r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12733
Expires: Mon, 05 Dec 2022 17:15:24 GMT
Date: Mon, 05 Dec 2022 13:43:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3700
Cache-Control: max-age=164988
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:11 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:32:59 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 13:18:29 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1482
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2948
Expires: Mon, 05 Dec 2022 14:32:19 GMT
Date: Mon, 05 Dec 2022 13:43:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RSBXaHuPQsl/v/bfvK+mas9njCPIDAIBYcPWg6RDrZ1X0eS2hbmVqAX/PhMQWwJN3guDN8c6vVk=
x-amz-request-id: YC66ER4BKST4XN9Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 12:47:59 GMT
age: 3312
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 13:43:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
coingectko.link/
64.225.91.73200 OK 329 B IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
GET / HTTP/1.1
Host: coingectko.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 05 Dec 2022 13:43:11 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4699
Cache-Control: max-age=115210
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:12 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 21:43:22 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://coingectko.link
Connection: keep-alive
Referer: http://coingectko.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 13:43:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15691496
expires: Sat, 25 Nov 2023 13:43:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtR3642W8plhKJ6o5a8DSrpbxp6Kd2UDCkNT7dsQbuo6AnXBHfAfXUsYPqpNhB7FMVTetPYZPIY%2BuMbTrL%2FGPg5dVYoTdJOh8LRgoHf8nUp1c0z6XVqYdypVNaMLtuIRUveE%2FHvP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774d359c1d7a0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4699
Cache-Control: max-age=115210
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:12 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 21:43:22 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 13:11:19 GMT
cache-control: public,max-age=3600
age: 1913
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 63368657b40e16bd85fbe8873b5c232b
8ff9a9745f402ae7d1b5ab6bee07dd38f0333d41
31dcd198f7e5c3445f5ba1191514bad6e46c82c099d2c321659442e04132ec0b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "31DCD198F7E5C3445F5BA1191514BAD6E46C82C099D2C321659442E04132EC0B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12823
Expires: Mon, 05 Dec 2022 17:16:55 GMT
Date: Mon, 05 Dec 2022 13:43:12 GMT
Connection: keep-alive
coingectko.link/favicon.ico
64.225.91.73200 OK 329 B URL HTTP/1.1 coingectko.link/favicon.ico
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
GET /favicon.ico HTTP/1.1
Host: coingectko.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coingectko.link/
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 05 Dec 2022 13:43:12 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3660
Cache-Control: max-age=159880
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:12 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:07:52 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
domaincntrol.com/?orighost=http://coingectko.link/
104.26.10.61200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://coingectko.link/
IP 104.26.10.61:0
File type ASCII text, with no line terminators
Hash 2ecf875e74b5002c5f3a53d98fb5a900
e2ba8cfefa46ad512e61bbf6261dfec31709e85f
9830dfc80bd3b59c75c721e5bed7b70cd91a4480c56b60608588d0dab5f55ac7
GET /?orighost=http://coingectko.link/ HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://coingectko.link
Connection: keep-alive
Referer: http://coingectko.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 13:43:12 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jwjX%2FDI8ncFdWZxFoGMtv4%2BDlFsJFEmlxfy7PKYlgWEJBiT%2Bamo3xiGlSc7RNGtNqEngT6Y2cX9pikm4jKiiU5DIeOitUBmCGseI7j2oopv601L7zy%2F66jAMKmRpvIgw4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774d359d7bf3b511-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RVwMim4dWxqSfKstbDpZRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tASWxtmPH8J278Pa/ggRXLrbGKQ=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13213
Expires: Mon, 05 Dec 2022 17:23:26 GMT
Date: Mon, 05 Dec 2022 13:43:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13213
Expires: Mon, 05 Dec 2022 17:23:26 GMT
Date: Mon, 05 Dec 2022 13:43:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S6Xknz1l6TuuYButc4p3tl4nIZi9YzV9IP6Bag4HNFC_hfbDeWXVCA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:47:06 GMT
age: 57367
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 57032
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vhtd0Bo5kTQySEn0vD_RJin0usoC7GQvK74fhVtrtZNEy64_vrWQNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 57447
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 57552
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PGz98Kv7xrcdfvzwMFbA9V206DdlXitB-Xk8dllnaLlk1QMhZZEs9Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:04 GMT
age: 56409
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 57025
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww2.coingectko.link/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (698)
Hash 38ccacdd80b863a0ad4d14df4caa7756
ae917f25abed0da22cbf58943e7075d5141465ba
cab02faf1d6e8f9c4871158a90d79b790d6eb6509425766100c7f5fcd1aecaa3
GET / HTTP/1.1
Host: ww2.coingectko.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coingectko.link/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Mon, 05 Dec 2022 13:43:14 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_Xo1dEqhgTa3jtOknFmUa6tim8SP9ulIRlgrdzFFMO0HxCWfNl751/TMMzBktySdaQZF12z/aVbjNnkuUOS5cCw==
last-modified: Mon, 05 Dec 2022 13:43:12 GMT
x-cache-miss-from: parking-d7dbd8c4d-4r7pb
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.coingectko.link/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 13:43:14 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Mon, 12 Dec 2022 13:43:14 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: f1c6a03948fc4c8148a39d4b91f6de18
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.coingectko.link/search/tsc.php?200=NDY3MjY0MDQ3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI0Nzc5NDZlNDQxOWY2ZTE5OWE5MmJlNzY3ODIxZjU5MzQzNWQy&crc=d130638c6f86e4f9ef6b437485d075ed5d6e8c9d&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.coingectko.link/search/tsc.php?200=NDY3MjY0MDQ3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI0Nzc5NDZlNDQxOWY2ZTE5OWE5MmJlNzY3ODIxZjU5MzQzNWQy&crc=d130638c6f86e4f9ef6b437485d075ed5d6e8c9d&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDY3MjY0MDQ3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI0Nzc5NDZlNDQxOWY2ZTE5OWE5MmJlNzY3ODIxZjU5MzQzNWQy&crc=d130638c6f86e4f9ef6b437485d075ed5d6e8c9d&cv=1 HTTP/1.1
Host: ww2.coingectko.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.coingectko.link/
HTTP/1.1 200 OK
date: Mon, 05 Dec 2022 13:43:14 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-94z7l
server: NginX
ww2.coingectko.link/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DbEoIygqo4YU_0&v=NzkwMTIzMmUwNTE0OWY1ZjJhM2NhNWZlYTY5YWJlYmYJMQl3dzIuY29pbmdlY3Rrby5saW5rNjM4ZGY1NzBlYzhhMzcuOTMyNDk4MTUJd3cyLmNvaW5nZWN0a28ubGluazYzOGRmNTcwZWM4ZWE2LjgwNzg4OTg2CTE2NzAyNDc3OTQJYWRfNjNfMA==&l=OAk5NWVlMjJkNjAxN2UzOGY3Y2E2NTE5MzJjMzAzZjFhNAkwCTM1CTAJNDQ3ZjI4Mzc3ZmJiYzRiYWY1ZTViY2U4ZTEwOGRiMDYJNDY3MjY0MDQ3CWNvaW5nZWN0a28JMAk2Mwk2CTIJMTY3MDI0Nzc5NAkzLjBFLTYJTgkwCTEJMTUxMgkxMjA1CTQ1NTA0OTM1NQk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.coingectko.link/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DbEoIygqo4YU_0&v=NzkwMTIzMmUwNTE0OWY1ZjJhM2NhNWZlYTY5YWJlYmYJMQl3dzIuY29pbmdlY3Rrby5saW5rNjM4ZGY1NzBlYzhhMzcuOTMyNDk4MTUJd3cyLmNvaW5nZWN0a28ubGluazYzOGRmNTcwZWM4ZWE2LjgwNzg4OTg2CTE2NzAyNDc3OTQJYWRfNjNfMA==&l=OAk5NWVlMjJkNjAxN2UzOGY3Y2E2NTE5MzJjMzAzZjFhNAkwCTM1CTAJNDQ3ZjI4Mzc3ZmJiYzRiYWY1ZTViY2U4ZTEwOGRiMDYJNDY3MjY0MDQ3CWNvaW5nZWN0a28JMAk2Mwk2CTIJMTY3MDI0Nzc5NAkzLjBFLTYJTgkwCTEJMTUxMgkxMjA1CTQ1NTA0OTM1NQk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DbEoIygqo4YU_0&v=NzkwMTIzMmUwNTE0OWY1ZjJhM2NhNWZlYTY5YWJlYmYJMQl3dzIuY29pbmdlY3Rrby5saW5rNjM4ZGY1NzBlYzhhMzcuOTMyNDk4MTUJd3cyLmNvaW5nZWN0a28ubGluazYzOGRmNTcwZWM4ZWE2LjgwNzg4OTg2CTE2NzAyNDc3OTQJYWRfNjNfMA==&l=OAk5NWVlMjJkNjAxN2UzOGY3Y2E2NTE5MzJjMzAzZjFhNAkwCTM1CTAJNDQ3ZjI4Mzc3ZmJiYzRiYWY1ZTViY2U4ZTEwOGRiMDYJNDY3MjY0MDQ3CWNvaW5nZWN0a28JMAk2Mwk2CTIJMTY3MDI0Nzc5NAkzLjBFLTYJTgkwCTEJMTUxMgkxMjA1CTQ1NTA0OTM1NQk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww2.coingectko.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.coingectko.link/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Mon, 05 Dec 2022 13:43:14 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 05 Dec 2022 13:43:14 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DbEoIygqo4YU_0&v=NzkwMTIzMmUwNTE0OWY1ZjJhM2NhNWZlYTY5YWJlYmYJMQl3dzIuY29pbmdlY3Rrby5saW5rNjM4ZGY1NzBlYzhhMzcuOTMyNDk4MTUJd3cyLmNvaW5nZWN0a28ubGluazYzOGRmNTcwZWM4ZWE2LjgwNzg4OTg2CTE2NzAyNDc3OTQJYWRfNjNfMA==&l=OAk5NWVlMjJkNjAxN2UzOGY3Y2E2NTE5MzJjMzAzZjFhNAkwCTM1CTAJNDQ3ZjI4Mzc3ZmJiYzRiYWY1ZTViY2U4ZTEwOGRiMDYJNDY3MjY0MDQ3CWNvaW5nZWN0a28JMAk2Mwk2CTIJMTY3MDI0Nzc5NAkzLjBFLTYJTgkwCTEJMTUxMgkxMjA1CTQ1NTA0OTM1NQk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-d7dbd8c4d-5wc8k
server: NginX
ww2.coingectko.link/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DbEoIygqo4YU_0&v=NzkwMTIzMmUwNTE0OWY1ZjJhM2NhNWZlYTY5YWJlYmYJMQl3dzIuY29pbmdlY3Rrby5saW5rNjM4ZGY1NzBlYzhhMzcuOTMyNDk4MTUJd3cyLmNvaW5nZWN0a28ubGluazYzOGRmNTcwZWM4ZWE2LjgwNzg4OTg2CTE2NzAyNDc3OTQJYWRfNjNfMA==&l=OAk5NWVlMjJkNjAxN2UzOGY3Y2E2NTE5MzJjMzAzZjFhNAkwCTM1CTAJNDQ3ZjI4Mzc3ZmJiYzRiYWY1ZTViY2U4ZTEwOGRiMDYJNDY3MjY0MDQ3CWNvaW5nZWN0a28JMAk2Mwk2CTIJMTY3MDI0Nzc5NAkzLjBFLTYJTgkwCTEJMTUxMgkxMjA1CTQ1NTA0OTM1NQk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.coingectko.link/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DbEoIygqo4YU_0&v=NzkwMTIzMmUwNTE0OWY1ZjJhM2NhNWZlYTY5YWJlYmYJMQl3dzIuY29pbmdlY3Rrby5saW5rNjM4ZGY1NzBlYzhhMzcuOTMyNDk4MTUJd3cyLmNvaW5nZWN0a28ubGluazYzOGRmNTcwZWM4ZWE2LjgwNzg4OTg2CTE2NzAyNDc3OTQJYWRfNjNfMA==&l=OAk5NWVlMjJkNjAxN2UzOGY3Y2E2NTE5MzJjMzAzZjFhNAkwCTM1CTAJNDQ3ZjI4Mzc3ZmJiYzRiYWY1ZTViY2U4ZTEwOGRiMDYJNDY3MjY0MDQ3CWNvaW5nZWN0a28JMAk2Mwk2CTIJMTY3MDI0Nzc5NAkzLjBFLTYJTgkwCTEJMTUxMgkxMjA1CTQ1NTA0OTM1NQk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae971a308b2498e06a976188bdb1b476
cddac59016e0894b29785309d0c4d0bd12709a2b
507358465b7419cc847854b489be30711d3f68d3c27b1db9b0e63b7268106811
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DbEoIygqo4YU_0&v=NzkwMTIzMmUwNTE0OWY1ZjJhM2NhNWZlYTY5YWJlYmYJMQl3dzIuY29pbmdlY3Rrby5saW5rNjM4ZGY1NzBlYzhhMzcuOTMyNDk4MTUJd3cyLmNvaW5nZWN0a28ubGluazYzOGRmNTcwZWM4ZWE2LjgwNzg4OTg2CTE2NzAyNDc3OTQJYWRfNjNfMA==&l=OAk5NWVlMjJkNjAxN2UzOGY3Y2E2NTE5MzJjMzAzZjFhNAkwCTM1CTAJNDQ3ZjI4Mzc3ZmJiYzRiYWY1ZTViY2U4ZTEwOGRiMDYJNDY3MjY0MDQ3CWNvaW5nZWN0a28JMAk2Mwk2CTIJMTY3MDI0Nzc5NAkzLjBFLTYJTgkwCTEJMTUxMgkxMjA1CTQ1NTA0OTM1NQk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww2.coingectko.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.coingectko.link/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Mon, 05 Dec 2022 13:43:14 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 05 Dec 2022 13:43:14 GMT
location: http://xml.sedodna.com/click?i=bEoIygqo4YU_0
x-cache-miss-from: parking-d7dbd8c4d-hwmjh
server: NginX
xml.sedodna.com/click?i=bEoIygqo4YU_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=bEoIygqo4YU_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=bEoIygqo4YU_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.coingectko.link/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3iaM8vcO7TGAHfPzQVlwuBYHmWI9hZs88UikvoYCUj_N0gxNlD_jCD3gu3kt0ZVNW72p6trG1bUHdax0-2S_K4DRaOmtyl4LVXAGC3QtvjdX9sWyMTuzZ-kW1pnsQyT_q0B9u3YDfh4zyoJD0fYHXBypKI-DbFu-1csTTaD0-h_0E3LUaI3s7tNN3uF_ThBr-rNDIw8BR8R-FpguNAUyM2P4Cz4bU_705vi_mVyDxfl5yD18eChTVeX__hAxe43LtX4djmZXzL3NMUE-BiDZVUTlqqy7S_9-oyTbfwL3edAIoWqwxdUK_6ujizSWIpWnq8pnpgXpqlkwRI2WgKxK0FYrzcIi6-mOzY-N1OOmh4vbZ6i76kgXWE0fiBjLbv307iw0v3HLRhEn4zyLKoxzZ5qLVGWe1-c4CfEZ0H7M7OFpI7oabq9IyUh3VrtHhRoSRrqcCN-gkeCPAM05XHWQN6nz_Ey9kNvFxEX71CoARLsJVySuV5bZrLM4RMFsW_VZkLQDEQd1felRkOuHS8uJIbOLeB4CMH7ROTBENSMYjcUQ0bB2K52XJyVIWtW7gRSA5ZyHSD3frrXtMsmvoBtXiKn40A_mlPaSu10OKnKEISXx3edVjZrPsrBOpqwYzJYVN94CWg2glAJzTtwBN5w-bqijWFhLVR9S9ku3DYOgJXA_BqRzgpZpEp4Pm5DN38EhnbsoEk2DIp6d6ZTJk1fseIedozOvh8r9KlsereocjznpE44DY7LZQawDi-Dmm-Pmxb1eqMIUbDl1YbaOJAe_n5rZ0xcQPqn3C5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEF7lvgOr3qBPxLVtKHwT29XyG96y3w1nN_2_xqZNQ46nMLiGuSuVqhPO53HpcEDf1dVwyZHuj1fkLdyo0aNZ6nw2bIALYxQ7RLnvGc6fosrkVKnT0A-BJTcHcp3Z28kRPKMTqbZCz7b5ZFIMePuei79OaV-hQSD6Gz0lQBDl9rTwP5G2oPQOEnCCSCeSdYsm3hVWXt8sS_6mcEOvsMUDPKjQcT8q25-Wg5jDCok9YMrJBlMROmSa85jnEZ6IwUEyXHmE4sOPiJNeNBzFkJ5YEeiI-0zYGQJvomDW_olsHQNA
Pragma: no-cache
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8cff693ee9c762244ede97dd8fcd747a
502f6f4bf0484b95b1a1339077d6fd9df5aced9e
99e344ff76e45b61c748a61cd60c67aff303ffc62e6e5a1e679f59d66c0a15da
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 13:43:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 19:25:46 GMT
Expires: Sun, 11 Dec 2022 19:25:45 GMT
Etag: "502f6f4bf0484b95b1a1339077d6fd9df5aced9e"
Cache-Control: max-age=538350,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774d35ad2bb21c0e-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3iaM8vcO7TGAHfPzQVlwuBYHmWI9hZs88UikvoYCUj_N0gxNlD_jCD3gu3kt0ZVNW72p6trG1bUHdax0-2S_K4DRaOmtyl4LVXAGC3QtvjdX9sWyMTuzZ-kW1pnsQyT_q0B9u3YDfh4zyoJD0fYHXBypKI-DbFu-1csTTaD0-h_0E3LUaI3s7tNN3uF_ThBr-rNDIw8BR8R-FpguNAUyM2P4Cz4bU_705vi_mVyDxfl5yD18eChTVeX__hAxe43LtX4djmZXzL3NMUE-BiDZVUTlqqy7S_9-oyTbfwL3edAIoWqwxdUK_6ujizSWIpWnq8pnpgXpqlkwRI2WgKxK0FYrzcIi6-mOzY-N1OOmh4vbZ6i76kgXWE0fiBjLbv307iw0v3HLRhEn4zyLKoxzZ5qLVGWe1-c4CfEZ0H7M7OFpI7oabq9IyUh3VrtHhRoSRrqcCN-gkeCPAM05XHWQN6nz_Ey9kNvFxEX71CoARLsJVySuV5bZrLM4RMFsW_VZkLQDEQd1felRkOuHS8uJIbOLeB4CMH7ROTBENSMYjcUQ0bB2K52XJyVIWtW7gRSA5ZyHSD3frrXtMsmvoBtXiKn40A_mlPaSu10OKnKEISXx3edVjZrPsrBOpqwYzJYVN94CWg2glAJzTtwBN5w-bqijWFhLVR9S9ku3DYOgJXA_BqRzgpZpEp4Pm5DN38EhnbsoEk2DIp6d6ZTJk1fseIedozOvh8r9KlsereocjznpE44DY7LZQawDi-Dmm-Pmxb1eqMIUbDl1YbaOJAe_n5rZ0xcQPqn3C5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEF7lvgOr3qBPxLVtKHwT29XyG96y3w1nN_2_xqZNQ46nMLiGuSuVqhPO53HpcEDf1dVwyZHuj1fkLdyo0aNZ6nw2bIALYxQ7RLnvGc6fosrkVKnT0A-BJTcHcp3Z28kRPKMTqbZCz7b5ZFIMePuei79OaV-hQSD6Gz0lQBDl9rTwP5G2oPQOEnCCSCeSdYsm3hVWXt8sS_6mcEOvsMUDPKjQcT8q25-Wg5jDCok9YMrJBlMROmSa85jnEZ6IwUEyXHmE4sOPiJNeNBzFkJ5YEeiI-0zYGQJvomDW_olsHQNA
108.168.193.189302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3iaM8vcO7TGAHfPzQVlwuBYHmWI9hZs88UikvoYCUj_N0gxNlD_jCD3gu3kt0ZVNW72p6trG1bUHdax0-2S_K4DRaOmtyl4LVXAGC3QtvjdX9sWyMTuzZ-kW1pnsQyT_q0B9u3YDfh4zyoJD0fYHXBypKI-DbFu-1csTTaD0-h_0E3LUaI3s7tNN3uF_ThBr-rNDIw8BR8R-FpguNAUyM2P4Cz4bU_705vi_mVyDxfl5yD18eChTVeX__hAxe43LtX4djmZXzL3NMUE-BiDZVUTlqqy7S_9-oyTbfwL3edAIoWqwxdUK_6ujizSWIpWnq8pnpgXpqlkwRI2WgKxK0FYrzcIi6-mOzY-N1OOmh4vbZ6i76kgXWE0fiBjLbv307iw0v3HLRhEn4zyLKoxzZ5qLVGWe1-c4CfEZ0H7M7OFpI7oabq9IyUh3VrtHhRoSRrqcCN-gkeCPAM05XHWQN6nz_Ey9kNvFxEX71CoARLsJVySuV5bZrLM4RMFsW_VZkLQDEQd1felRkOuHS8uJIbOLeB4CMH7ROTBENSMYjcUQ0bB2K52XJyVIWtW7gRSA5ZyHSD3frrXtMsmvoBtXiKn40A_mlPaSu10OKnKEISXx3edVjZrPsrBOpqwYzJYVN94CWg2glAJzTtwBN5w-bqijWFhLVR9S9ku3DYOgJXA_BqRzgpZpEp4Pm5DN38EhnbsoEk2DIp6d6ZTJk1fseIedozOvh8r9KlsereocjznpE44DY7LZQawDi-Dmm-Pmxb1eqMIUbDl1YbaOJAe_n5rZ0xcQPqn3C5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEF7lvgOr3qBPxLVtKHwT29XyG96y3w1nN_2_xqZNQ46nMLiGuSuVqhPO53HpcEDf1dVwyZHuj1fkLdyo0aNZ6nw2bIALYxQ7RLnvGc6fosrkVKnT0A-BJTcHcp3Z28kRPKMTqbZCz7b5ZFIMePuei79OaV-hQSD6Gz0lQBDl9rTwP5G2oPQOEnCCSCeSdYsm3hVWXt8sS_6mcEOvsMUDPKjQcT8q25-Wg5jDCok9YMrJBlMROmSa85jnEZ6IwUEyXHmE4sOPiJNeNBzFkJ5YEeiI-0zYGQJvomDW_olsHQNA
IP 108.168.193.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3iaM8vcO7TGAHfPzQVlwuBYHmWI9hZs88UikvoYCUj_N0gxNlD_jCD3gu3kt0ZVNW72p6trG1bUHdax0-2S_K4DRaOmtyl4LVXAGC3QtvjdX9sWyMTuzZ-kW1pnsQyT_q0B9u3YDfh4zyoJD0fYHXBypKI-DbFu-1csTTaD0-h_0E3LUaI3s7tNN3uF_ThBr-rNDIw8BR8R-FpguNAUyM2P4Cz4bU_705vi_mVyDxfl5yD18eChTVeX__hAxe43LtX4djmZXzL3NMUE-BiDZVUTlqqy7S_9-oyTbfwL3edAIoWqwxdUK_6ujizSWIpWnq8pnpgXpqlkwRI2WgKxK0FYrzcIi6-mOzY-N1OOmh4vbZ6i76kgXWE0fiBjLbv307iw0v3HLRhEn4zyLKoxzZ5qLVGWe1-c4CfEZ0H7M7OFpI7oabq9IyUh3VrtHhRoSRrqcCN-gkeCPAM05XHWQN6nz_Ey9kNvFxEX71CoARLsJVySuV5bZrLM4RMFsW_VZkLQDEQd1felRkOuHS8uJIbOLeB4CMH7ROTBENSMYjcUQ0bB2K52XJyVIWtW7gRSA5ZyHSD3frrXtMsmvoBtXiKn40A_mlPaSu10OKnKEISXx3edVjZrPsrBOpqwYzJYVN94CWg2glAJzTtwBN5w-bqijWFhLVR9S9ku3DYOgJXA_BqRzgpZpEp4Pm5DN38EhnbsoEk2DIp6d6ZTJk1fseIedozOvh8r9KlsereocjznpE44DY7LZQawDi-Dmm-Pmxb1eqMIUbDl1YbaOJAe_n5rZ0xcQPqn3C5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEF7lvgOr3qBPxLVtKHwT29XyG96y3w1nN_2_xqZNQ46nMLiGuSuVqhPO53HpcEDf1dVwyZHuj1fkLdyo0aNZ6nw2bIALYxQ7RLnvGc6fosrkVKnT0A-BJTcHcp3Z28kRPKMTqbZCz7b5ZFIMePuei79OaV-hQSD6Gz0lQBDl9rTwP5G2oPQOEnCCSCeSdYsm3hVWXt8sS_6mcEOvsMUDPKjQcT8q25-Wg5jDCok9YMrJBlMROmSa85jnEZ6IwUEyXHmE4sOPiJNeNBzFkJ5YEeiI-0zYGQJvomDW_olsHQNA HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.coingectko.link/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 13:43:15 GMT
content-length: 0
set-cookie: rhid=82496818815; Max-Age=15552000; Expires=Sat, 03-Jun-2023 13:43:15 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p201298.mybettermb.com/adServe/domainClick?ai=GNWsBy0vmeV3SgYApG4dlZBlMROmSa85_kuyScjQABjukb2ILiDQgov3fcI8Lio897Squl9kZ5cTXnLPvbyStX_9b8ky2I1bKC7gQCEt6FVlqf_64l0Z6hpyy_YN0YQtpLSZmparWHUWhkDLXhAjioXNA2XK8eAo7Ua-zviJPjIJbewQCztnWWcEOvsMUDPK5_H40kUxRcwPAe_L4WAxrcur1MupdU305qQ7wjNu-SROVT6CPUt7Gmtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukMqq2cwoK13HYCud4bxpv8Az4sHEhapOkJdTVKt5Fs0HyX2ZvXfBVRRiB1Mrdh0szmMtgeh3kKdmQ&si=1&oref=e38442cf92656bd5c034e07604db63cc&optunit=FoZAy14QI4pLe3XAjPZE6g&rb=2Vb288azLYM&rr=1&abtg=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 37a0b7bbb2cf3092827eafcc4ad7b73e
c9b55cc3b6459fd8977413389416085c74fb1b1c
e8be622c22e3974eed4c40fb70ca2a1e204c6ab2ea379e81cf5d361cf68d49ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8BE622C22E3974EED4C40FB70CA2A1E204C6AB2EA379E81CF5D361CF68D49EA"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Mon, 05 Dec 2022 15:15:28 GMT
Date: Mon, 05 Dec 2022 13:43:15 GMT
Connection: keep-alive
go.proffering.xyz/15GQdy?zoneid=444356517&keyword=coingectko&cost=0.0006
20.113.188.243302 Found 244 B URL HTTP/1.1 go.proffering.xyz/15GQdy?zoneid=444356517&keyword=coingectko&cost=0.0006
IP 20.113.188.243:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with no line terminators
Hash a5e89b8f339ec34cde504d16034bc65c
66420b64783cce0440e44210abc257200629afb4
1a3a907cf58c3920401e1fc19a5fdb68292cada530363830266beb4ce84c9a8f
GET /15GQdy?zoneid=444356517&keyword=coingectko&cost=0.0006 HTTP/1.1
Host: go.proffering.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Mon, 05 Dec 2022 13:43:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 244
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GQdyo=20221205161670248351916; domain=.go.proffering.xyz; path=/;expires=Tue, 06 Dec 2022 13:43:15 GMT; httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GQdy; domain=.go.proffering.xyz; path=/;expires=Tue, 06 Dec 2022 13:43:15 GMT; httpOnly=true;SameSite=None; Secure;
peerclickcid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205; domain=.go.proffering.xyz; path=/;expires=Tue, 06 Dec 2022 13:43:15 GMT; httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.go.proffering.xyz; path=/;expires=Tue, 06 Dec 2022 13:43:15 GMT; httpOnly=true;SameSite=None; Secure;
Location: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Vary: Accept
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 972127254884606467bdd70d6ee5d4d3
c04b79f89d5252b9effd5347e28a0c81a8e1b97d
26234ed2b2a58b5117f5aef06abf45f4786336dec3d1e753b5d6226274ba769f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26234ED2B2A58B5117F5AEF06ABF45F4786336DEC3D1E753B5D6226274BA769F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1216
Expires: Mon, 05 Dec 2022 14:03:32 GMT
Date: Mon, 05 Dec 2022 13:43:16 GMT
Connection: keep-alive
girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
194.87.208.70200 OK 7.2 kB URL HTTP/1.1 girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
IP 194.87.208.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators
Hash c0cc0c62eff7d8f6d869a7127800c547
0c260d78e8a598b71c0494b0e25f1d04405cae51
d9e52bc13f5d239c139a77eb1471b090735e7c791282667f9c6f5ee7c9c9ffdc
Analyzer Verdict Alert quad9 Sinkholed
GET /?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205 HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:16 GMT
Content-Type: text/html
Content-Length: 7215
Connection: keep-alive
set-cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2; path=/
cache-control: private, no-transform
girlstaste.life/cookie/js.cookie.js
194.87.208.70200 OK 4.3 kB URL HTTP/1.1 girlstaste.life/cookie/js.cookie.js
IP 194.87.208.70:0
File type ASCII text, with very long lines (1709), with CRLF line terminators
Hash a7e9883924072f15259de6888d5ef515
7f4f6e5938e68f55aef81e0cd0145f008cd28382
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /cookie/js.cookie.js HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:17 GMT
Content-Type: application/javascript
Content-Length: 4264
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a7e9883924072f15259de6888d5ef515"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE8C26B581595
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:17 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlstaste.life/util/utils.js
194.87.208.70200 OK 7.5 kB URL HTTP/1.1 girlstaste.life/util/utils.js
IP 194.87.208.70:0
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash 01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /util/utils.js HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:17 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE8C2CCAC7102
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:17 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlstaste.life/media/exit-new/exit1.js
194.87.208.70200 OK 3.5 kB URL HTTP/1.1 girlstaste.life/media/exit-new/exit1.js
IP 194.87.208.70:0
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash 625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /media/exit-new/exit1.js HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:17 GMT
Content-Type: application/javascript
Content-Length: 3473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Wed, 31 Aug 2022 09:34:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE8BED52359F6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:17 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlstaste.life/media/dating/toon2/js/jquery-2.2.4.min.js
194.87.208.70200 OK 86 kB URL HTTP/1.1 girlstaste.life/media/dating/toon2/js/jquery-2.2.4.min.js
IP 194.87.208.70:0
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /media/dating/toon2/js/jquery-2.2.4.min.js HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:17 GMT
Content-Type: application/javascript
Content-Length: 85578
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2f6b11a7e914718e0290410e85366fe9"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE90C85646817
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:17 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlstaste.life/media/bb.js
194.87.208.70200 OK 639 B URL HTTP/1.1 girlstaste.life/media/bb.js
IP 194.87.208.70:0
File type ASCII text, with very long lines (639), with no line terminators
Hash 0d553e4bac91c74bfee2dbabba61e99e
5af71e2377c9c012a7826a695f2724901941b19b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /media/bb.js HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:17 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE8C4EAC947D0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:17 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlstaste.life/media/dating/toon2/css/style.css
194.87.208.70200 OK 8.6 kB URL HTTP/1.1 girlstaste.life/media/dating/toon2/css/style.css
IP 194.87.208.70:0
File type ASCII text, with CRLF line terminators
Hash 549edaff59c582a6a3ca91f95c60ea71
a9edcba7d667efcfd812bcd413ccbdcb2b67cc88
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da
Analyzer Verdict Alert quad9 Sinkholed
GET /media/dating/toon2/css/style.css HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:17 GMT
Content-Type: text/css
Content-Length: 8608
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "549edaff59c582a6a3ca91f95c60ea71"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE8475D122AEB
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:17 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
girlstaste.life/media/dating/toon2/css/animate.min.css
194.87.208.70200 OK 53 kB URL HTTP/1.1 girlstaste.life/media/dating/toon2/css/animate.min.css
IP 194.87.208.70:0
File type ASCII text, with very long lines (52592)
Hash 178b651958ceff556cbc5f355e08bbf1
97afa151569f046b2e01f27c1871646e9cd87caf
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Analyzer Verdict Alert quad9 Sinkholed
GET /media/dating/toon2/css/animate.min.css HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:16 GMT
Content-Type: text/css
Content-Length: 52789
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "178b651958ceff556cbc5f355e08bbf1"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE846BC79E21F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:16 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://girlstaste.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 350036
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://girlstaste.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 505930
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 13:43:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
girlstaste.life/favicon.ico
194.87.208.70204 No Content 0 B URL HTTP/1.1 girlstaste.life/favicon.ico
IP 194.87.208.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 05 Dec 2022 13:43:18 GMT
Connection: keep-alive
Cache-Control: no-transform
p201298.mybettermb.com/adServe/domainClick?ai=GNWsBy0vmeV3SgYApG4dlZBlMROmSa85_kuyScjQABjukb2ILiDQgov3fcI8Lio897Squl9kZ5cTXnLPvbyStX_9b8ky2I1bKC7gQCEt6FVlqf_64l0Z6hpyy_YN0YQtpLSZmparWHUWhkDLXhAjioXNA2XK8eAo7Ua-zviJPjIJbewQCztnWWcEOvsMUDPK5_H40kUxRcwPAe_L4WAxrcur1MupdU305qQ7wjNu-SROVT6CPUt7Gmtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukMqq2cwoK13HYCud4bxpv8Az4sHEhapOkJdTVKt5Fs0HyX2ZvXfBVRRiB1Mrdh0szmMtgeh3kKdmQ&si=1&oref=e38442cf92656bd5c034e07604db63cc&optunit=FoZAy14QI4pLe3XAjPZE6g&rb=2Vb288azLYM&rr=1&abtg=0
108.168.193.189200 OK 0 B URL HTTP/2 p201298.mybettermb.com/adServe/domainClick?ai=GNWsBy0vmeV3SgYApG4dlZBlMROmSa85_kuyScjQABjukb2ILiDQgov3fcI8Lio897Squl9kZ5cTXnLPvbyStX_9b8ky2I1bKC7gQCEt6FVlqf_64l0Z6hpyy_YN0YQtpLSZmparWHUWhkDLXhAjioXNA2XK8eAo7Ua-zviJPjIJbewQCztnWWcEOvsMUDPK5_H40kUxRcwPAe_L4WAxrcur1MupdU305qQ7wjNu-SROVT6CPUt7Gmtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukMqq2cwoK13HYCud4bxpv8Az4sHEhapOkJdTVKt5Fs0HyX2ZvXfBVRRiB1Mrdh0szmMtgeh3kKdmQ&si=1&oref=e38442cf92656bd5c034e07604db63cc&optunit=FoZAy14QI4pLe3XAjPZE6g&rb=2Vb288azLYM&rr=1&abtg=0
IP 108.168.193.189:0
GET /adServe/domainClick?ai=GNWsBy0vmeV3SgYApG4dlZBlMROmSa85_kuyScjQABjukb2ILiDQgov3fcI8Lio897Squl9kZ5cTXnLPvbyStX_9b8ky2I1bKC7gQCEt6FVlqf_64l0Z6hpyy_YN0YQtpLSZmparWHUWhkDLXhAjioXNA2XK8eAo7Ua-zviJPjIJbewQCztnWWcEOvsMUDPK5_H40kUxRcwPAe_L4WAxrcur1MupdU305qQ7wjNu-SROVT6CPUt7Gmtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufotEUrL_rQMw&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukMqq2cwoK13HYCud4bxpv8Az4sHEhapOkJdTVKt5Fs0HyX2ZvXfBVRRiB1Mrdh0szmMtgeh3kKdmQ&si=1&oref=e38442cf92656bd5c034e07604db63cc&optunit=FoZAy14QI4pLe3XAjPZE6g&rb=2Vb288azLYM&rr=1&abtg=0 HTTP/1.1
Host: p201298.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.coingectko.link/
Connection: keep-alive
Cookie: rhid=82496818815
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 13:43:15 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
set-cookie: rhid=82496818815; Max-Age=15552000; Expires=Sat, 03-Jun-2023 13:43:15 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_1339077_off_782179_aff_12652_cid_201298-COINGECTKO.LINK_ts_1670247795; Max-Age=3600; Expires=Mon, 05-Dec-2022 14:43:15 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2
girlstaste.life/media/dating/toon2/images/123.jpg
194.87.208.70200 OK 0 B URL HTTP/1.1 girlstaste.life/media/dating/toon2/images/123.jpg
IP 194.87.208.70:0
Analyzer Verdict Alert quad9 Sinkholed
GET /media/dating/toon2/images/123.jpg HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/?u=7pfk605&o=e9ym176&cid=dc2e3600740a0b8a38dbe5e587c89380-11246-1205
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:18 GMT
Content-Type: image/jpeg
Content-Length: 179176
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a2d245e1c43c61ca34bea001510dd6d9"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE980AA5CA4C8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:18 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
IP 142.250.74.106:0
GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 13:43:17 GMT
date: Mon, 05 Dec 2022 13:43:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
girlstaste.life/media/dating/toon2/images/bg.jpg
194.87.208.70200 OK 0 B URL HTTP/1.1 girlstaste.life/media/dating/toon2/images/bg.jpg
IP 194.87.208.70:0
Analyzer Verdict Alert quad9 Sinkholed
GET /media/dating/toon2/images/bg.jpg HTTP/1.1
Host: girlstaste.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlstaste.life/media/dating/toon2/css/style.css
Cookie: sid=t2~u2tnd3msg4bfoongop4v2oo2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 13:43:18 GMT
Content-Type: image/jpeg
Content-Length: 119754
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "842a5629f17ec8342230aa12ea32291a"
Last-Modified: Wed, 31 Aug 2022 09:34:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172DE81D2B3E8D64
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 05 Dec 2023 13:43:18 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes