMT; Path=/; SameSite=None; Secure
connect.sid=s%3A82BoLuHjxmGkV2Er4Nk5rQ3_tnTwIeSm.Ji00BH%2BRonRqda%2FblXv8Em4huCiytMMszOhYvaIHgWA; Path=/; Expires=Sun, 09 Oct 2022 20:05:53 GMT; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e7189cd1c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.thelotter.net/?tl_affid=9175
107.154.132.27200 OK 0 B URL HTTP/2 www.thelotter.net/?tl_affid=9175
IP 107.154.132.27:0
GET /?tl_affid=9175 HTTP/1.1
Host: www.thelotter.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server:
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
set-cookie: lng=1; path=/; secure
number_of_redirects=0; path=/; secure
urls_tracker=https://www.thelotter.net/default.aspx?itemid=1&tl_affid=9175; path=/; secure
ViewMobileV2={"DeviceName":"Firefox - Emulator","DeviceType":"Desktop","IsDesktop":true,"IsMobile":false,"IsRobot":false,"IsSmartphone":false,"IsTablet":false}; path=/; secure
ASP.NET_SessionId=geaoc0wblgupm2jhix03zytu; path=/; secure; HttpOnly; SameSite=None
Referral-Cookie=%7b%22LandingUrl%22%3a%22https%3a%2f%2fwww.thelotter.net%3a443%2fdefault.aspx%3fitemid%3d1%26tl_affid%3d9175%22%2c%22ReferralUrl%22%3a%22https%3a%2f%2fhlmiq.com%2f%22%7d; expires=Mon, 07-Nov-2022 20:05:53 GMT; path=/; secure
visid_incap_1072880=yQnfB7fbRbSfBgpkhvDFryDYQWMAAAAAQUIPAAAAAACLpShnrxfs9Nco+ssNl0IN; expires=Sat, 07 Oct 2023 23:29:20 GMT; HttpOnly; path=/; Domain=.thelotter.net; Secure; SameSite=None
incap_ses_723_1072880=BFz7I1EMrUvm0mKaep0ICiDYQWMAAAAAZTBPd1UrgLVN/hPSEYylSQ==; path=/; Domain=.thelotter.net; Secure; SameSite=None
x-powered-by: ASP.NET
server-name: Simba4
strict-transport-security: max-age=16070400
x-ua-compatible: IE=edge
access-control-allow-origin: *
access-control-allow-headers: *
date: Sat, 08 Oct 2022 20:05:53 GMT
x-cdn: Imperva
x-iinfo: 7-45765294-45765299 NNNY CT(26 82 0) RT(1665259552158 265) q(0 0 0 0) r(4 5) U12
X-Firefox-Spdy: h2
www.hotelscombined.com/
151.101.85.29200 OK 0 B IP 151.101.85.29:0
GET / HTTP/1.1
Host: www.hotelscombined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Cookie: Apache=W1oqmg-AAABg7k0Qqw-08-SSTopA; cluster=5; kayak=xzuj6WdFj84F3eye79lQ; p1.med.sid=R-5Y2EKRudwibclt4b_g7P0-oOVlgX7_lpyE2ZyEcfxfcTDoHgxBslJZiIGwa9mOU; kanid=kan_172493; languageCode=EN; currencyCode=USD; kmkid=ACtzKS039ByufVO_cIsngf0; a_aid=172493; brandId=; label=; Mobile=0; visitor=id=4fc4fcdd-df4a-4547-9270-5286f626870a&tracked=false; visit=date=2022-10-09T07:05:53.487279+11:00&id=c9554bba-8bbf-406d-a7ea-9fc2331da8da; QueryBasedAffiliate=11; kayak.mc=Abr1CIiTf_9bQhIsJIThpmvviMJTNmItZJjUhrXcH0TBqKL_9s_ofQksUAqcHAz_oj1w82H3UWCYC-ncNeroEDpQ_uQDV3pelepC6sYQsV8krggn6huIZFRhyMSUNgpehiA2PMvcV87CHIAcDgWLZY35d-iO5hH3EYKDQvirQ83gYlCrxjurkhCsld3NaaL2Yq2SaHqk53jfW6hYKwN50bVXhw0kzxofh6PXs9X-9HUmDsjKC8MkzxcxW4i6FOqAx3AbeOeFAZpl8NGKaUM97xdKo_qcxsrFHpvQkfjjhSVvfvxfhbGZm5lW3F3qKekJ9Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: KAYAK/1.0
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
referrer-policy: origin-when-cross-origin
content-security-policy-report-only: default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp
feature-policy: camera 'none'; microphone 'none'; midi 'none'; usb 'none'; geolocation 'self'
content-type: text/html;charset=UTF-8
content-language: en-US
set-cookie: Apache=W1oqmg-AAABg7k0Qqw-08-SSTopA; Max-Age=86400000; Expires=Fri, 04 Jul 2025 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
cluster=5; Max-Age=2700; Expires=Sat, 08 Oct 2022 20:50:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
languageCode=EN; Max-Age=946080000; Expires=Mon, 30 Sep 2052 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
currencyCode=USD; Max-Age=946080000; Expires=Mon, 30 Sep 2052 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
languageCode=EN; Max-Age=946080000; Expires=Mon, 30 Sep 2052 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
currencyCode=USD; Max-Age=946080000; Expires=Mon, 30 Sep 2052 20:05:53 GMT; Path=/; Secure; HTTPOnly; SameSite=None
NSC_q5-tqbslmf=ffffffff0989b72545525d5f4f58455e445a4a422a59;expires=Sat, 08-Oct-2022 20:25:54 GMT;path=/;httponly
csid=6c817c87-fa00-4591-8539-5db02d1d1273; path=/; Secure; SameSite=Strict;
accept-ranges: bytes
date: Sat, 08 Oct 2022 20:05:54 GMT
vary: Accept-Encoding
cache-control: private, no-store
X-Firefox-Spdy: h2
monaco.app.link/1mLxRmFn1bb?_p=c91529cb981c60f2fc1c8bf9
54.230.111.102307 Temporary Redirect 0 B URL HTTP/2 monaco.app.link/1mLxRmFn1bb?_p=c91529cb981c60f2fc1c8bf9
IP 54.230.111.102:0
GET /1mLxRmFn1bb?_p=c91529cb981c60f2fc1c8bf9 HTTP/1.1
Host: monaco.app.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
location: https://app.mona.co/referral/fallback?_branch_match_id=1107385711249747811&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT08t0cvNz0vUS87XN8z1qQjKdcszTEoCAE64N64fAAAA
server: openresty
date: Sat, 08 Oct 2022 20:05:54 GMT
set-cookie: _s=UOqFsWPdEU9NtOM3Fgh%2FvhKchmu%2FpvCbmkdoRo5Wx8%2F7gRvUCtx%2Bvih2FpqaewmL; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Sun, 08 Oct 2023 20:05:54 GMT; Secure
last-modified: Sat, 08 Oct 2022 20:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZJwBpmrYAm16l7UUXxHkBHLJIY_n103aB-AV2lzLPjIvdgl_FmZ8Qw==
X-Firefox-Spdy: h2
www.bitget.com/ru/referral/register?clacCode=8UAKEPZA
104.18.9.145200 OK 0 B URL HTTP/2 www.bitget.com/ru/referral/register?clacCode=8UAKEPZA
IP 104.18.9.145:0
GET /ru/referral/register?clacCode=8UAKEPZA HTTP/1.1
Host: www.bitget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
last-modified: Sat, 08 Oct 2022 10:49:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000;includeSubDomains;preload
content-security-policy-report-only: default-src 'self' https: blob: wss: data: 'unsafe-inline' 'unsafe-eval' 'report-sample'; report-uri https://632817c861f1dae92c2ae121.endpoint.csper.io?v=0;
cf-cache-status: HIT
age: 259
expires: Sat, 08 Oct 2022 20:10:53 GMT
cache-control: public, max-age=300
set-cookie: __cf_bm=hWFghTeWZXnxvybepvj5qm3_yRzyiQmbd5CUutclpyw-1665259553-0-AV1+0GwXbtlmq1+u56WsjMaZ3rsGXmEkNwX/MJtI3WwLzCmJZkz8TWpwYrqO8GWU69jVPhIawFhCCJV6z8F9Hj0=; path=/; expires=Sat, 08-Oct-22 20:35:53 GMT; domain=.bitget.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75717e6f2ef7b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
cex.io/r/0/up111785894/0/
172.67.17.189301 Moved Permanently 0 B URL HTTP/2 cex.io/r/0/up111785894/0/
IP 172.67.17.189:0
GET /r/0/up111785894/0/ HTTP/1.1
Host: cex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 08 Oct 2022 20:05:53 GMT
location: https://cex.io
x-app-version: master.2e822b87.f40afbb97eb62899c4afdb871ae9130285898c2ae40158ec8922c9c6d8a63dfb
content-security-policy-report-only: default-src 'self';connect-src 'self' https://maps.googleapis.com https://cex.io wss://cex.io/ws/;frame-src 'self' * ext.cex.io;font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://static.cex.io;img-src 'self' data: https://static.cex.io;media-src 'self' https://static.cex.io;style-src 'self' 'unsafe-inline' https://*.googleapis.com https://code.jquery.com https://static.cex.io;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cex.io;report-uri https://cex.io/cspr;
x-frame-options: DENY
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
set-cookie: cex-session=s%3A1DwcX0P4QD0nVCaHwBwKw_Y5.nbwbt5DhE0dn0cfvChFWXqLp1EREnz2P2%2FSeM4AG4h4; Path=/; HttpOnly; Secure; SameSite=None
ref=up111785894%3A0; Max-Age=2592000; Domain=.cex.io; Path=/
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e701a6fb506-OSL
X-Firefox-Spdy: h2
www.magaze.tv/wp-content/uploads/2015/11/10944t.jpg
62.149.144.107404 Not Found 0 B URL HTTP/2 www.magaze.tv/wp-content/uploads/2015/11/10944t.jpg
IP 62.149.144.107:0
GET /wp-content/uploads/2015/11/10944t.jpg HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.magaze.tv/wp-json/>; rel="https://api.w.org/"
x-aruba-cache: NA
content-type: text/html; charset=UTF-8
date: Sat, 08 Oct 2022 20:05:50 GMT
server: Apache
X-Firefox-Spdy: h2
is.gd/zIJynH
172.67.83.132301 Moved Permanently 0 B IP 172.67.83.132:0
GET /zIJynH HTTP/1.1
Host: is.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=UTF-8
location: https://faucetpay.io/?r=612200
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e6f3cfab50f-OSL
X-Firefox-Spdy: h2
freebitco.in/?r=3669689
104.22.6.169302 Found 0 B IP 104.22.6.169:0
GET /?r=3669689 HTTP/1.1
Host: freebitco.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=iso-8859-1
location: https://freebitco.in/signup/?op=s&r=3669689
cache-control: max-age=0
expires: Sat, 08 Oct 2022 20:05:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e701d97b500-OSL
X-Firefox-Spdy: h2
www.instaforex.com/
104.22.12.246200 OK 0 B IP 104.22.12.246:0
GET / HTTP/1.1
Host: www.instaforex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
set-cookie: cookie1h=1; expires=Sat, 08-Oct-2022 21:05:53 GMT; Max-Age=3600; path=/
cookie24h=1; expires=Sun, 09-Oct-2022 20:05:53 GMT; Max-Age=86400; path=/
cookieForever=1; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/
lang=en; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.instaforex.com
PHPSESSID=rmkoebh9d3ikbbmjddbghqlhhu; path=/
criteoPatrnersTimestamp=1665259583; expires=Tue, 05-Oct-2032 20:05:53 GMT; Max-Age=315360000; path=/
criteoTimestamp=1665259583; expires=Tue, 05-Oct-2032 20:05:53 GMT; Max-Age=315360000; path=/
expires: Sat, 08 Oct 2022 20:05:52 GMT
pragma: no-cache
cache-control: no-cache
strict-transport-security: max-age=31536000;
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e718fae0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/toproom/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0
104.18.101.40302 Found 0 B URL HTTP/2 chaturbate.com/toproom/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0
IP 104.18.101.40:0
GET /toproom/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Cookie: __cf_bm=W0cNkdUsi3eA.3NY4qJnOvlLj8AgU.ZknQWQh.2GtmQ-1665259553-0-AaCYJ6s19ukR8U6l3Au0RjCRk3yDp8FX66si8A3CezAlhYGddSssNSo6KZ36Rni/xYBU0E2xBkdn/fGeUmuMSLc=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
location: /_meganmeow_/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
set-cookie: affkey="eJyrVipSslJQyigpKSi20tfPyMnNLNRLzs/VV6oFAHc5CM8="; Domain=.chaturbate.com; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr657cb228-fb05-48df-8b3a-e02406671784:1ohG53:fDpH2j7lsbXo832oLXcCAu-pqP0; Domain=.chaturbate.com; expires=Thu, 03-Jul-2025 20:05:53 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75717e71ff1b0b4d-OSL
X-Firefox-Spdy: h2
crypto.com/app/8mk2bghn8f
104.18.112.58301 Moved Permanently 0 B URL HTTP/2 crypto.com/app/8mk2bghn8f
IP 104.18.112.58:0
GET /app/8mk2bghn8f HTTP/1.1
Host: crypto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 08 Oct 2022 20:05:53 GMT
location: https://platinum.crypto.com/r/8mk2bghn8f
cf-ray: 75717e707bec0b59-OSL
cache-control: max-age=3600
expires: Sat, 08 Oct 2022 21:05:53 GMT
vary: Accept-Encoding
set-cookie: __cf_bm=e1LM5h9qFNehqGV3yGydm.19BHv_nIlBOpmiRx7k4as-1665259553-0-ASbC4M370rxu1aJqk17SBT9PMri0KdniLgpt35KAI0JYR5ia95eycyZF9SqiT0cE2S2zLomuItCKJgo9M6R2qUM=; path=/; expires=Sat, 08-Oct-22 20:35:53 GMT; domain=.crypto.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
trkbng.com/hit.php?v=2&c=287325
31.192.112.221302 Found 0 B URL HTTP/2 trkbng.com/hit.php?v=2&c=287325
IP 31.192.112.221:0
ASN #48684 Viking Host B.V.
GET /hit.php?v=2&c=287325 HTTP/1.1
Host: trkbng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=3982b74309237c353116dfac9c88c45f%7C2022-10-08; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
location: https://bongacams.com?bcs=YmVzdDM5ODJiNzQzMDkyMzdjMzUzMTE2ZGZhYzljODhjNDVmOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
expires: Sat, 08 Oct 2022 20:05:52 GMT
x-bcs: ded7015
strict-transport-security: max-age=0;
cache-control: no-cache, public
x-bc-bl: 102
X-Firefox-Spdy: h2
de.dhgate.com/?f=bm|aff|admitad|1019090|d8e3bcaf7650ceb67f1622c87331b0b6|197649||
152.195.52.170200 OK 0 B URL HTTP/2 de.dhgate.com/?f=bm|aff|admitad|1019090|d8e3bcaf7650ceb67f1622c87331b0b6|197649||
IP 152.195.52.170:0
GET /?f=bm|aff|admitad|1019090|d8e3bcaf7650ceb67f1622c87331b0b6|197649|| HTTP/1.1
Host: de.dhgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-language: en-US
content-type: text/html; charset=utf-8
date: Sat, 08 Oct 2022 20:05:53 GMT
ec-version: v3.4.8
server: openresty
set-cookie: b2b_ip_country=NO; Domain=dhgate.com; Expires=Mon, 07-Nov-22 20:05:53 GMT; Path=/
b2b_ship_country=NO; Domain=dhgate.com; Expires=Mon, 07-Nov-22 20:05:53 GMT; Path=/
last_choice=0; Domain=dhgate.com; Expires=Mon, 07-Nov-22 20:05:53 GMT; Path=/
b2b_ip_country=NO; Domain=dhgate.com; Expires=Mon, 07-Nov-22 20:05:53 GMT; Path=/
b2b_ship_country=NO; Domain=dhgate.com; Expires=Mon, 07-Nov-22 20:05:53 GMT; Path=/
last_choice=0; Domain=dhgate.com; Expires=Mon, 07-Nov-22 20:05:53 GMT; Path=/
ref_f=bm%7Caff%7Cadmitad%7C1019090%7Cd8e3bcaf7650ceb67f1622c87331b0b6%7C197649%7C%7C;Domain=dhgate.com; Expires=Mon, 07-Nov-22 20:05:53 GMT; Path=/
ref_f_full=%7B%22f%22%3A%22bm%257Caff%257Cadmitad%257C1019090%257Cd8e3bcaf7650ceb67f1622c87331b0b6%257C197649%257C%257C%22%2C%22utm%5Fsource%22%3A%22%22%2C%22utm%5Fmedium%22%3A%22%22%2C%22utm%5Fcampaign%22%3A%22%22%2C%22utm%5Fterm%22%3A%22%22%2C%22utm%5Fcontent%22%3A%22%22%2C%22cst1%22%3A%22%22%2C%22cst2%22%3A%22%22%7D; Domain=dhgate.com; Expires=Mon, 07-Nov-22 20:05:53 GMT; Path=/
vid=rBIKNmNB2CGBpx63BsS3Ag==; expires=Fri, 04-Jul-25 20:05:53 GMT; domain=dhgate.com; path=/
srv_id: 172.18.173.54:80
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: User-Agent
X-Firefox-Spdy: h2
www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=S0BSlrwAFxyNU-ww6-SRnzSDUkDQHoz%3AXUjWwE0&irgwc=1
104.84.152.234200 OK 0 B URL HTTP/2 www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=S0BSlrwAFxyNU-ww6-SRnzSDUkDQHoz%3AXUjWwE0&irgwc=1
IP 104.84.152.234:0
ASN #20940 Akamai International B.V.
GET /?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=S0BSlrwAFxyNU-ww6-SRnzSDUkDQHoz%3AXUjWwE0&irgwc=1 HTTP/1.1
Host: www.lightinthebox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-frame-options: allow-from https://gw.lightinthebox.com
x-xss-protection: 1;mode=block
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
pragma: no-cache
content-encoding: gzip
access-control-allow-origin: 0
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 08 Oct 2022 20:05:53 GMT
date: Sat, 08 Oct 2022 20:05:53 GMT
vary: Accept-Encoding
set-cookie: sid=5cgqdd7c2lv9q5p2qb3fdahgbh; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.lightinthebox.com
first_visit_time=46471605440251e4db033530410d64af; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.lightinthebox.com; secure
vela_s_c=42; expires=Sat, 08-Oct-2022 20:35:53 GMT; Max-Age=1800; path=/; domain=.lightinthebox.com; secure
vela_v_c=42; expires=Sun, 09-Oct-2022 04:05:53 GMT; Max-Age=28800; path=/; domain=.lightinthebox.com; secure
vela_w_c=42; expires=Sat, 15-Oct-2022 20:05:53 GMT; Max-Age=604800; path=/; domain=.lightinthebox.com; secure
vela_m_c=42; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.lightinthebox.com; secure
vela_3m_c=42; expires=Fri, 06-Jan-2023 20:05:53 GMT; Max-Age=7776000; path=/; domain=.lightinthebox.com; secure
vela_m_ca=42; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.lightinthebox.com; secure
vela_s=6341d8218283f; expires=Sat, 08-Oct-2022 20:35:53 GMT; Max-Age=1800; path=/; domain=.lightinthebox.com; secure
vela_m=6341d82182846; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.lightinthebox.com; secure
vela_3m=6341d8218284a; expires=Fri, 06-Jan-2023 20:05:53 GMT; Max-Age=7776000; path=/; domain=.lightinthebox.com; secure
vela_v=6341d8218284e; expires=Sun, 09-Oct-2022 04:05:53 GMT; Max-Age=28800; path=/; domain=.lightinthebox.com; secure
vela_w=6341d82182851; expires=Sat, 15-Oct-2022 20:05:53 GMT; Max-Age=604800; path=/; domain=.lightinthebox.com; secure
vela_device=desktop; expires=Sun, 09-Oct-2022 20:05:53 GMT; Max-Age=86400; path=/; domain=.lightinthebox.com; secure
vela_is_first_visit=1; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.lightinthebox.com; secure
affi=664b08e55c41be35e1e822fee3b61691; expires=Tue, 22-Nov-2022 20:05:53 GMT; Max-Age=3888000; path=/; domain=.lightinthebox.com; secure
local=en%7CNO%7CNOK; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.lightinthebox.com; secure
__cust=AAAAAGNB2CGptCOQxEpBAg==; expires=Sun, 08-Oct-23 20:05:53 GMT; domain=lightinthebox.com; path=/
SRV=A_202107051500; Expires=Mon, 07-Nov-2022 20:05:53 GMT; path=/; domain=.lightinthebox.com
AKA-WWW-LITB-ORIGIN=EU; expires=Sat, 15-Oct-2022 20:05:53 GMT; path=/; domain=.lightinthebox.com; secure
X-Firefox-Spdy: h2
www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=S5%3ASBawA%3AxyNU-ww6-SRnzSDUkDQCgS%3AXUjWwE0&irgwc=1
104.84.152.234200 OK 0 B URL HTTP/2 www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=S5%3ASBawA%3AxyNU-ww6-SRnzSDUkDQCgS%3AXUjWwE0&irgwc=1
IP 104.84.152.234:0
ASN #20940 Akamai International B.V.
GET /?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=S5%3ASBawA%3AxyNU-ww6-SRnzSDUkDQCgS%3AXUjWwE0&irgwc=1 HTTP/1.1
Host: www.miniinthebox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1;mode=block
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vela_device:
vela_is_first_visit:
vela_s:
vela_s_c:
vela_v:
vela_v_c:
vela_w:
vela_w_c:
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-akamai-transformed: 9 - 0 pmb=mTOE,1mRUM,1
date: Sat, 08 Oct 2022 20:05:53 GMT
vary: Accept-Encoding
set-cookie: sid=7bqh19e12vvfmtepkru0533hv8; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.miniinthebox.com
first_visit_time=46471605440251e4db033530410d64af; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.miniinthebox.com; secure
vela_s_c=42; expires=Sat, 08-Oct-2022 20:35:53 GMT; Max-Age=1800; path=/; domain=.miniinthebox.com; secure
vela_v_c=42; expires=Sun, 09-Oct-2022 04:05:53 GMT; Max-Age=28800; path=/; domain=.miniinthebox.com; secure
vela_w_c=42; expires=Sat, 15-Oct-2022 20:05:53 GMT; Max-Age=604800; path=/; domain=.miniinthebox.com; secure
vela_m_c=42; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.miniinthebox.com; secure
vela_3m_c=42; expires=Fri, 06-Jan-2023 20:05:53 GMT; Max-Age=7776000; path=/; domain=.miniinthebox.com; secure
vela_m_ca=42; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.miniinthebox.com; secure
vela_s=6341d8217f561; expires=Sat, 08-Oct-2022 20:35:53 GMT; Max-Age=1800; path=/; domain=.miniinthebox.com; secure
vela_m=6341d8217f567; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.miniinthebox.com; secure
vela_3m=6341d8217f56c; expires=Fri, 06-Jan-2023 20:05:53 GMT; Max-Age=7776000; path=/; domain=.miniinthebox.com; secure
vela_v=6341d8217f570; expires=Sun, 09-Oct-2022 04:05:53 GMT; Max-Age=28800; path=/; domain=.miniinthebox.com; secure
vela_w=6341d8217f574; expires=Sat, 15-Oct-2022 20:05:53 GMT; Max-Age=604800; path=/; domain=.miniinthebox.com; secure
vela_device=desktop; expires=Sun, 09-Oct-2022 20:05:53 GMT; Max-Age=86400; path=/; domain=.miniinthebox.com; secure
vela_is_first_visit=1; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.miniinthebox.com; secure
affi=664b08e55c41be35e1e822fee3b61691; expires=Tue, 22-Nov-2022 20:05:53 GMT; Max-Age=3888000; path=/; domain=.miniinthebox.com; secure
feature=V7536_A; expires=Fri, 06-Jan-2023 20:05:53 GMT; Max-Age=7776000; path=/; domain=.miniinthebox.com; secure
local=en%7CNO%7CNOK; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; path=/; domain=.miniinthebox.com; secure
__cust=AAAAAGNB2CFq0gSpCvBVAg==; expires=Sun, 08-Oct-23 20:05:53 GMT; domain=miniinthebox.com; path=/
SRV=B_202009161055; Expires=Mon, 07-Nov-2022 20:05:53 GMT; path=/; domain=.miniinthebox.com
server-timing: edge; dur=145, origin; dur=285, cdn-cache; desc=MISS
X-Firefox-Spdy: h2
freebitco.in/signup/?op=s&r=3669689
104.22.6.169200 OK 0 B URL HTTP/2 freebitco.in/signup/?op=s&r=3669689
IP 104.22.6.169:0
GET /signup/?op=s&r=3669689 HTTP/1.1
Host: freebitco.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
cf-ray: 75717e720807b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=3612484d15e913b9887ceb3a3603d4c3&pid=656490
104.110.28.197200 OK 0 B URL HTTP/2 offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=3612484d15e913b9887ceb3a3603d4c3&pid=656490
IP 104.110.28.197:0
GET /cps/j19u1ne5?bm=cps&src=saf&tp1=3612484d15e913b9887ceb3a3603d4c3&pid=656490 HTTP/1.1
Host: offer.alibaba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
x-application-context: arcadia:7001
referrer-policy: unsafe-url
content-language: en-US
content-encoding: gzip
timing-allow-origin: *
eagleid: 2101d44c16652595534862041ec052
server-timing: rt;dur=0.209,eagleid;desc=2101d44c16652595534862041ec052
expires: Sat, 08 Oct 2022 20:05:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 08 Oct 2022 20:05:53 GMT
vary: Accept-Encoding
set-cookie: ali_apache_id=33.1.212.76.1665259553489.498104.6; path=/; domain=.alibaba.com; expires=Wed, 30-Nov-2084 01:01:01 GMT
XSRF-TOKEN=83ee0102-5dec-45f9-9745-04602e0074fa; Path=/; HttpOnly
cna=IcbIG7MnOkACAS/2gNGbnUNK; Domain=alibaba.com; Expires=Thu, 26-Oct-2090 23:20:00 GMT; Path=/
cna=IcbIG7MnOkACAS/2gNGbnUNK; Domain=mmstat.com; Expires=Thu, 26-Oct-2090 23:20:00 GMT; Path=/
ali_apache_track=""; Domain=.alibaba.com; Expires=Thu, 26-Oct-2090 23:20:00 GMT; Path=/
ali_apache_tracktmp=""; Domain=.alibaba.com; Path=/
edge-type: akamai
X-Firefox-Spdy: h2
www.rentalcars.com/Home.do?affiliateCode=citylab&preflang=ru&adplat=rclink&adcamp=5hnZ1Xgwc1Ze2t5&utm_source=ca&aip=1jf&click_id=5hnZ1Xgwc1Ze2t5
104.16.105.108200 OK 0 B URL HTTP/2 www.rentalcars.com/Home.do?affiliateCode=citylab&preflang=ru&adplat=rclink&adcamp=5hnZ1Xgwc1Ze2t5&utm_source=ca&aip=1jf&click_id=5hnZ1Xgwc1Ze2t5
IP 104.16.105.108:0
GET /Home.do?affiliateCode=citylab&preflang=ru&adplat=rclink&adcamp=5hnZ1Xgwc1Ze2t5&utm_source=ca&aip=1jf&click_id=5hnZ1Xgwc1Ze2t5 HTTP/1.1
Host: www.rentalcars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html;charset=UTF-8
cf-ray: 75717e70a949b518-OSL
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
set-cookie: tj_seed=00b917bee4ac615fe3d23cab3b93000000; Max-Age=31536000; Domain=.rentalcars.com; Path=/; Expires=Sun, 08 Oct 2023 20:05:53 GMT
essentials_visitor=%7B%22correlationId%22%3A%22e999627d-bf26-42b4-9abd-fbe7f3b3a80f%22%7D; Domain=.rentalcars.com; Path=/
attribution=%7B%22affiliateCode%22%3A%22citylab%22%7D; Domain=.rentalcars.com; Path=/; HttpOnly
tj_conf="tj_pref_currency:NOK|tj_pref_lang:ru|tjcor:no|"; Domain=.rentalcars.com; Path=/; Expires=Tue, 08 Nov 2022 20:05:53 GMT
et_uvi=42bf1cdf-20ac-45b6-ad27-1a6c87ccd74c; Max-Age=86400; Domain=.rentalcars.com; Path=/; Expires=Sun, 09 Oct 2022 20:05:53 GMT
tj_track=QWR3b3Jkc19DcmVhdGl2ZV9UYWc6cmNsaW5rfEFkd29yZHNfTUQ1X1RhZzo1aG5aMVhnd2MxWmUydDV8YWRjYW1wOjVobloxWGd3YzFaZTJ0NXxhZHBsYXQ6cmNsaW5rfGFmZmlsaWF0ZUNvZGU6Y2l0eWxhYnw=; Max-Age=2592000; Domain=.rentalcars.com; Path=/; Expires=Mon, 07 Nov 2022 20:05:53 GMT
ADRUM_BTa="R:18|g:33db873a-6f49-4861-ad2f-defa2b00fd24"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
ADRUM_BTa="R:18|g:33db873a-6f49-4861-ad2f-defa2b00fd24|n:rentalcars_934e5cf6-5803-43fc-9fd5-bff3f000060d"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
SameSite=None; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
ADRUM_BT1="R:18|i:647825"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
ADRUM_BT1="R:18|i:647825|e:0"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
ADRUM_BT1="R:18|i:647825|e:0|d:0"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
JSESSIONID=0975763D21695688E9D18360C11DCDBB.node317a; Path=/; Secure; HttpOnly
CONNECTIONID=1665048389484|as-317|88941; Domain=.rentalcars.com; Expires=Mon, 07-Nov-2022 20:05:53 GMT; Path=/
JSESSIONID=0975763D21695688E9D18360C11DCDBB.node317a; Domain=.rentalcars.com; Path=/; Secure; HttpOnly
JSESSIONID=0975763D21695688E9D18360C11DCDBB.node317a; Path=/; Secure; HttpOnly
ADRUM_BT2="R:18|i:646512"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
ADRUM_BT2="R:18|i:646512|e:25"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
click_id=5hnZ1Xgwc1Ze2t5; Domain=.rentalcars.com; Expires=Mon, 07-Nov-2022 20:05:53 GMT; Path=/
tjex=eJwrsTU0MzM1MrU0NTU2NTDQS7UFAChoBCY%3D; Domain=.rentalcars.com; Expires=Mon, 07-Nov-2022 20:05:53 GMT; Path=/
tjex_infra=""; Domain=.rentalcars.com; Expires=Mon, 07-Nov-2022 20:05:53 GMT; Path=/
ADRUM_BT2="R:18|i:646512|e:25|d:30"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
ADRUM_BT3="R:18|i:646444"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
ADRUM_BT3="R:18|i:646444|e:160"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
ADRUM_BT3="R:18|i:646444|e:160|d:3"; Version=1; Max-Age=30; Expires=Sat, 08-Oct-2022 20:06:23 GMT; Path=/; Secure
tj_lb=; path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
__cflb=02DiuGCPf8mnD61dA8wtYnAcMGP3ghYmDSvsYPv23mk5r; SameSite=Lax; path=/; expires=Sun, 09-Oct-22 19:05:53 GMT; HttpOnly
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 324
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
accounts.binance.com/ru/register?ref=KZTDOPQP
54.230.111.67200 OK 0 B URL HTTP/2 accounts.binance.com/ru/register?ref=KZTDOPQP
IP 54.230.111.67:0
GET /ru/register?ref=KZTDOPQP HTTP/1.1
Host: accounts.binance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Sat, 08 Oct 2022 20:05:47 GMT
server: Tengine
bnc-cache-proxy-expire-time: 1665259545
bnc-cache-proxy-rewrite:
bnc-cache-proxy-type: redis-hit
cache-control: no-store, max-age=0, must-revalidate
last-modified: Sat, 08 Oct 2022 07:19:19 GMT
x-cluster-info: fe-com
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: cache-proxy.cache-proxy.svc.cluster.local:80/*
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
etag: W/"63412477-35de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nNxUJH1NVCdRs6MP4JINLEROjVVYyHAhmlFAHniGCyj0RrZjf8JqaQ==
age: 6
X-Firefox-Spdy: h2
adsexample.com/krug.gif
142.132.202.70200 OK 0 B IP 142.132.202.70:0
ASN #24940 Hetzner Online GmbH
GET /krug.gif HTTP/1.1
Host: adsexample.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 08 Oct 2022 20:05:53 GMT
Content-Type: image/gif
Content-Length: 34904
Last-Modified: Thu, 26 Nov 2020 10:17:51 GMT
Connection: keep-alive
ETag: "5fbf80cf-8858"
Accept-Ranges: bytes
www.magaze.tv/wp-content/uploads/2015/11/35252t-150x150.jpg
62.149.144.107404 Not Found 0 B URL HTTP/2 www.magaze.tv/wp-content/uploads/2015/11/35252t-150x150.jpg
IP 62.149.144.107:0
GET /wp-content/uploads/2015/11/35252t-150x150.jpg HTTP/1.1
Host: www.magaze.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.magaze.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.magaze.tv/wp-json/>; rel="https://api.w.org/"
x-aruba-cache: NA
content-type: text/html; charset=UTF-8
date: Sat, 08 Oct 2022 20:05:50 GMT
server: Apache
X-Firefox-Spdy: h2
cex.io/
172.67.17.189200 OK 0 B IP 172.67.17.189:0
GET / HTTP/1.1
Host: cex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Cookie: cex-session=s%3A1DwcX0P4QD0nVCaHwBwKw_Y5.nbwbt5DhE0dn0cfvChFWXqLp1EREnz2P2%2FSeM4AG4h4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:54 GMT
content-type: text/html
x-app-version: master.2e822b87.f40afbb97eb62899c4afdb871ae9130285898c2ae40158ec8922c9c6d8a63dfb
content-security-policy-report-only: default-src 'self';connect-src 'self' https://maps.googleapis.com https://cex.io wss://cex.io/ws/;frame-src 'self' * ext.cex.io;font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://static.cex.io;img-src 'self' data: https://static.cex.io;media-src 'self' https://static.cex.io;style-src 'self' 'unsafe-inline' https://*.googleapis.com https://code.jquery.com https://static.cex.io;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cex.io;report-uri https://cex.io/cspr;
x-frame-options: DENY
vary: Accept-Encoding
set-cookie: ref=HTTP%3Ahlmiq.com%3Ahttps%3A%2F%2Fhlmiq.com%2F; Max-Age=31536000; Domain=.cex.io; Path=/; HttpOnly; Secure
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
x-xss-protection: 1; mode=block
cache-control: no-cache,no-store
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e70bb4eb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
rbfxdirect.com/ru/lk/?a=zkeb
104.21.89.238302 Found 0 B URL HTTP/2 rbfxdirect.com/ru/lk/?a=zkeb
IP 104.21.89.238:0
GET /ru/lk/?a=zkeb HTTP/1.1
Host: rbfxdirect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html
location: https://my28.roboforex.org/ru/?a=zkeb
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BBbN%2BKet775c%2BZ%2F6VFb%2FYlz3HhIHQMoJivHh8CWIxianknMVJNZwyhexaq3%2Bj%2B8G6Wm5hkN6rDDEr34M92GhmXY2KBQSPFVnnWYC12c7OEZ4MN9kUNa1zKpg6BG3o0yNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75717e704efa0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
faucetpay.io/?r=612200
104.26.6.235200 OK 0 B IP 104.26.6.235:0
GET /?r=612200 HTTP/1.1
Host: faucetpay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: faucetpay=mg30tklect59lq1m6a94ggfbq2; path=/; HttpOnly
source=612200; expires=Mon, 09-Oct-2023 01:54:39 GMT; Max-Age=31556926; path=/; domain=.faucetpay.io
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
allow: GET, POST, HEAD
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtCJE3%2FOcscOxPZhNsWa8LMcKBvTEW%2FDlGgYQ4ZVCMKa%2BZxrrj%2FhEz5w1GlVMUrkeWiLqD7cU%2FZmMEt4w2NtxpDNEm24SpwVstTw1feNliT6RYP1yqjVX3ZxkMGBKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75717e71189e0b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n
104.18.101.40302 Found 0 B URL HTTP/2 chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n
IP 104.18.101.40:0
GET /in/?track=default&tour=hr8m&campaign=sgo1n HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
location: /toproom/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_hr8m=1; expires=Thu, 13-Oct-2022 20:05:53 GMT; Max-Age=432000; Path=/
us_hr8m=1; Path=/
affkey=eJwdjEEOgCAMBL9iejYSPBl+06CAkQqWcjL+3ZTjzGz2BQE3QeKNYJ7AU1VssdhbWfhS3o+APYsaHnOR2pwxKdP5LL6Q0YQhaMTIvaGK8bVa+H7HHxyJ; Domain=.chaturbate.com; expires=Mon, 07-Nov-2022 20:05:53 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Sun, 09-Oct-2022 02:05:53 GMT; Max-Age=21600; Path=/
sbr=sec:sbr4278e06e-01cf-4a2f-9625-273d8e097257:1ohG53:RdqLr6W6wTgwngdtkyt7DCNkM6E; Domain=.chaturbate.com; expires=Thu, 03-Jul-2025 20:05:53 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=W0cNkdUsi3eA.3NY4qJnOvlLj8AgU.ZknQWQh.2GtmQ-1665259553-0-AaCYJ6s19ukR8U6l3Au0RjCRk3yDp8FX66si8A3CezAlhYGddSssNSo6KZ36Rni/xYBU0E2xBkdn/fGeUmuMSLc=; path=/; expires=Sat, 08-Oct-22 20:35:53 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75717e70ddf80b4d-OSL
X-Firefox-Spdy: h2
changelly.com/?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f
104.26.6.108200 OK 0 B URL HTTP/2 changelly.com/?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f
IP 104.26.6.108:0
GET /?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f HTTP/1.1
Host: changelly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
set-cookie: WTP_AB_variant=3; Max-Age=16070400; Domain=.changelly.com; Path=/; Expires=Wed, 12 Apr 2023 20:05:53 GMT; Secure; SameSite=None
user_id=f00f521b-739e-4dbd-9758-bb94d9d677ff; Max-Age=321408000; Domain=.changelly.com; Path=/; Expires=Tue, 14 Dec 2032 20:05:53 GMT; Secure; SameSite=None
ref_id=t68bpi9bnrma1q8f; Domain=.changelly.com; Path=/; Secure; SameSite=None
ipcountry=NO; Max-Age=2678400; Domain=.changelly.com; Path=/; Expires=Tue, 08 Nov 2022 20:05:53 GMT; Secure; SameSite=None
time=1665259553566; Domain=.changelly.com; Path=/; Secure; SameSite=None
__zrtbanner49=31491ed0-e470-47ac-80f4-311a10b22170; Max-Age=7776000; Domain=.changelly.com; Path=/; Expires=Fri, 06 Jan 2023 20:05:53 GMT; HttpOnly; Secure; SameSite=None
x-nextjs-cache: HIT
cache-control: s-maxage=900, stale-while-revalidate
strict-transport-security: max-age=31536000; includeSubdomains;
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00xpnpxZu8qhOGQ0XG2XUhYT2Xvlxmf%2BxsX%2BQND%2B9MXG97E%2FRoCt%2Fuvfg9gGilaFuy137XdysHpdypOu8aFnAgM%2B2aQjriGK%2BhuCZ8ABnztV2PVvawS0mug1H9RT33I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75717e707c15b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
localbitcoins.com/
104.16.83.19503 Service Unavailable 0 B IP 104.16.83.19:0
GET / HTTP/1.1
Host: localbitcoins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 503 Service Unavailable
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referer-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75717e708f95b51e-OSL
X-Firefox-Spdy: h2
bongacams.com/?bcs=YmVzdDM5ODJiNzQzMDkyMzdjMzUzMTE2ZGZhYzljODhjNDVmOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
195.85.23.89302 Found 0 B URL HTTP/2 bongacams.com/?bcs=YmVzdDM5ODJiNzQzMDkyMzdjMzUzMTE2ZGZhYzljODhjNDVmOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
IP 195.85.23.89:0
ASN #209242 Cloudflare London, LLC
GET /?bcs=YmVzdDM5ODJiNzQzMDkyMzdjMzUzMTE2ZGZhYzljODhjNDVmOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP/1.1
Host: bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=utf-8
location: https://no.bongacams.com/?bcs=YmVzdDM5ODJiNzQzMDkyMzdjMzUzMTE2ZGZhYzljODhjNDVmOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
cache-control: no-cache, no-store, must-revalidate
x-zone: 5a-web54
cf-cache-status: DYNAMIC
set-cookie: bonga20120608=1e76fa096917023141380485c9d49eff; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None
ts_type=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bongacams.com
ts_type2=1; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
fv=ZmH1BGHlAGL2ZD==; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
uh=GTcCIUEfJyWhqwEaszceoTM4M05LMD==; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31536000; path=/; domain=.bongacams.com
ratr=183346%3A%3A287325%3A%3A2022-10-08%2023%3A05%3A53%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com; HttpOnly
__cf_bm=w9.sr0xLuvP_z2v.rcE2pYWoYafr5V3XaGsKd_K6Iro-1665259553-0-AQc6STEcHaEt+iSLnUaQRj4onsidXS5L+8isyOEpkqyukQ60u+43H/q+6BdBaxu/E3+pY4Uhc3/mxPk9qCQ0JQQ=; path=/; expires=Sat, 08-Oct-22 20:35:53 GMT; domain=.bongacams.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75717e7278bab4f1-OSL
X-Firefox-Spdy: h2
kinsta.com/?kaid=ARRPTWYMWIMC
172.64.145.125200 OK 0 B URL HTTP/2 kinsta.com/?kaid=ARRPTWYMWIMC
IP 172.64.145.125:0
GET /?kaid=ARRPTWYMWIMC HTTP/1.1
Host: kinsta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hlmiq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: kinsta_referral=eyJhZmZpbGlhdGVfaWQiOiJBUlJQVFdZTVdJTUMiLCJyZWZlcnJhbF9pZCI6IjBhYmI3ZGI2NDIxY2UzYTJkYTgzZGQwMyJ9; expires=Tue, 06-Dec-2022 22:51:32 GMT; Max-Age=5184000; path=/
link: <https://kinsta.com/wp-json/>; rel="https://api.w.org/", <https://kinsta.com/wp-json/wp/v2/pages/4723>; rel="alternate"; type="application/json", <https://kinsta.com/>; rel=shortlink
x-frame-options: allow-from https://mydev.kinsta.com/
content-security-policy: frame-ancestors 'self' https://*.kinsta.com https://*.kinsta.ninja
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-kinsta-cache: HIT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e704ff31c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
no.bongacams.com/?bcs=YmVzdDM5ODJiNzQzMDkyMzdjMzUzMTE2ZGZhYzljODhjNDVmOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
195.85.23.95200 OK 0 B URL HTTP/2 no.bongacams.com/?bcs=YmVzdDM5ODJiNzQzMDkyMzdjMzUzMTE2ZGZhYzljODhjNDVmOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
GET /?bcs=YmVzdDM5ODJiNzQzMDkyMzdjMzUzMTE2ZGZhYzljODhjNDVmOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hlmiq.com/
Connection: keep-alive
Cookie: bonga20120608=1e76fa096917023141380485c9d49eff; __cf_bm=w9.sr0xLuvP_z2v.rcE2pYWoYafr5V3XaGsKd_K6Iro-1665259553-0-AQc6STEcHaEt+iSLnUaQRj4onsidXS5L+8isyOEpkqyukQ60u+43H/q+6BdBaxu/E3+pY4Uhc3/mxPk9qCQ0JQQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 20:05:54 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin
x-ua-compatible: IE=edge,chrome=1
set-cookie: ts_type2=1; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
fv=ZmH1BGHlAGL2ZD==; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
uh=AHMwFayIFJL3qx1Fn3SzFxb1IQWKAN==; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
ratr=183346%3A%3A287325%3A%3A2022-10-08%2023%3A05%3A53%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A; expires=Sun, 25-Sep-2072 20:05:53 GMT; Max-Age=1576799999; path=/; domain=.bongacams.com; HttpOnly
BONGAH_HIT=3982b74309237c353116dfac9c88c45f%3A%3A183346%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A%3A%3A287325%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-10-08%2023%3A05%3A53; expires=Thu, 06-Apr-2023 20:05:53 GMT; Max-Age=15551999; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None
BONGA_REF=https%3A%2F%2Fhlmiq.com%2F; expires=Thu, 06-Apr-2023 20:05:53 GMT; Max-Age=15551999; path=/; domain=.bongacams.com; HttpOnly
reg_ver2=3; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
sg=465; expires=Sun, 08-Oct-2023 20:05:53 GMT; Max-Age=31535999; path=/; domain=.bongacams.com; secure; SameSite=None
__ti=H4sIAAAAAAACAyWIPQ6AIAxGr2K6k7SFJvj1NCQ6MGtwINxdxOn9jOGUDMaIumUOLEGVlbALLqeDsPictRHSp_e_BNWpLe-IKG55rj67vF7OzURUAAAA; expires=Sat, 15-Oct-2022 20:05:54 GMT; Max-Age=604800; path=/; domain=.bongacams.com
warning18=%5B%22no_NO%22%5D; expires=Sun, 08-Oct-2023 20:05:54 GMT; Max-Age=31536000; path=/; domain=.bongacams.com; secure; SameSite=None
cache-control: no-cache, no-store, must-revalidate
x-zone: 5a-web44
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75717e732bd0b511-OSL
content-encoding: br
X-Firefox-Spdy: h2