apkmody.io/games/a-dance-of-fire-ice/download
301 Moved Permanently 0 B URL HTTP/1.1 apkmody.io/games/a-dance-of-fire-ice/download
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /games/a-dance-of-fire-ice/download HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 05 Nov 2022 17:48:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 05 Nov 2022 18:48:47 GMT
Location: https://apkmody.io/games/a-dance-of-fire-ice/download
Server-Timing: cf-q-config;dur=6.0000020312145e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDDJ1YQobjCVCXOkG2ec3qFBHRhvU4Stgc0rbLQcbNxH4Uf0qF6sK0ZF3yje3tm8%2BjJBQs2YOGtJpDpj6eNTKkQG8Bp1poBjuBd2hcKrym0kXKffYw19oP3Txqs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 76576c1b4f881c02-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14724
Expires: Sat, 05 Nov 2022 21:54:11 GMT
Date: Sat, 05 Nov 2022 17:48:47 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4972
Cache-Control: max-age=147909
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:47 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:53:56 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4972
Cache-Control: max-age=147909
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:47 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:53:56 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14436
Expires: Sat, 05 Nov 2022 21:49:23 GMT
Date: Sat, 05 Nov 2022 17:48:47 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 280 B IP
Hash 5d4bb496237424c4db3685d19d42fe02
ea6c9e8f51792773f899d43ffa51af86fe4f4fa5
fb497f5f52729245261c35824b88796ee3f072b7af784c03919d6e5de1bb5095
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3173
Cache-Control: max-age=105072
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:47 GMT
Etag: "63658d0a-118"
Expires: Sun, 06 Nov 2022 22:59:59 GMT
Last-Modified: Fri, 04 Nov 2022 22:07:06 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /lna8YKOUfudlxPhxp88b5yIzKSu/v4MZB8DZrtARd7Vx0NUohbCJMemiIWXJ1Uxg/OkAC3FfrY=
x-amz-request-id: ZQ9HGYXXA6M49QB4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 17:10:07 GMT
age: 2320
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2503
Cache-Control: max-age=140382
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:48 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 08:48:30 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Gyc/xKj0HGdeEjJQ7s00vA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I4mYC/eIZ2PorX9xvKMlHd2TG54=
cdnjs.cloudflare.com/ajax/libs/quicklink/2.2.0/quicklink.umd.js
200 OK 1.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/quicklink/2.2.0/quicklink.umd.js
IP
File type ASCII text, with very long lines (2324)
Hash 29f6d22833f862e911c7ea3456e14e04
be700aad09ca917134245b5f869bbe627d7a49b1
118cd67c6ee56766463329425989c56c3c6f1f472dc84613df4d346b57774152
GET /ajax/libs/quicklink/2.2.0/quicklink.umd.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 1001
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60ccd178-3e9"
last-modified: Fri, 18 Jun 2021 17:01:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 19607839
expires: Thu, 26 Oct 2023 17:48:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5ZEU9GkXUMmkuMnepApBIta3YAPsaHciGi%2BxHORGZL2wa8Z74BkTuWPeuEfJ2ODIi%2BU6MwtmmKaWKhIAwtp0cuPMO3uUI374W5Nf9NJXAFjHFJ7QWvIWFkqa27Mv2uypqbnE755"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76576c253f2db521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash c18c90ea9ccf7486426fd01e6ce665ee
17fef9ed9b7b3ad009acfc44d07244e59ccd70d5
e23a5c2ec51cce3ad3e17189b95918e3f49d72f2b561f7940e895dd84216e8ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2939
Cache-Control: max-age=132169
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:48 GMT
Etag: "6365f7ce-116"
Expires: Mon, 07 Nov 2022 06:31:37 GMT
Last-Modified: Sat, 05 Nov 2022 05:42:38 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 568eb08bfdf661d8f329bcc032c8439a
293e4f1f26d8c1868514e490dbaefd0aa73055fd
18f303e56ae18e9e2276be59d6fbeb3b7148244b5cd6b9becefe3a07df041330
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18F303E56AE18E9E2276BE59D6FBEB3B7148244B5CD6B9BECEFE3A07DF041330"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9888
Expires: Sat, 05 Nov 2022 20:33:36 GMT
Date: Sat, 05 Nov 2022 17:48:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ee511107a44e45b474781ada9d534f27
7e0f42359086d0042043314ebfc444871d173cc1
ea27bb698726a4b7b049c66cfe6018446eee1281d29e31f4a849ec89e9e0170d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA27BB698726A4B7B049C66CFE6018446EEE1281D29E31F4A849EC89E9E0170D"
Last-Modified: Sat, 05 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Sat, 05 Nov 2022 21:10:26 GMT
Date: Sat, 05 Nov 2022 17:48:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 834bd8504078d8de7f63b4e61ce30185
3b8c87701c269158476a3e73a2fc2ba8a8f476e4
5fc9a4728146ed0be0eea603ce747bb9d9e93913b43bfe6c1d24a07079be2690
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5FC9A4728146ED0BE0EEA603CE747BB9D9E93913B43BFE6C1D24A07079BE2690"
Last-Modified: Fri, 04 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10994
Expires: Sat, 05 Nov 2022 20:52:02 GMT
Date: Sat, 05 Nov 2022 17:48:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a30c9204a23c7606e3581d4cf9df2900
eae4bb2185f0032d7eda2d305ed449aa7b28d7bb
9d3ef96fd425e7d6b5c718d577895b62a879447d62cde74fd7e3eca86aa49de1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D3EF96FD425E7D6B5C718D577895B62A879447D62CDE74FD7E3ECA86AA49DE1"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5398
Expires: Sat, 05 Nov 2022 19:18:46 GMT
Date: Sat, 05 Nov 2022 17:48:48 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-6S81MQ06NL
200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-6S81MQ06NL
IP
File type Unicode text, UTF-8 text, with very long lines (21373)
Hash 2f05de47eb4886789defbbf667d6ff46
b26a3a9fc8f01a47323d21087790572a357ddab8
228523d18f49acc452f24f46970187f562f37615eb95bfc4ce6b775a775c95f5
GET /gtag/js?id=G-6S81MQ06NL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 17:48:48 GMT
expires: Sat, 05 Nov 2022 17:48:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77496
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
200 OK 6.6 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
Hash 08287c20e0292dc1553aabc48052291b
a0b563d17a01a5b6fc900feab90e67099237f21d
f7eda7bcaeeb158d31956044707fb8e325ab296cab275d200dfb017fcc813d3e
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:48 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 76576c255b23b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
hg.amedeosilvery.com/tnhYa8Ao77ox/50522
200 OK 25 B URL HTTP/1.1 hg.amedeosilvery.com/tnhYa8Ao77ox/50522
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tnhYa8Ao77ox/50522 HTTP/1.1
Host: hg.amedeosilvery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 17:48:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://apkmody.io
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 06-Nov-2022 17:48:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sun, 06-Nov-2022 17:48:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
uc.yearnawmbrie.com/rOTXOZDUcB0tEpZ/50521
200 OK 25 B URL HTTP/1.1 uc.yearnawmbrie.com/rOTXOZDUcB0tEpZ/50521
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /rOTXOZDUcB0tEpZ/50521 HTTP/1.1
Host: uc.yearnawmbrie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 05 Nov 2022 17:48:48 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://apkmody.io
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 06-Nov-2022 17:48:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sun, 06-Nov-2022 17:48:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
apkmody.io/wp-content/uploads/2022/06/Screenshot-image-11-1.webp
200 OK 187 kB URL HTTP/2 apkmody.io/wp-content/uploads/2022/06/Screenshot-image-11-1.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 187 kB (187156 bytes)
Hash d78c21c87e47b72206b9822fe7763e9c
1dde86f71f694d69efb269e4149c1a4ae88c6420
c99c5c71b8e098838d2aad01aa8247770cb425348882728f97b6748cbad23561
GET /wp-content/uploads/2022/06/Screenshot-image-11-1.webp HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: image/webp
content-length: 187156
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
content-security-policy: upgrade-insecure-requests
etag: "62bae621-2db14"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvZdrZdIlxVQwJ8oKeIhW%2BAwINP4b16mhRuRvJrRxqR8f5XMc%2BF548vMb20d5RozCmMKkoB7NhrkDP%2FFtDH319LKY848GaQn7hid56c1jzBmipeIYNVW%2FOwTZYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c250b1fb529-OSL
X-Firefox-Spdy: h2
apkmody.io/wp-content/themes/apkmody/style.css?ver=317
200 OK 50 kB URL HTTP/2 apkmody.io/wp-content/themes/apkmody/style.css?ver=317
IP
File type ASCII text, with very long lines (24513), with no line terminators
Hash 81304ef905b2a5843ea30b6fe93c4263
e7dca71c640f7f96300104f617c7764339e863ce
ab82d1cd9cfe53c735bfcd1dc4ea31eac2c7c63ee20a7d0c5c74eae0ebcace64
GET /wp-content/themes/apkmody/style.css?ver=317 HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: text/css
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
cf-bgj: minify
cf-polished: origSize=34516
content-security-policy: upgrade-insecure-requests
etag: W/"627476d3-86d4"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LEexlQv6wC%2FNJdpk6jVhqcKATqqGlg%2BD59pfE3%2BorESmVcKI4pNvrCwcQcaczLuA82EU7D83FvT4ngjAWWV1dG9h74Cz%2FVRdcqiHdVehPyF9xX0lr8jBkYDQcc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c24fb01b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
itweepinbelltor.com/ntfc.php?p=5098968
200 OK 6.0 kB URL HTTP/2 itweepinbelltor.com/ntfc.php?p=5098968
IP
File type C source, ASCII text, with very long lines (14509), with no line terminators
Hash fa3afbd0a73d18f149f1939e52d23381
d219455b9f9a7a544faeb7511aaa1feb4dbd3da9
7f126966b418b63ae959f8a0f4b0af6779bd61b18d89c487af950f9573b5d5df
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ntfc.php?p=5098968 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:48 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:53 GMT
etag: W/"63626a7d-38a8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
itweepinbelltor.com/zone?pub=0&zone_id=5098968&is_mobile=false&domain=apkmody.io&var=&ymid=&var_3=
200 OK 705 B URL HTTP/2 itweepinbelltor.com/zone?pub=0&zone_id=5098968&is_mobile=false&domain=apkmody.io&var=&ymid=&var_3=
IP
File type JSON data\012- , ASCII text, with very long lines (704)
Hash cbabefa189c3e83ea0bbcc7f371e45f8
5deecd571a1d42b5ba4e50e756a9653e4cc5f6b3
2d8ad3d316bc68abb7b688300368b76f00151a3e6f2a81660aa58838096eab3a
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=5098968&is_mobile=false&domain=apkmody.io&var=&ymid=&var_3= HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Origin: https://apkmody.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: 2dc0e322a91a384378a1148842afc1c5
access-control-allow-origin: https://apkmody.io
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d56d897fc55ccac97aab385c988a49c7
351b51ba6a680033beadae72a404360f9353b148
4ee2c4a6a1603c378009b314b4109d0e91e90220e505ab23c1164e7caf50720f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EE2C4A6A1603C378009B314B4109D0E91E90220E505AB23C1164E7CAF50720F"
Last-Modified: Fri, 04 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17346
Expires: Sat, 05 Nov 2022 22:37:55 GMT
Date: Sat, 05 Nov 2022 17:48:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Sat, 05 Nov 2022 20:51:37 GMT
Date: Sat, 05 Nov 2022 17:48:49 GMT
Connection: keep-alive
apkmody.io/games/a-dance-of-fire-ice/download
200 OK 0 B URL HTTP/2 apkmody.io/games/a-dance-of-fire-ice/download
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /games/a-dance-of-fire-ice/download HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670527.0.0.0; _ga=GA1.1.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: text/html
cache-control: public, max-age=0, must-revalidate, stale-if-error=3600
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlNXcQVVxnLnDCNpSmPx12Na26thJyi1oaje7rC0K%2Bv%2FKX78RB%2FxlzHmlf3XSDOYqlfqxHSS%2FyhV5QRl7KaPV18U6JMRzBXwGMKGggf7BXOKaU4zE75Ai%2F%2Baa8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c28c861b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Sat, 05 Nov 2022 20:51:37 GMT
Date: Sat, 05 Nov 2022 17:48:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Sat, 05 Nov 2022 20:51:37 GMT
Date: Sat, 05 Nov 2022 17:48:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Sat, 05 Nov 2022 20:51:37 GMT
Date: Sat, 05 Nov 2022 17:48:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10968
Expires: Sat, 05 Nov 2022 20:51:37 GMT
Date: Sat, 05 Nov 2022 17:48:49 GMT
Connection: keep-alive
apkmody.io/wp-content/themes/apkmody/assets/images/logo-11.svg
200 OK 10 kB URL HTTP/2 apkmody.io/wp-content/themes/apkmody/assets/images/logo-11.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10869), with no line terminators
Hash 7b4426063b032fe2afe2ae6b671fe4f2
76bc37d22a2ec1b96553b988aaed9b40694d8038
0507d1b09e42498de26e73fd59316138fe7e34997dd89ad66976b690e737fe21
GET /wp-content/themes/apkmody/assets/images/logo-11.svg HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
content-security-policy: upgrade-insecure-requests
etag: W/"62432814-2a75"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ziBXVCtqXlWmjqnh3yITOlPY1%2BdyRUYU%2ByNCyyH5YceyfeNuqy5QObsHlEGLB0perNTe2w1FMHZC5ls27Xs4ZMvbzCrPMTSrHnPT3tKAWaEgDYCXHP749M5aLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c250b1db529-OSL
content-encoding: br
X-Firefox-Spdy: h2
apkmody.io/sw.js
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.js HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Connection: keep-alive
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670527.0.0.0; _ga=GA1.1.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-length: 0
last-modified: Sat, 05 Nov 2022 10:58:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6348
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gq72FxUpMGziuwIO1gPCQhuGSCpOyqF2ZrEjXw44OYVyp1VYiWRrz9wYXBbG4TXMK8OV2ecRLU9SkUVepMlfB%2B8fa22ZGEz4gEMNR3Tqaj7vBo5xbocqIcZfDM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c2aeb0bb529-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 34352e233023821559959951162834a8
f825f0ffeb726f63b915d6ef73c59a175228a909
58fb8387566053cc885bf39dc7e0d8ecb996612e6558ad25ec8f9439a4c8545d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6556
Cache-Control: max-age=141560
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:49 GMT
Etag: "63660e5d-116"
Expires: Mon, 07 Nov 2022 09:08:09 GMT
Last-Modified: Sat, 05 Nov 2022 07:18:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6mALhsUwtQqMP_p_HxFaiCyfRDTtVzPIJjeDrKSEq7Tc_d5EcNw3Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:52:32 GMT
age: 71777
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a3b1551512640bb8f5e7deb80c32272
75805b9f03aef14cfad025259936ae5f217d25ca
5baa90853202e78cf9b59e9ab597e16ccfbf143d7e124583e64dc1ad1ee2c2df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28a5f5ce-bd81-4e56-bd1b-460e13379581.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7783
x-amzn-requestid: ab7cc6ee-976d-41a4-b5da-0aefd5cb6246
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEJnzH15oAMFlwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bc98-68f910b60bd5ecaf2947c59a;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:17:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JnvKcym5f71Ra_ZHzkTXnU7Fa3D5zBFK9JFKXA_A3G98jN9r3Jikyw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 08:24:07 GMT
age: 33882
etag: "75805b9f03aef14cfad025259936ae5f217d25ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7c9c908e891e7277f21a914fea9aa25
596c3c084ae3d850a5dc28e549b4e22f2b8cc71f
709c217b3ac09712d2af4366316c8977b1a4e2a73f887b3e30f10df1ed50bacd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255683f8-a0b6-411a-a41e-4d042746780e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 7c179507-20a7-4fa3-993b-f79b3e7949ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwiGHD_IAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e0d-337623ce79dc53c864632c72;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:06:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CKSa8_W-V5Rf8od3FFPgvBmlfXcqaYotYT5u6Gm8UvmXECcAzfAGoA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 14:36:54 GMT
age: 11515
etag: "596c3c084ae3d850a5dc28e549b4e22f2b8cc71f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
itweepinbelltor.com/custom
200 OK 0 B URL HTTP/2 itweepinbelltor.com/custom
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://apkmody.io/
Origin: https://apkmody.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://apkmody.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 06:27:59 GMT
age: 40850
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eaf06d0fb99703abfd57b962eb21ce96
ce73b0ad22139bec863ed990e3d3af4bdc3df288
a226250245611193be882c92f2d9920cb6ceeb12823b48c0b9c8fa2aba1c8c0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94b0737-3952-4bbe-b940-e1f79fb95cbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6909
x-amzn-requestid: 7c500c29-f514-491c-b2fe-a732a546925f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: awWpEEYHoAMFWdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635cd16d-6d9c4c5c41f4fcd16cabda59;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lOCFTDiIxZDBzypATpujFz2hjWPabqjokrpq1-5An86y5lZLG5xHxQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 07:40:21 GMT
age: 36508
etag: "ce73b0ad22139bec863ed990e3d3af4bdc3df288"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 34352e233023821559959951162834a8
f825f0ffeb726f63b915d6ef73c59a175228a909
58fb8387566053cc885bf39dc7e0d8ecb996612e6558ad25ec8f9439a4c8545d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6556
Cache-Control: max-age=141560
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:49 GMT
Etag: "63660e5d-116"
Expires: Mon, 07 Nov 2022 09:08:09 GMT
Last-Modified: Sat, 05 Nov 2022 07:18:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
itweepinbelltor.com/custom
200 OK 39 B URL HTTP/2 itweepinbelltor.com/custom
IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Content-Type: application/json
Origin: https://apkmody.io
Content-Length: 391
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 138182bc011fc9b63ec31b14222d5d59
access-control-allow-origin: https://apkmody.io
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4cfd5b4be26344355d1c7070fca59a39
e7fa94e191ae84aaed5392420685291b8e80c825
f54bc907c52a617006ae065252fc2b8602efd0686449d197b33d2d0c529d3e52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F54BC907C52A617006AE065252FC2B8602EFD0686449D197B33D2D0C529D3E52"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3486
Expires: Sat, 05 Nov 2022 18:46:55 GMT
Date: Sat, 05 Nov 2022 17:48:49 GMT
Connection: keep-alive
ocsp.trust-provider.cn/
200 OK 282 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 035eb236822e1c0cde31989ccfbf44e0
b7b5e2d87edaf12cf4aff211f58fcba18539e3f8
868a4cfc5e5d67b00907c45c2822935c89350f9e77c66aae687bd1e980f3c20b
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 05 Nov 2022 17:32:13 GMT
last-modified: Thu, 03 Nov 2022 09:55:01 GMT
expires: Thu, 10 Nov 2022 09:55:00 GMT
etag: "b7b5e2d87edaf12cf4aff211f58fcba18539e3f8"
cache-control: max-age=599200,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb5
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 765753d77932910d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1667669533
via: cache23.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache7.se1[0,0,200-0,H], cache2.se1[1,0], cache8.se1[4,0]
age: 996
x-cache: HIT TCP_MEM_HIT dirn:11:150139684
x-swift-savetime: Sat, 05 Nov 2022 17:48:23 GMT
x-swift-cachetime: 830
timing-allow-origin: *, *
eagleid: 2ff62c9c16676705298206409e, 2ff62c9c16676705298206409e
region1.google-analytics.com/g/collect?v=2&tid=G-6S81MQ06NL>m=2oeb20&_p=1559012305&cid=1913276957.1667670528&ul=en-us&sr=1280x1024&_s=1&sid=1667670527&sct=1&seg=0&dl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&dt=A%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20(Free%20to%20Play)%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-6S81MQ06NL>m=2oeb20&_p=1559012305&cid=1913276957.1667670528&ul=en-us&sr=1280x1024&_s=1&sid=1667670527&sct=1&seg=0&dl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&dt=A%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20(Free%20to%20Play)%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6S81MQ06NL>m=2oeb20&_p=1559012305&cid=1913276957.1667670528&ul=en-us&sr=1280x1024&_s=1&sid=1667670527&sct=1&seg=0&dl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&dt=A%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20(Free%20to%20Play)%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://apkmody.io
date: Sat, 05 Nov 2022 17:48:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bb4af57ec7181d97603efd860d786daf
abe0837fa377b03a6b061906c4558cb4a4f8bd45
636607159d437a7dbd7c6a89df1f5e9b455c58791f9a39da6f8f1e4b879f0b01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636607159D437A7DBD7C6A89DF1F5E9B455C58791F9A39DA6F8F1E4B879F0B01"
Last-Modified: Fri, 04 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8069
Expires: Sat, 05 Nov 2022 20:03:18 GMT
Date: Sat, 05 Nov 2022 17:48:49 GMT
Connection: keep-alive
belickitungchan.com/400/5292365
403 Forbidden 22 B URL HTTP/2 belickitungchan.com/400/5292365
IP
File type ASCII text, with no line terminators
Hash b5e50d07b6b24e1e105e6e4fceb97bf6
95d7e8119b8befc7153b44b4c7be59f26bd6ad33
61c3148fba3befcce5b4636c4209a440913a136138bf62005df97386827f2ae2
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5292365 HTTP/1.1
Host: belickitungchan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: text/plain; charset=utf-8
content-length: 22
x-trace-id: 746d0b991d1d741eb00e08d3d7f509fa
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
timing-allow-origin: *
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4a071aba7e415d8fef076431afd5cf35
8fd4984046851a3fbd44b60e5449652a5e35d831
3b524ec5ba4cdb23f5859fa31bc06ecd94546bfd31545db0f262355503d95088
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 17:48:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 12:52:20 GMT
Expires: Thu, 10 Nov 2022 12:52:19 GMT
Etag: "8fd4984046851a3fbd44b60e5449652a5e35d831"
Cache-Control: max-age=413609,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76576c2c2b87b512-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 922
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 05 Nov 2022 17:48:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://apkmody.io
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4410e0283900e769c122cfbcbdbed143
c5588f7f402a41c39405d7459367eadb893fafaf
c9943eb8c4b659d1f5adf76a2d36b70f4ab306c5831b469e07b0fa822056f2b5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 17:48:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 18:25:20 GMT
Expires: Thu, 10 Nov 2022 18:25:19 GMT
Etag: "c5588f7f402a41c39405d7459367eadb893fafaf"
Cache-Control: max-age=433588,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76576c2cbc1fb512-OSL
my.rtmark.net/gid.js
200 OK 65 B IP
File type JSON data\012- , ASCII text
Hash b57942655b38be26b3dd165cb7160877
e6b1306a1ab1e81b094dd16acd5e0984cdc2932c
8aacd87bb47af7da3b0c5c0681c9345cc04ec6e428565db3a48ea3852641fb27
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://apkmody.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d13e7924fc4246fd89b90987627cab43; expires=Sun, 05 Nov 2023 17:48:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
optyruntchan.com/500/5098963?excludes=&oaid=d13e7924fc4246fd89b90987627cab43&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 optyruntchan.com/500/5098963?excludes=&oaid=d13e7924fc4246fd89b90987627cab43&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5098963?excludes=&oaid=d13e7924fc4246fd89b90987627cab43&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: optyruntchan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://apkmody.io/
Origin: https://apkmody.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://apkmody.io
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
etpweb.happymod.io/event/report/web
200 OK 14 B URL HTTP/2 etpweb.happymod.io/event/report/web
IP
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JSON data\012- , ASCII text, with no line terminators
Hash 886be12a79c0b1bd90e23851bce11841
233d6221d8c9f4971eb1c8a9e76d8d21b0e99bb8
d76b81313242d55a46cabc4b8da69f512aa3a94a9be70924be9a0b1bfc96f52e
POST /event/report/web HTTP/1.1
Host: etpweb.happymod.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 848
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:50 GMT
content-type: application/json; charset=utf-8
content-length: 14
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With, AccessKey,Timestamp
access-control-allow-methods: POST, GET
access-control-allow-origin: https://apkmody.io
access-control-expose-headers: Timestamp
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b3f8417b7457d0ecc5fbfe29b7a94702
1456a274619bf3e8b11c7331c0a2f610bc8ab242
4a43b09bc9f2ea86707168c8d95283272298eba15b908c345c60e75094c68a0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=109084
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:50 GMT
Etag: "6365a91e-117"
Expires: Mon, 07 Nov 2022 00:06:54 GMT
Last-Modified: Sat, 05 Nov 2022 00:06:54 GMT
Server: nginx
Content-Length: 279
offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
200 OK 43 kB URL HTTP/2 offerimage.com/www/images/e27e78d3b01907b714b7d939d7eed85d.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e27e78d3b01907b714b7d939d7eed85d
2d4aa0d84925e5031861258c341788450ba8b43c
37024bac32f0cc3299c2492471b40e6beb2fd7b3cb73b172d68207e87cdfd6e6
GET /www/images/e27e78d3b01907b714b7d939d7eed85d.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:50 GMT
content-type: image/png
content-length: 43157
last-modified: Thu, 10 Dec 2020 12:59:54 GMT
etag: "5fd21bca-a895"
expires: Sun, 06 Nov 2022 09:05:51 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 31379
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76576c2f9a91b4f9-OSL
X-Firefox-Spdy: h2
apkmody.io/games/a-dance-of-fire-ice/download
200 OK 0 B URL HTTP/2 apkmody.io/games/a-dance-of-fire-ice/download
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /games/a-dance-of-fire-ice/download HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670527.0.0.0; _ga=GA1.1.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:50 GMT
content-type: text/html
cache-control: public, max-age=0, must-revalidate, stale-if-error=3600
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8sReO67D1V%2BrLdJH3Zes4Z6okflRBHGOuR9JkGp0AX7oBNQSUfUpOU6JEcUn4U9tlPQ0n1erzl6PSGZlJhZICMx2vLPuPfboeP0QFnN7HREzjdUPIVqo%2BwaJ7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c28f8a0b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=rc2II5B2BjfVPMJ-IEOM9_dDUaL6g0Sr81tpX6CpkxhHxv91GSaWDbcmTmD2SDp6d3vu1L-THKqUbDoBu2plbKqU72bXRWD3BZRbqxHhQCY-Zt7DYikIxIeh6H9Jny7AOadsPQxb4JtRv0916hlpxzXKYz16NkK_G_CoX9psOoQ07YtJ8byGFOutk_50P9n0reB4z5ctNUjtQyUsJyRFgvdoaqC_kzw6Z5uvxA%3D%3D&request_ab2=0&zoneid=5101305&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=a9140855-88af-482a-9461-7d4d44cc66f0&userId=d13e7924fc4246fd89b90987627cab43&m=link
200 OK 23 kB URL HTTP/2 cdn.itskiddien.club/?rb=rc2II5B2BjfVPMJ-IEOM9_dDUaL6g0Sr81tpX6CpkxhHxv91GSaWDbcmTmD2SDp6d3vu1L-THKqUbDoBu2plbKqU72bXRWD3BZRbqxHhQCY-Zt7DYikIxIeh6H9Jny7AOadsPQxb4JtRv0916hlpxzXKYz16NkK_G_CoX9psOoQ07YtJ8byGFOutk_50P9n0reB4z5ctNUjtQyUsJyRFgvdoaqC_kzw6Z5uvxA%3D%3D&request_ab2=0&zoneid=5101305&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=a9140855-88af-482a-9461-7d4d44cc66f0&userId=d13e7924fc4246fd89b90987627cab43&m=link
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3996)
Hash 05ca3379bf1319851ee39be878c279a3
488424ed99f03c059d48e33f3fa9f83fb60b33b0
802dace03f10c21b10ee9faff53bf150f8e0d1d0853790186e828907954af9c3
GET /?rb=rc2II5B2BjfVPMJ-IEOM9_dDUaL6g0Sr81tpX6CpkxhHxv91GSaWDbcmTmD2SDp6d3vu1L-THKqUbDoBu2plbKqU72bXRWD3BZRbqxHhQCY-Zt7DYikIxIeh6H9Jny7AOadsPQxb4JtRv0916hlpxzXKYz16NkK_G_CoX9psOoQ07YtJ8byGFOutk_50P9n0reB4z5ctNUjtQyUsJyRFgvdoaqC_kzw6Z5uvxA%3D%3D&request_ab2=0&zoneid=5101305&js_build=iclick-v1.447.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.447.0&bs=a9140855-88af-482a-9461-7d4d44cc66f0&userId=d13e7924fc4246fd89b90987627cab43&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Origin: https://apkmody.io
Connection: keep-alive
Cookie: OAID=0e86fc4fee484472a861fc18aeab5ef2; oaidts=1667670529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:50 GMT
content-type: application/json
x-trace-id: 47e6447053284374dfc9d213553c434b
access-control-allow-origin: https://apkmody.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=d13e7924fc4246fd89b90987627cab43; expires=Sun, 05 Nov 2023 17:48:50 GMT; path=/; secure; SameSite=None
oaidts=1667670530; expires=Sun, 05 Nov 2023 17:48:50 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 12 Nov 2022 17:48:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a6913d09d2b8cbd80ef370c1997143ec
61873208c5852b9f13b1a60d408ec8b239c48c81
291bfcf11419acdfafebb4a1d789302bcbae25eff3a3a847a251e912ef5854b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c849af827d6fb5966450475d3bc7c180
555a2af46685566d647090060a47f45e2410a2f0
e51a885db5e01667e1c33002c621d273f9a1fde5386f583eccdcf539c6be3d3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tzegilo.com/stattag.js
200 OK 26 kB IP
File type ASCII text, with very long lines (13017), with no line terminators
Hash 4ede60d9e1672a0c485cfcc388c993f3
70e3d61fdeb5a814188d46889e6aaee85df9d2af
218a43e03431514336b5682ec597efceb0f36639998fb7ddc0af37692e99ef51
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1564
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Co2aKCaKCMwE%2B2G5%2F0rTnBgD0SGCmWW9IFCZwxeR%2F1J6N2FgztzqrJ6DnYdKQTwM9sGFVa%2FsqjWfJt1C5%2FRnrXtwSGvPs11ujJjKgj3zFXV0zIS80WuDyxPGHZ1%2BPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76576c2b1ccfb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 3939e8635fb493661428435ebb515209
172139e56e3123b00e98d9e675bf4afd80de3e72
98c92c3aac9c758e39e1e3f8652f5a01c42733bab344c89bdc6dc09a4b62d41f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 17:48:50 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Wed, 09 Nov 2022 16:11:16 GMT
ETag: "172139e56e3123b00e98d9e675bf4afd80de3e72"
Last-Modified: Sat, 05 Nov 2022 16:11:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2191
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76576c31dad0fac0-OSL
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=apkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload
200 OK 97 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=apkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash dd05d71185958476f985fad904ae741a
1f7511b2e4eb99a9216c9383816bda9b4260ec36
5f404fe61992430788755c9dd8ac4889ce9efd52fc2ffa8ed2acc369f0a742b3
GET /pagead/ppub_config?ippd=apkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Origin: https://apkmody.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Sat, 05 Nov 2022 17:48:50 GMT
expires: Sat, 05 Nov 2022 17:48:50 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 97
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 05-Nov-2022 18:03:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP
File type ASCII text, with very long lines (40288)
Hash 3040733e272db2224e7c32dbfa555e46
00bda90e42732595ac7fdaad4df790ae6e692fda
a1d1cef095a6c6e5820186b76e9d367db317dcf16a88d57cce91ee1a0ae0851e
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27461
date: Sat, 05 Nov 2022 17:48:50 GMT
expires: Sat, 05 Nov 2022 17:48:50 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1384 / 658 of 1000 / last-modified: 1667599622"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=5101305
200 OK 29 kB URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5101305
IP
Hash b6a2ab1a4ed820990b64a4b70ef53850
94652a344e0bb2f77bac5daa63ab413b56851185
38f44aa86b700c70579baa1f7713b43dc584a42365d275b97c0d5a37cb2dfe0b
GET /apu.php?zoneid=5101305 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/javascript
x-trace-id: 5894c868ee15b2b1494964eab57effe5
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0e86fc4fee484472a861fc18aeab5ef2; expires=Sun, 05 Nov 2023 17:48:49 GMT; path=/; secure; SameSite=None
oaidts=1667670529; expires=Sun, 05 Nov 2023 17:48:49 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
apkmody.io/wp-content/uploads/2020/01/cropped-icon-192x192.png
200 OK 1.1 kB URL HTTP/2 apkmody.io/wp-content/uploads/2020/01/cropped-icon-192x192.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b02906232de9618d9aac3dd2318bc490
9bcf799a679ae595e344fa5eb5e1510b3e70bb76
ec9484b860d22e2250ab98f68ba5c3c945d73f8f68bb3c5dda889d19d708475d
GET /wp-content/uploads/2020/01/cropped-icon-192x192.png HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670527.0.0.0; _ga=GA1.1.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1; prefetchAd_5101305=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:50 GMT
content-type: image/webp
content-length: 1100
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2082
content-disposition: inline; filename="cropped-icon-192x192.webp"
content-security-policy: upgrade-insecure-requests
etag: "5e1fda25-822"
vary: Accept
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yl3Pxr%2BiZp%2FboCA2WfbcqqTtjiaNoj0xsryH%2BJYE%2FCZURjBH7nkBYXCZ51j84Hk9zQi7u1bpcwMHqY8XVq7MUHvG3pOVZ8iX%2FkXuLpYnO7xmalq1PAZt0huQKKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c2ff9a6b529-OSL
X-Firefox-Spdy: h2
apkmody.io/wp-content/uploads/2020/01/cropped-icon-32x32.png
200 OK 170 B URL HTTP/2 apkmody.io/wp-content/uploads/2020/01/cropped-icon-32x32.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash a1b2c76e1ebad497d9c9bd71de743a20
c6d0226f9c51f820ca07dab017e2aacc22d72f38
49bf1bc66ee48831acf698d029a9688bcb6453daea33222d69e43516aa036ccd
GET /wp-content/uploads/2020/01/cropped-icon-32x32.png HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670527.0.0.0; _ga=GA1.1.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1; prefetchAd_5101305=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:50 GMT
content-type: image/webp
content-length: 170
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=552
content-disposition: inline; filename="cropped-icon-32x32.webp"
content-security-policy: upgrade-insecure-requests
etag: "5e1fda25-228"
vary: Accept
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERUc8qDgSFavNMvcD9XXh%2FWGWY%2Fp7tY9kMDIrggm6ha2VrHuHD9De%2BxtetR8McAB3tQwvpFnz%2FPgWy1X%2ByTRQ%2FQUSLBJ2hOfiqkX4g9fGPtJXWsXY17wrdbnIUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c2ff9a9b529-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c849af827d6fb5966450475d3bc7c180
555a2af46685566d647090060a47f45e2410a2f0
e51a885db5e01667e1c33002c621d273f9a1fde5386f583eccdcf539c6be3d3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a6913d09d2b8cbd80ef370c1997143ec
61873208c5852b9f13b1a60d408ec8b239c48c81
291bfcf11419acdfafebb4a1d789302bcbae25eff3a3a847a251e912ef5854b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 6bb9990fc521832208f25ccf5261b719
be8acfb80dfc034d5cbd7dabb318ea8853762c10
677f03256dacdc519c12971fd422fe1afa0ecca3864f4e8f7aa0bed4eecd9c38
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73397
date: Sat, 05 Nov 2022 17:48:50 GMT
access-control-allow-origin: *
etag: "63575841-11eb5"
expires: Sat, 05 Nov 2022 18:48:50 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88841991?wmode=7&page-url=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A2191%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A969302921180%3Ahid%3A1003946598%3Az%3A0%3Ai%3A20221105174849%3Aet%3A1667670530%3Ac%3A1%3Arn%3A1070870096%3Arqn%3A1%3Au%3A1667670530276051436%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C42%2C1058%2C4%2C378%2C0%2C%2C734%2C2%2C%2C%2C%2C2291%3Ans%3A1667670525570%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667670530%3At%3AA%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20(Free%20to%20Play)%20Download&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
302 Found 472 B URL HTTP/2 mc.yandex.ru/watch/88841991?wmode=7&page-url=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A2191%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A969302921180%3Ahid%3A1003946598%3Az%3A0%3Ai%3A20221105174849%3Aet%3A1667670530%3Ac%3A1%3Arn%3A1070870096%3Arqn%3A1%3Au%3A1667670530276051436%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C42%2C1058%2C4%2C378%2C0%2C%2C734%2C2%2C%2C%2C%2C2291%3Ans%3A1667670525570%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667670530%3At%3AA%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20(Free%20to%20Play)%20Download&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
Hash d9b08c38f0415438f5f92380ecb902bb
521f94256b2e677cebf32404641ea8b23c18b2a4
696a8fc71eb173d6434e990a93fca753df22378de0e3014f529db7654d27cf77
GET /watch/88841991?wmode=7&page-url=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A2191%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A969302921180%3Ahid%3A1003946598%3Az%3A0%3Ai%3A20221105174849%3Aet%3A1667670530%3Ac%3A1%3Arn%3A1070870096%3Arqn%3A1%3Au%3A1667670530276051436%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C42%2C1058%2C4%2C378%2C0%2C%2C734%2C2%2C%2C%2C%2C2291%3Ans%3A1667670525570%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667670530%3At%3AA%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20(Free%20to%20Play)%20Download&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/88841991/1?wmode=7&page-url=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A2191%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A969302921180%3Ahid%3A1003946598%3Az%3A0%3Ai%3A20221105174849%3Aet%3A1667670530%3Ac%3A1%3Arn%3A1070870096%3Arqn%3A1%3Au%3A1667670530276051436%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C42%2C1058%2C4%2C378%2C0%2C%2C734%2C2%2C%2C%2C%2C2291%3Ans%3A1667670525570%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667670530%3At%3AA%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20%28Free%20to%20Play%29%20Download&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 05 Nov 2022 17:48:51 GMT
access-control-allow-origin: https://apkmody.io
set-cookie: yandexuid=169396841667670531; Expires=Sun, 05-Nov-2023 17:48:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=169396841667670531; Expires=Sun, 05-Nov-2023 17:48:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1601095941667670531; Path=/; SameSite=None; Secure
i=/38OeWB1Tp3HvMC5zFbKKGiadVkA35d0ZbT2NsMmC+Qe5aTRhlGxktApcJnrJ9CSft9xW8yZukLK37j6SSP/4EK9PaE=; Expires=Tue, 02-Nov-2032 17:48:48 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699206531.yrts.1667670531#1699206531.yrtsi.1667670531; Expires=Sun, 05-Nov-2023 17:48:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 05-Nov-2022 17:48:51 GMT
last-modified: Sat, 05-Nov-2022 17:48:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=apkmody.io
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=apkmody.io
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=apkmody.io HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 05 Nov 2022 17:48:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=apkmody.io
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=apkmody.io
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=apkmody.io HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 05 Nov 2022 17:48:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 05 Nov 2022 17:48:51 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Sat, 05 Nov 2022 18:48:51 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88841991/1?wmode=7&page-url=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A2191%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A969302921180%3Ahid%3A1003946598%3Az%3A0%3Ai%3A20221105174849%3Aet%3A1667670530%3Ac%3A1%3Arn%3A1070870096%3Arqn%3A1%3Au%3A1667670530276051436%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C42%2C1058%2C4%2C378%2C0%2C%2C734%2C2%2C%2C%2C%2C2291%3Ans%3A1667670525570%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667670530%3At%3AA%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20%28Free%20to%20Play%29%20Download&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/88841991/1?wmode=7&page-url=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A2191%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A969302921180%3Ahid%3A1003946598%3Az%3A0%3Ai%3A20221105174849%3Aet%3A1667670530%3Ac%3A1%3Arn%3A1070870096%3Arqn%3A1%3Au%3A1667670530276051436%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C42%2C1058%2C4%2C378%2C0%2C%2C734%2C2%2C%2C%2C%2C2291%3Ans%3A1667670525570%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667670530%3At%3AA%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20%28Free%20to%20Play%29%20Download&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 9226950740109111145b66925999ec30
c6153f301afdf93a9b756196de24090c4bba558c
9bd07325f748623505bb727648c316c546320eec0f65f226a18efbbfc01fbd2d
GET /watch/88841991/1?wmode=7&page-url=https%3A%2F%2Fapkmody.io%2Fgames%2Fa-dance-of-fire-ice%2Fdownload&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A2191%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A969302921180%3Ahid%3A1003946598%3Az%3A0%3Ai%3A20221105174849%3Aet%3A1667670530%3Ac%3A1%3Arn%3A1070870096%3Arqn%3A1%3Au%3A1667670530276051436%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C42%2C1058%2C4%2C378%2C0%2C%2C734%2C2%2C%2C%2C%2C2291%3Ans%3A1667670525570%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667670530%3At%3AA%20Dance%20of%20Fire%20and%20Ice%201.15.5%20APK%20%2B%20MOD%20%28Free%20to%20Play%29%20Download&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://apkmody.io
Referer: https://apkmody.io/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Sat, 05 Nov 2022 17:48:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://apkmody.io
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 05-Nov-2022 17:48:51 GMT
last-modified: Sat, 05-Nov-2022 17:48:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
200 OK 3.0 kB URL HTTP/2 717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash 0193525c83a04aba8fa3caf53d9aac05
ec27db82404e05017dd9b66206d03c2f623ca8d6
1f57111c09ecc489613040fb1f8ec3e9458f6d58bdacfd3669a10ba338a4c9d0
GET /safeframe/1-0-39/html/container.html HTTP/1.1
Host: 717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2988
date: Sat, 05 Nov 2022 17:48:51 GMT
expires: Sun, 05 Nov 2023 17:48:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
itweepinbelltor.com/custom
200 OK 39 B URL HTTP/2 itweepinbelltor.com/custom
IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Content-Type: application/json
Origin: https://apkmody.io
Content-Length: 758
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:51 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 806415204d1856cf34fca35a368cd759
access-control-allow-origin: https://apkmody.io
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
apkmody.io/cdn-cgi/rum?
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 15400
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670527.0.0.0; _ga=GA1.2.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1; prefetchAd_5101305=true; _gid=GA1.2.115380038.1667670529; _gat_gtag_UA_237085958_2=1; _ym_uid=1667670530276051436; _ym_d=1667670530; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Sat, 05 Nov 2022 17:48:51 GMT
access-control-allow-origin: https://apkmody.io
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 76576c35b844b529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110201&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110201&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14846), with no line terminators
Hash 0eab2f628d126cfc1b928027f3b22e35
f778c573b8c746441cdff290405221f1e3ee031e
07813bd3a2e4310428199492697edb3662c6e6fa8b35930bc258ad12fe568c0e
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022110201&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 05 Nov 2022 17:48:52 GMT
server: cafe
content-length: 11203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 084896f8aed3237fee53aeade164c260
61864bd91a1e0bdc719ee6d934b39a069a1a9249
59b972bbe440aca97429c80fd149574c209692ad473e2335acfa02d5f3cfc70d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.3 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (2157)
Hash e29270d7729dca55e486bb75df364024
6be76d32470dc29a55cf17ba02524c12b84c439c
526e11786c501b0a8119401cd703bb64ef6366682bb073b0a28f3b2553ef94b2
GET /pagead/js/r20221101/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7305
x-xss-protection: 0
date: Sat, 05 Nov 2022 15:27:03 GMT
expires: Sat, 19 Nov 2022 15:27:03 GMT
cache-control: public, max-age=1209600
age: 8509
etag: 12747696668401323709
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 084896f8aed3237fee53aeade164c260
61864bd91a1e0bdc719ee6d934b39a069a1a9249
59b972bbe440aca97429c80fd149574c209692ad473e2335acfa02d5f3cfc70d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 084896f8aed3237fee53aeade164c260
61864bd91a1e0bdc719ee6d934b39a069a1a9249
59b972bbe440aca97429c80fd149574c209692ad473e2335acfa02d5f3cfc70d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 05 Nov 2022 17:48:52 GMT
expires: Sat, 05 Nov 2022 17:48:52 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
200 OK 9.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221101/r20110914/abg_lite_fy2021.js
IP
File type ASCII text, with very long lines (1729)
Hash a7496896358deb0c899c3aedbfad1a28
9d8b0980af7ed6db07a1b4c288f0a4627ab9645c
117f6ddbafbb3a376c39561f3549022703cfea41452d71e38928bbbc60745022
GET /pagead/js/r20221101/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9180
x-xss-protection: 0
date: Fri, 04 Nov 2022 17:53:12 GMT
expires: Fri, 18 Nov 2022 17:53:12 GMT
cache-control: public, max-age=1209600
age: 86140
etag: 12585499704757265805
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
200 OK 8.0 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js
IP
File type ASCII text, with very long lines (2170)
Hash a2db30830c98894aa3d3d97670cb0321
d87056be815b0abf268babb24772b28b29281ec4
b44e8451ee75075bb4bb6a46d65b308994594661bc2126a038f9338c9d6155f9
GET /pagead/js/r20221101/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7963
x-xss-protection: 0
date: Fri, 04 Nov 2022 19:31:45 GMT
expires: Fri, 18 Nov 2022 19:31:45 GMT
cache-control: public, max-age=1209600
age: 80227
etag: 15183902602499586604
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP
File type ASCII text, with very long lines (3502)
Hash 4e5cc9d0c908a63da8d8553309c08d71
dbd01af06feea393a60df5a1a11de295cf59c817
80707aac67cbc35fa90d928fb720ec1926e4a4306e5093b4286b1fdd10b10b32
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48204
date: Sat, 05 Nov 2022 17:48:52 GMT
expires: Sat, 05 Nov 2022 17:48:52 GMT
cache-control: private, max-age=3000
etag: "1667489865617883"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5de5a7ee16d3f3164758282fbecef0a3
82fb2ac7d306e1f9724adc0ba2ef9e549baa9100
ad55f91c5fb1f872310a5f5777a65b79a338138d241a674449da2e0edde1f2ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d8b70fd6595bb4082b056b4e32a8eba9
2c99be9ad104814a52c37ca1c7d18a5662469ef6
b93d2ab2992115abb4063ce489370f085ed17e1c265412491d4fffca8616ba63
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 05 Nov 2022 17:48:52 GMT
date: Sat, 05 Nov 2022 17:48:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-ouHK1mHdBEk3elL4Yx8OtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
200 OK 205 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 15:46:36 GMT
expires: Sun, 05 Nov 2023 15:46:36 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 7336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 08:05:13 GMT
expires: Sun, 05 Nov 2023 08:05:13 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 35019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fe014c48910d74c803cac3cb82bbb28b
aa11fcc4ad405f489abd9fac9e98260917c25192
58f6fad6693c206a5dac2f7c50fc0bc3559000517d2b948370e7bbcb374a3805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fe014c48910d74c803cac3cb82bbb28b
aa11fcc4ad405f489abd9fac9e98260917c25192
58f6fad6693c206a5dac2f7c50fc0bc3559000517d2b948370e7bbcb374a3805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fe014c48910d74c803cac3cb82bbb28b
aa11fcc4ad405f489abd9fac9e98260917c25192
58f6fad6693c206a5dac2f7c50fc0bc3559000517d2b948370e7bbcb374a3805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fe014c48910d74c803cac3cb82bbb28b
aa11fcc4ad405f489abd9fac9e98260917c25192
58f6fad6693c206a5dac2f7c50fc0bc3559000517d2b948370e7bbcb374a3805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 486b4e1e66779945a7624394e6cafc65
ba22e75c620010bc3f243b46cdf114590b511792
9871f49c7a7a15619009b802ca90cb376c63b41d862ad809691b5919300d153a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
IP
File type ASCII text, with very long lines (5046)
Hash 47d75a510d4f09c08d7add5b89cb5bfe
9a98212576a35cd8f370b6ac37ff6c8d1985a7f6
15b4c0711d7334a3d8bff4b32c36814d18228fceb5762ec101a314a41e1bd7f1
GET /rtv/012210191347000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1912
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 17:08:57 GMT
expires: Thu, 02 Nov 2023 17:08:57 GMT
cache-control: public, max-age=31536000
etag: "9f4a70ec77acc0d1"
content-type: text/javascript; charset=UTF-8
age: 261595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
IP
File type ASCII text, with very long lines (65534)
Hash b7e7237dda6bb30ca41984a7ec955c6e
9aaafaccc0450ef2e85cc793eef6f8658905960a
58696c719d75279e39fd7e60d79bcdadb2f17eb76fcb3732b7a6f4d7fbd24c7a
GET /rtv/012210191347000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28845
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:48:22 GMT
expires: Fri, 03 Nov 2023 21:48:22 GMT
cache-control: public, max-age=31536000
etag: "fdb7364f8f067758"
content-type: text/javascript; charset=UTF-8
age: 158430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
IP
File type ASCII text, with very long lines (14697)
Hash 233278265fc033322558501e669c19f1
016edda223adfafd1cb756d6fe04e159ee89681f
41c3ce2e1ddc232842586f94b5d384714560885a50c9d8370f4e2bed1382f7e1
GET /rtv/012210191347000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5198
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 22:01:45 GMT
expires: Fri, 03 Nov 2023 22:01:45 GMT
cache-control: public, max-age=31536000
etag: "aeb1502543fb438c"
content-type: text/javascript; charset=UTF-8
age: 157627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 15:21:36 GMT
expires: Thu, 02 Nov 2023 15:21:36 GMT
cache-control: public, max-age=31536000
age: 268036
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
IP
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash 55dd55349450dbebf4e652fd7b7efc8f
e0595ceb4e1de54c959635de15e90cb7de894f9d
594c9c43a59fa419f7a9f6d669540064b9b44d07fcedd1c52607b826b7b04432
GET /rtv/012210191347000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:27:06 GMT
expires: Fri, 03 Nov 2023 21:27:06 GMT
cache-control: public, max-age=31536000
etag: "2923b90bb7365105"
content-type: text/javascript; charset=UTF-8
age: 159706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fe014c48910d74c803cac3cb82bbb28b
aa11fcc4ad405f489abd9fac9e98260917c25192
58f6fad6693c206a5dac2f7c50fc0bc3559000517d2b948370e7bbcb374a3805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 17:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/si?st=NO_DATA HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 17:48:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 05-Nov-2022 18:48:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
test_cookie=CheckForPermission; expires=Sat, 05-Nov-2022 18:03:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Nov 2022 17:48:52 GMT
cache-control: private
X-Firefox-Spdy: h2
itweepinbelltor.com/custom
200 OK 39 B URL HTTP/2 itweepinbelltor.com/custom
IP
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Content-Type: application/json
Origin: https://apkmody.io
Content-Length: 399
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7c18c71c0b138af78b33a6d2489dcea6
access-control-allow-origin: https://apkmody.io
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
200 OK 673 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP
Hash 8ce7329867f0536b7729fbd6a2cf1b7f
a8e342529196046ae4a6a1c73802c87c4ff2cf30
b9cf1477fa89568b0fc9314e7895c373e4cffdaa5983ddb2857304d8eeced522
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 17:48:52 GMT
date: Sat, 05 Nov 2022 17:48:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apkmody.io/cdn-cgi/rum?
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 742
Origin: https://apkmody.io
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670534.0.0.0; _ga=GA1.2.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1; prefetchAd_5101305=true; _gid=GA1.2.115380038.1667670529; _gat_gtag_UA_237085958_2=1; _ym_uid=1667670530276051436; _ym_d=1667670530; _ym_isad=2; __gads=ID=e3de7d35949f45a5-22fa5afb67ce00a7:T=1667670531:S=ALNI_MZORkSyWLxFNvVgSs2mtLaoVRZDWg; __gpi=UID=00000b7cd350a31d:T=1667670531:RT=1667670531:S=ALNI_MawqTf3HjJBoIJV0tDA3DYBdVkntg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Sat, 05 Nov 2022 17:48:56 GMT
access-control-allow-origin: https://apkmody.io
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 76576c54ce3cb529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
apkmody.io/
200 OK 0 B IP
GET / HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670527.0.0.0; _ga=GA1.2.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1; prefetchAd_5101305=true; _gid=GA1.2.115380038.1667670529; _gat_gtag_UA_237085958_2=1; _ym_uid=1667670530276051436; _ym_d=1667670530; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:51 GMT
content-type: text/html
cache-control: public, max-age=0, must-revalidate, stale-if-error=3600
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMe5EF16bpONrHeT3zb6VP7u5WK%2BpGQxa29vAbZuTMjx%2F%2FL%2BewKMwAUxONNK1XXHNM1z9bc5dP56vKkvEO0n97NHW9fr%2Ba87ue25zKLxvfDOWT0RROUCWjqPZzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c35d85bb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
apkmody.io/wp-content/themes/apkmody/assets/js/main.js?ver=317
200 OK 0 B URL HTTP/2 apkmody.io/wp-content/themes/apkmody/assets/js/main.js?ver=317
IP
GET /wp-content/themes/apkmody/assets/js/main.js?ver=317 HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/javascript
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
cf-bgj: minify
cf-polished: origSize=10146
content-security-policy: upgrade-insecure-requests
etag: W/"620e81d3-27a2"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RE9UtNPj8HgKoImYosYuMZjp8U%2B6l2h%2FvIovGfvfTfLEt6UVtm99FJXVccoVlZoOnO5STq0pCOd0jJozcVDnxuHbAE1t4Zo5lxF9%2FU6VJHICLgUP6PrqSHKYrbw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c250b23b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
optyruntchan.com/400/5098963
200 OK 0 B URL HTTP/2 optyruntchan.com/400/5098963
IP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /400/5098963 HTTP/1.1
Host: optyruntchan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/javascript
x-trace-id: 5708b7c452f9f6245ed071d522ba068d
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4440caecf88c47e69ca46503fecebc79; expires=Sun, 05 Nov 2023 17:48:49 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
apkmody.io/roms
200 OK 0 B IP
GET /roms HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Cookie: _ga_6S81MQ06NL=GS1.1.1667670527.1.0.1667670527.0.0.0; _ga=GA1.2.1913276957.1667670528; sensorsdata2015jssdkchannel=%7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D; sensorsdata2015jssdkcross=%7B%22audio_id%22%3A%22353070b103e53d0d08bee689889a0975-c505425-1310720%22%2C%22distinct_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMTg0NDhlOGNlYjU1NC0wNTk5ZTE4NGNmOWJmZC1jNTA1NDI1LTEzMTA3MjAtMTg0NDhlOGNlYjcyMmIifQ%3D%3D%22%2C%22installed_at%22%3A1667670527678%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218448e8ceb554-0599e184cf9bfd-c505425-1310720-18448e8ceb722b%22%7D; sajssdk_2015_cross_new_user=1; prefetchAd_5101305=true; _gid=GA1.2.115380038.1667670529; _gat_gtag_UA_237085958_2=1; _ym_uid=1667670530276051436; _ym_d=1667670530; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:51 GMT
content-type: text/html
cache-control: public, max-age=0, must-revalidate, stale-if-error=3600
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHKMUZyIS9eOjz6q54JbHq2BxylXQUdd6ZUs8M2WfmLnUmZIARpIXyhJAZEp4NBcO8UjzSkLR6nA29ThkPi9Z5Xr%2FltDON8TPVbkdz0B5dcQrS88zz9qbP9nmhw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c35d862b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
apkmody.io/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
200 OK 0 B URL HTTP/2 apkmody.io/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
IP
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.3 HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: text/css
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
content-security-policy: upgrade-insecure-requests
etag: W/"624d1441-145db"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqV8UwCsYNkg2052AyslRSvVuirtJxmwY5EIuBen6DOoUVOqvDEmjCAJsABFqwe%2Bp0b3p9rkLgT5I%2B2uf1iHuahse9gnIv8cMPVnrP0LJqdqgZZcpTki5%2BUFsIE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c24fafdb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
apkmody.io/ads02.js
200 OK 0 B IP
GET /ads02.js HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/javascript
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
cf-bgj: minify
cf-polished: origSize=63156
content-security-policy: upgrade-insecure-requests
etag: W/"62924f93-f6b4"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdRodiWgYDKs0%2FXqlfb77C%2BGy7HPNoXqKDjKfBwhk3KzOx%2BM0ioy93SxsvA9Hw%2BuoQLHfmMGMFTKr8jTjX3%2B%2BS1n%2FOfgukjM1gV9I5ndCJ5UJ%2B5nDzdvjzs%2F7II%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c251b30b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.402
200 OK 0 B URL HTTP/2 itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.402
IP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.402 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apkmody.io/
Origin: https://apkmody.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:02:53 GMT
etag: W/"63626a7d-180b9"
access-control-allow-origin: https://apkmody.io
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
1558334541.rsc.cdn77.org/nfs/20221104/etp.min.js
200 OK 0 B URL HTTP/2 1558334541.rsc.cdn77.org/nfs/20221104/etp.min.js
IP
ASN #60068 Datacamp Limited
GET /nfs/20221104/etp.min.js HTTP/1.1
Host: 1558334541.rsc.cdn77.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:48 GMT
content-type: application/javascript
x-amz-id-2: +i26Kd6G7GCVZ6upNES/GA7Eiu5BQFII8LdGRD/kIw2AI0mwJOJHhugZtbYsDDAnnL8cgAEkOic=
x-amz-request-id: VNTZQJM7ADJ3ZFHS
last-modified: Fri, 04 Nov 2022 09:06:29 GMT
etag: W/"e31d25c293439d89f2e1929de99b37ab"
x-accel-expires: @1668600219
server: CDN77-Turbo
x-77-nzt: AblMCQ0aAEf/ZaIBAA
x-77-nzt-ray: ffffffff63d7e51a00a26663c51fc433
x-cache: HIT
x-age: 107109
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://717e84e3f6c43ef5b70a2293881b606e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 17:48:52 GMT
date: Sat, 05 Nov 2022 17:48:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apkmody.io/ads01.js
200 OK 0 B IP
GET /ads01.js HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/games/a-dance-of-fire-ice/download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:49 GMT
content-type: application/javascript
cache-control: public, max-age=14400, must-revalidate, stale-if-error=3600
cf-bgj: minify
cf-polished: origSize=63195
content-security-policy: upgrade-insecure-requests
etag: W/"62924f12-f6db"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QU5hwjJmtI7PWtQ%2FuQJd0dSCryjr02UJ5JAApUBehsXfRM91tZREfMGylov0Tt4x94eTelAzqkz0fEReiGk6fx3dFOAhQcksHY6db54fXi7Ii9w8Dvi%2B1xcwvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c251b2eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
200 OK 0 B URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
IP
GET /rtv/012210191347000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apkmody.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61564
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:48:03 GMT
expires: Fri, 03 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
etag: "84cdcac007f64412"
content-type: text/javascript; charset=UTF-8
age: 158449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apkmody.io/games/a-dance-of-fire-ice/download
200 OK 0 B URL HTTP/2 apkmody.io/games/a-dance-of-fire-ice/download
IP
GET /games/a-dance-of-fire-ice/download HTTP/1.1
Host: apkmody.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 05 Nov 2022 17:48:48 GMT
content-type: text/html
cache-control: public, max-age=0, must-revalidate, stale-if-error=3600
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7YBToELl8GMb%2F5srGnaQ8yWghYoFxyxD5UDFncCDjOorc3g%2FKDGCe1MNd0iUm1iHjvSegGHOv2J5G6dXq8QrM6%2FnvcaRzamdQrUiorK9P0HZ7i3sB23x1VpkZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76576c1db882b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
104.26.4.179
93.158.134.119
172.255.6.135
139.45.197.239
104.21.84.149
23.36.76.226
43.134.152.57
47.246.44.205