viagratrial.com/
302 Moved Temporarily 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: viagratrial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Mon, 28 Nov 2022 22:25:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: http://mc-amzay.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuycBmQwiqlKpHWdqW0bXI76TU5YuHs3jm6Wue%2BI9p1LBAc0OvXCyv%2FwWEwcor6FURxx2OORoNpG3AwdcbIHl1s3HlJ5lCvirX8VPBm0SQ5yjslHuMEh5%2FlLlJXRoqM9tFo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77168596ec97b4e8-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2652
Expires: Mon, 28 Nov 2022 23:10:03 GMT
Date: Mon, 28 Nov 2022 22:25:51 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6454
Cache-Control: max-age=136384
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:51 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:18:55 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 22:17:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 481
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11033
Expires: Tue, 29 Nov 2022 01:29:44 GMT
Date: Mon, 28 Nov 2022 22:25:51 GMT
Connection: keep-alive
mc-amzay.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: mc-amzay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 22:25:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 28 Nov 2022 23:25:51 GMT
Location: https://rwbc.net/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jm4i0rj6hU1cVgrFxrMvDGpEVIHdBOLFOjdQcDw%2Bx8Z%2BlihkmnefplNX%2BUWiK7RghC6zsU3v8YEc%2BtcV6C%2FFqmzrJPphE%2FZkIJ9nHvg53sMteMi5RBtUWgqT9KbOasM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77168598b98eb512-OSL
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: n07WaqCPmdwB6sm7urvtgsI2qkme81DL4jtOmcLQ9u9SK0PFbzF2vl7ry6LcMnvt3BpsNGO1fAk=
x-amz-request-id: ADRRHB7C4NTBVRX5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 21:42:14 GMT
age: 2617
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:25:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash d241aa8fe04970ee131a5f6e556a40fb
6a57e900e32ec10730fec8a08c40feb62b480c02
95d6c4a94da2ce558d13eb0b7d92c8ae219ec6bcae6aa3d348315b5cbf1dd7d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "95D6C4A94DA2CE558D13EB0B7D92C8AE219EC6BCAE6AA3D348315B5CBF1DD7D2"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Tue, 29 Nov 2022 04:24:52 GMT
Date: Mon, 28 Nov 2022 22:25:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 22:11:12 GMT
cache-control: public,max-age=3600
age: 879
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 637
Cache-Control: max-age=125500
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:17:32 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p1dv3vqCN7sUY5L9qxHl6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f36yR8ldliiWbXfjwnUm7dgUu8Y=
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash d241aa8fe04970ee131a5f6e556a40fb
6a57e900e32ec10730fec8a08c40feb62b480c02
95d6c4a94da2ce558d13eb0b7d92c8ae219ec6bcae6aa3d348315b5cbf1dd7d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "95D6C4A94DA2CE558D13EB0B7D92C8AE219EC6BCAE6AA3D348315B5CBF1DD7D2"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21540
Expires: Tue, 29 Nov 2022 04:24:52 GMT
Date: Mon, 28 Nov 2022 22:25:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
IP
Hash 12363bfae7d16dd60695ca366925df93
4f9d7554912b2e02c72ae6aca92d604e63b7e204
c30309f58893802410eaddabed9b3446f8de8c727a9e60071f0c7f4adbe03bd6
POST /s/gts1p5/-EKONp9p_ms HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
IP
Hash 12363bfae7d16dd60695ca366925df93
4f9d7554912b2e02c72ae6aca92d604e63b7e204
c30309f58893802410eaddabed9b3446f8de8c727a9e60071f0c7f4adbe03bd6
POST /s/gts1p5/-EKONp9p_ms HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
IP
Hash 12363bfae7d16dd60695ca366925df93
4f9d7554912b2e02c72ae6aca92d604e63b7e204
c30309f58893802410eaddabed9b3446f8de8c727a9e60071f0c7f4adbe03bd6
POST /s/gts1p5/-EKONp9p_ms HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sportframe1.cc/imgs/300trend.webp
302 Moved Temporarily 0 B URL HTTP/1.1 sportframe1.cc/imgs/300trend.webp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/300trend.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Mon, 28 Nov 2022 22:25:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://a.hosting5.cfd/futbolcafecc/imgs/300trend.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MA%2FftaGki9po1PENluPCIwc2k89GrmoHFxr7ioHP%2F8tznCW12tfppWG6Be%2BuY9ZDM4xqZm0QYq7LKBvqIES3W8KfyhiJ8UZBwBJBkA%2BASVxpIN9L5KqvtRwgG5ulwRlkcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771685a0e80bb50b-OSL
alt-svc: h2=":443"; ma=60
sportframe1.cc/imgs/728capitol.webp
302 Moved Temporarily 0 B URL HTTP/1.1 sportframe1.cc/imgs/728capitol.webp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/728capitol.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Mon, 28 Nov 2022 22:25:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://a.hosting5.cfd/futbolcafecc/imgs/728capitol.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOPVTs5oZtWysKaDkXR5I5gjh9F4IagrkJXoIN9B0QoP1%2B2lTtTpNRPQzGytlv0qBQfVEzANJi6XPDef4QV9xc149W%2FztGUaKK5q05YaMv1cNF0y4xJ5n0WDZ0tNb6sB3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771685a0eb9cb51e-OSL
alt-svc: h2=":443"; ma=60
sportframe1.cc/imgs/728paro.webp
302 Moved Temporarily 0 B URL HTTP/1.1 sportframe1.cc/imgs/728paro.webp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/728paro.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Mon, 28 Nov 2022 22:25:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://a.hosting5.cfd/futbolcafecc/imgs/728paro.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRLawmTC3uu%2BiCH9u2Sqi%2Bnw%2FDxwK6T0Awa4yEWmaUOFvQJ7vwEbNFBmXvRBHTqc3bjtYVI%2FHURLgnccxrjundZBFNoRDSsE3HdehZkwFQmaqnDa5T7chXsiN04HNOqLvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771685a0e8f9b518-OSL
alt-svc: h2=":443"; ma=60
sportframe1.cc/imgs/300capitol.webp
302 Moved Temporarily 0 B URL HTTP/1.1 sportframe1.cc/imgs/300capitol.webp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/300capitol.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Mon, 28 Nov 2022 22:25:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://a.hosting5.cfd/futbolcafecc/imgs/300capitol.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FnCqCza2zJMkVrrv8YUangRWdGGYlrG6OhBJSEf18wNy4vrCBz2ox1DRwa6rixjena7Vddc4Ea1lvAeMbpFBqVOvuSDjC4%2FiP9gEvWh89%2BCs64QJIEB%2B%2BP%2FzblrfaJiBA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771685a0ee72b515-OSL
alt-svc: h2=":443"; ma=60
rwbc.net/
200 OK 132 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size 132 kB (132027 bytes)
Hash c2e045e9c11136f2790496eb4ebfce59
1c963025691b1d40d3771e4e1a77adcadce85bf9
6006d468a96b582b6d0aa8e1bdf4a5a1c30ae980dacea5e111d3767c5601c724
GET / HTTP/1.1
Host: rwbc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:52 GMT
content-type: text/html; charset=UTF-8
link: <https://rwbc.net/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Mon, 28 Nov 2022 18:58:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpHdtv12ODuL4t2dGkyyDCUaNzL1EaHHSLLqCXUC6URbmAZx3SeQ%2B0P8ZVBhnCFgdDatnZKTPb6YvtQ%2BGNM8ZXVSUG7XiY85CriGoWwll%2F0qmr1hpRh2nGgQJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716859a9ec5b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe1.cc/imgs/300paro.webp
302 Moved Temporarily 0 B URL HTTP/1.1 sportframe1.cc/imgs/300paro.webp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/300paro.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Mon, 28 Nov 2022 22:25:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://a.hosting5.cfd/futbolcafecc/imgs/300paro.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXDuQldmzhjIhdIV36z5iHcAsXev3wAPfD6IjFLQa%2FiNa9YXBPvxaJitqvn2uYXBNGLqiMg1GLSlCPX28hrTgKVInFGBM1YisKGbZQu4IzXxYf7wJ6zKSCFwH6Jj6kFvdg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771685a0f81fb50b-OSL
alt-svc: h2=":443"; ma=60
sportframe1.cc/imgs/728trend.webp
302 Moved Temporarily 0 B URL HTTP/1.1 sportframe1.cc/imgs/728trend.webp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/728trend.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Moved Temporarily
Date: Mon, 28 Nov 2022 22:25:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://a.hosting5.cfd/futbolcafecc/imgs/728trend.webp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EG8i8tivs4MvuDuRDcXySjiGEIDcNV07BG2OD3Plsmo91mbYKih%2B%2BqFcjBLcPlqaBraQ26901FkufdRNxf5Zkmnc58SqM9%2F70dRmhZ%2Fv2CTHxGFHZofPeH4eQTmgDeZGDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771685a10bbdb51e-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
IP
Hash 12363bfae7d16dd60695ca366925df93
4f9d7554912b2e02c72ae6aca92d604e63b7e204
c30309f58893802410eaddabed9b3446f8de8c727a9e60071f0c7f4adbe03bd6
POST /s/gts1p5/-EKONp9p_ms HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
IP
Hash 12363bfae7d16dd60695ca366925df93
4f9d7554912b2e02c72ae6aca92d604e63b7e204
c30309f58893802410eaddabed9b3446f8de8c727a9e60071f0c7f4adbe03bd6
POST /s/gts1p5/-EKONp9p_ms HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-EKONp9p_ms
IP
Hash 12363bfae7d16dd60695ca366925df93
4f9d7554912b2e02c72ae6aca92d604e63b7e204
c30309f58893802410eaddabed9b3446f8de8c727a9e60071f0c7f4adbe03bd6
POST /s/gts1p5/-EKONp9p_ms HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
IP
Hash bb7286814faa45b9e9db41b15d11e57c
a2de3444e2dd99dbd15144c4202bb088115f0880
d21ce210130773f4811eafa0c9980e951f0d3042600d71cda9be539d04d4a8ec
POST /s/gts1p5/61F5pYSxl3w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.hosting5.cfd/futbolcafecc/imgs/728kral.webp
200 OK 277 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/728kral.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 277 kB (276648 bytes)
Hash 099517ecce48592f7274d5fc34a95794
cdddd7f2cbe6fea04b8d4a4b48566e0ebcc3c06c
bf4750647b1706027761ca65196be799ca66ccd6ace69bb424da4c4edbe758a1
GET /futbolcafecc/imgs/728kral.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 276648
last-modified: Wed, 23 Nov 2022 18:07:25 GMT
etag: "637e615d-438a8"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 7029
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiLfzmNljw2Gzj0SGii6HlHBp5bytMhDl8sho4VOEZYAU3JiZQasG8C3g1aGq5p%2BaaDQEf4C5i9a0loRXtoCLFrC9Qk3rG1soNgK2kDBZ2ufZOr8vr3Usd5TB8yVewPk0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa92b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/728matador.webp
200 OK 138 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/728matador.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 138 kB (137848 bytes)
Hash e04818e3e9fd0d8e48a0f60fa48179c2
c6e2d4f8f1d7964e53aef5122dfdd907b0610a89
883574dfcd5c28ebdc246b2ba55a286f5a3bfe1b786405ae556c9a56991c5dc3
GET /futbolcafecc/imgs/728matador.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 137848
last-modified: Wed, 23 Nov 2022 18:07:25 GMT
etag: "637e615d-21a78"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 4846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDip04o5WWyWDEcOA%2BEszJsbTsT5YjSO5NIWZN8rkb8x8khEc%2BgbwouCrzlr44KGY4%2BDdBkdn8NhBMuifRwydyV%2BknE17%2FDvmZBVfRkfAB94klbcX2n8brBRvMw6LoBT6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa9bb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/120tipo.webp
200 OK 776 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/120tipo.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 776 kB (775650 bytes)
Hash 166b5300cd05c61536180306f8ea1283
5c4d59aa3ac20407b2015b03ef6863ec5982bd59
d324c4a6df08ccc25b8f9c416bdd2028aac45358d6e74258c173860e9e90534d
GET /futbolcafecc/imgs/120tipo.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 775650
last-modified: Wed, 23 Nov 2022 18:08:21 GMT
etag: "637e6195-bd5e2"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 4846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYT6v8ZPGpn6KUBPpCkVWdsePToVKPRURumtmPRJ0Thq01w4%2Fsl8iOdsyfGu8zuGPa0I%2Bjm2Z04yFac%2FudEpHC5sjVDvUS%2BcuTGT4WDq7yOIxAxUSUp3ETtHbln8TW9TlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa8db50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe1.cc/imgs/1000saha.webp
302 Found 472 B URL HTTP/2 sportframe1.cc/imgs/1000saha.webp
IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/1000saha.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/1000saha.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12ZFPpgDwCmRbusY5bYY5ZQnY0Ae6HnY6n%2BINNEEFBCX2I4NXRJqTcLCmw5F0cwMB6ed1IzdwBZ%2B7gdNoDplcwPoD3vfVqq6BPKjShUKbV%2FwAjfmokXaU1wLhlMP5WNOKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc95b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
IP
Hash bb7286814faa45b9e9db41b15d11e57c
a2de3444e2dd99dbd15144c4202bb088115f0880
d21ce210130773f4811eafa0c9980e951f0d3042600d71cda9be539d04d4a8ec
POST /s/gts1p5/61F5pYSxl3w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.hosting5.cfd/futbolcafecc/imgs/728tipo.webp
200 OK 655 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/728tipo.webp
IP
Size 655 kB (654706 bytes)
Hash 79ff9cffd60073f41124929258b3c618
d6b4085111ca5c9f4740d813e11a98a2842c4f7d
f74cb056fdf11f09df41b3e63733f9d0c3c3876f81fa1a5d1ad567b303d2e062
GET /futbolcafecc/imgs/728tipo.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 629288
last-modified: Wed, 23 Nov 2022 18:08:24 GMT
etag: "637e6198-99a28"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 4846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MVinRHnL044bd7hKmKbAqTO9N11u%2FPhdmttgeRkfey6FnE3z7Bvm0RtZIetRXUepBgakPB%2BPl%2BddxdOPAwLLNLjRNeOGlcX2Lp8XCmEZ68OygLJ4ZLnmfQ7qfwlQwRSDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa96b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/728onwin.webp
200 OK 718 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/728onwin.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 718 kB (717590 bytes)
Hash 68ed34b9d570f72a95e581fd9d8cf41f
3e48bb1723bdef79da41209b5dca2f4239079334
2ad455c098e39ffdb6dc6d9cf722f063488597fc1162d04453754ca4af8fda03
GET /futbolcafecc/imgs/728onwin.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 717590
last-modified: Wed, 23 Nov 2022 18:07:47 GMT
etag: "637e6173-af316"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 4846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJI1%2BvI0aAl50GfYMALJAOn06UNSorBCJ4s1uSIzMXgPqE7cbwg7mOvr37%2FrMJNoZ%2F4z6bHG5qGCWLmF2pX6NBv%2B5pn78S7j0V5FRlHJ9Xk9KNzjMbIhomwWWWALBVCKfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa98b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/728saha.webp
200 OK 1.4 MB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/728saha.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 1.4 MB (1391566 bytes)
Hash ad705283045a1e969d002a787170b59e
1e67b8f21bd6ab3572a916966d02eb0531101ba9
e7172a78f98402a6c131aa15638e9f6630238073b396ed893899a6abdb6beae8
GET /futbolcafecc/imgs/728saha.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 1391566
last-modified: Wed, 23 Nov 2022 18:08:15 GMT
etag: "637e618f-153bce"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 4846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl4d%2Fdyfj%2BCmjpcsq0%2B%2B7jsUvOEnoQ9%2BJjFDSY%2F9AFY9Zrt%2BkSppSZCSwCkHNopsGnwb1XurE5ZmzX6dVvyyEv4tarponzUpquOrxbArTW%2BW6gtQDlutjJQVlPLxwy84vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aaa0b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 28 Nov 2022 22:25:53 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/300trend.webp
200 OK 580 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/300trend.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 580 kB (579486 bytes)
Hash b87e882b01f0758961b5b82eb2e1d46e
ed71d69128521b6f9214ec8701bfeec5a78faf76
fccc97ca2a01fd97ab50f9c9d077f48db8756ed5fa3d84e57b505faffced686f
GET /futbolcafecc/imgs/300trend.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 579486
last-modified: Wed, 23 Nov 2022 18:08:40 GMT
etag: "637e61a8-8d79e"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqzI1OX6Ojvr%2FWdkySESOw5ZApLJdBAvLayIeqEHZYD%2BPKtAPy6ymRyXTlhDMONEQajfHn9cEXcFVdyUDS7lFSe0AcnNi0dCeZWu1mXwZwfdseSzJ2nLTjCmqoEmdIA%2FaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aaa3b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/300paro.webp
200 OK 758 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/300paro.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 758 kB (757828 bytes)
Hash 747cb1862cca8bad7f8f5f554bf7efbd
03a3e429aa3f072ddf6227f09642de8501ff746c
11c7c8435337b773458fbad45fa65ee138e64ef320ede192e114b15ab18e8a37
GET /futbolcafecc/imgs/300paro.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 757828
last-modified: Wed, 23 Nov 2022 18:08:24 GMT
etag: "637e6198-b9044"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNXamGdGpDKJexO6j60TqPxnxTt0Ej1JhuwAJ9x4X3KdB9s6mPcYnxKivhpjRfCXV9i8gv4g%2Fz8nK1BhmMt%2FsRbjd0Zpxvt4%2BiXCOX9AodiksaTmgTGpPqi3ZMtQbWhDGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa93b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/1000matador.webp
200 OK 137 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/1000matador.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 137 kB (137042 bytes)
Hash 322d64f201b89b0d691821ad204c8ded
523937753cd6994e49804a257543ecdb6de7efa6
4c7d4df5dec2982b7d14ba8f9a05bb8ec5b6c5f6b7bdc0588959d12b627a3b99
GET /futbolcafecc/imgs/1000matador.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 137042
last-modified: Wed, 23 Nov 2022 18:08:18 GMT
etag: "637e6192-21752"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 4597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkGzCq9rhOCDuUykrrFE2DEYiB7uJr1kJ5VSOLtlnNaRYIwrBxpZrCwzEvpwJA6o33VYTeXxBR6AsOgmev4E%2FHOKUbU4vJqXZmdmWQAl1lwbCY54hpSxeJRPAx4v7Eed7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a39bb0b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/728capitol.webp
200 OK 703 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/728capitol.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 703 kB (703018 bytes)
Hash c76918157537cdda6807bbb6b322439e
69a913c51a594aafd03fb1badaea669f2df9f602
b95525ae15cdd476b8ae9ae3fb328154a8eb62552b156d83a17706f5a24d2156
GET /futbolcafecc/imgs/728capitol.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 703018
last-modified: Wed, 23 Nov 2022 18:07:31 GMT
etag: "637e6163-aba2a"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4IuRPb3yHID%2F2rz7TvLYJlwrIHRs3w8wFc8R70XbKyjByJZAdG2fWPeZa%2BheCOA51lOV%2Bi%2BFeYXVtOh%2FIlbXbPo4Q5YxtRBYc4lb%2Bz8trwSpnkkyWR06sAFI%2BntWMROXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa9db50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/728paro.webp
200 OK 898 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/728paro.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 898 kB (897850 bytes)
Hash e847976fefd76af59be4e1380f0ec23b
301cfa8e357f6569cefcd8e06e88c373e59c4b44
b0a7364fc82157079da2d4de14b01f37293f9be30eafa48c404d0d8e43e0fce9
GET /futbolcafecc/imgs/728paro.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 897850
last-modified: Wed, 23 Nov 2022 18:08:01 GMT
etag: "637e6181-db33a"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPMdXpoNFG4L52X5Y5mQjKkS%2FivCf0L7nUDPLcPYQSZV5Uuo3veS77slLJ0W89GbmnXK%2BsppfmfEfM9ExTIWZA3wJK83RFyTWbjIgwys0QjH3wu4HXpmtrsy0MT%2BtlRKCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa9eb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe1.cc/imgs/728matador.webp
302 Found 20 kB URL HTTP/2 sportframe1.cc/imgs/728matador.webp
IP
File type Web Open Font Format, CFF, length 19996, version 1.300\012- data
Hash 07db5c04835629ee7284a0481197443d
9f56f7e1b14b89828393aef3ff581a4a22320af0
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/728matador.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/728matador.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BahlHrz2enPgZptMrn%2F6b2qXz9eN3fgn7bPk8NBmavGFju0vKojwndwmSUZNay7l%2Bq18aqr%2BujCJSsPB8eeA1bOo8E94htZ6V0JYF6HbXstwlZZZd2nq9tfbqzHbM294EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc98b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
IP
Hash bb7286814faa45b9e9db41b15d11e57c
a2de3444e2dd99dbd15144c4202bb088115f0880
d21ce210130773f4811eafa0c9980e951f0d3042600d71cda9be539d04d4a8ec
POST /s/gts1p5/61F5pYSxl3w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
IP
Hash bb7286814faa45b9e9db41b15d11e57c
a2de3444e2dd99dbd15144c4202bb088115f0880
d21ce210130773f4811eafa0c9980e951f0d3042600d71cda9be539d04d4a8ec
POST /s/gts1p5/61F5pYSxl3w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
IP
Hash bb7286814faa45b9e9db41b15d11e57c
a2de3444e2dd99dbd15144c4202bb088115f0880
d21ce210130773f4811eafa0c9980e951f0d3042600d71cda9be539d04d4a8ec
POST /s/gts1p5/61F5pYSxl3w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.hosting5.cfd/futbolcafecc/imgs/728trend.webp
200 OK 522 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/728trend.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 522 kB (521914 bytes)
Hash 631467c72c5e9fad4129fc54d8b6aea3
1c6428803d1f1c232e512f0e9689b236b2ac06fe
6eaeeb3d2eea4c89b4084dfa9fb8703ed7239c6927b3c189bfd6a808c2291e94
GET /futbolcafecc/imgs/728trend.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 521914
last-modified: Wed, 23 Nov 2022 18:08:25 GMT
etag: "637e6199-7f6ba"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYat%2F8%2BJKYVrwtPaq3nDi3D72e2Wn1VjyMEDWItqIpvWwFJ2kHVvxPgS4XYYm20vNbShO6ygdIMZA08llxY1LogPgW2BtHarj7Ol9SvAOcaExFhetVvez5rQEKjaXFANdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aaa2b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rwbc.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:41 GMT
expires: Thu, 23 Nov 2023 14:07:41 GMT
cache-control: public, max-age=31536000
age: 461892
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sportframe1.cc/imgs/120tipo.webp
302 Found 13 kB URL HTTP/2 sportframe1.cc/imgs/120tipo.webp
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 310x165, components 3\012- data
Hash 38692c51cf9413bbf653053a1d2d2cfe
51797e5127ed4420fed3b481f52d0544b62fa495
7b40af5a0c4703341139277bd07cb0fdba168eeeb0e1082daa4b9febdfce1f3d
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/120tipo.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/120tipo.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9J9QSMs4euY1ihLYT5YqPOHFrHJLNu8nJ5iI9%2FEbA9bRnqovsjR1cKc0PJh4rTxX%2FFUnkJTykN8lhw3LPhfAKmATz0CqnW1Dt%2BlGBz10DcY%2Fq0wYCXWabdq8aEIrd2xenw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a10ca9b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rwbc.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 23:13:50 GMT
expires: Wed, 22 Nov 2023 23:13:50 GMT
cache-control: public, max-age=31536000
age: 515523
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sportframe1.cc/imgs/728onwin.webp
302 Found 6.9 kB URL HTTP/2 sportframe1.cc/imgs/728onwin.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 468x60, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52082d281095497774b1cebb2c12f729
1e210913456361b816cc81598fbb9e3556dfab47
1f8e4b5e03f9579abb1df21f5d90a6f90254d8f8384ac5f6f3377dd46cf93b1f
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/728onwin.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/728onwin.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9StMXcYQsCaEg7poPtbATZcQ41etdjJRnDeeJr755%2F4ILbTYlUKvvFRyFTdktBihkWohtbVaSL3o%2Bdu5FB6yhpU9cANg%2FOxGMtAxPnUtdl22nBXPZh71LbVUyUSYiVdIAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc97b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/1000tipo.webp
200 OK 567 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/1000tipo.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 567 kB (566660 bytes)
Hash 1474377724e624b4841bafd76577260f
156277cc07df62f1dcb0a9f12e3a8aa34ddeca15
9476d04986ae8adcf2c851389d68c41b6920595a2cbd0b08f9cc0799ec565453
GET /futbolcafecc/imgs/1000tipo.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 566660
last-modified: Wed, 23 Nov 2022 18:07:57 GMT
etag: "637e617d-8a584"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 4598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XM5FdIkKBemZEOyWJ54%2BOcngQNcISMkeFH9SdeN2cJEd3WW3SPbqcCA5FImi%2F1jrWVicuAjL1EGBGGmD8A0%2FUZ5ZdBg%2BxDC3WonuKJbqT1YY%2FWEyAYdyFjI2hNn7ajQCgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a4fd2ab50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/61F5pYSxl3w
IP
Hash bb7286814faa45b9e9db41b15d11e57c
a2de3444e2dd99dbd15144c4202bb088115f0880
d21ce210130773f4811eafa0c9980e951f0d3042600d71cda9be539d04d4a8ec
POST /s/gts1p5/61F5pYSxl3w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.hosting5.cfd/futbolcafecc/imgs/300setra.webp
200 OK 789 kB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/300setra.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 789 kB (788802 bytes)
Hash 24e41a3fec6186b3f3c86c0f5ef9584d
948f37646ec74023a9ba728b5255421a1917dae2
3f6bdacfff2ef86a8b94203f6c8131f0dec046ad80f90afbad05e4dacca56dde
GET /futbolcafecc/imgs/300setra.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 788802
last-modified: Wed, 23 Nov 2022 18:08:26 GMT
etag: "637e619a-c0942"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 3663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ym4uR02revJ3nW%2FaMiQtqaH2TFd1WFS9VYLbR4l1hzk0%2FMIF9viE7tFenXAXlQPbdI0UD6nv%2B2RBFuk255CfXC9%2BpRR9dDK%2BAYbZI4seDvNDxJQP2j1uHAEYHSVTgm9r3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a50d45b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/1000saha.webp
200 OK 1.2 MB URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/1000saha.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 1.2 MB (1234992 bytes)
Hash 1d845c4156292a4582518d7143c65d2d
109008aec9731f5f70c5f859918944156a0bcd23
a5d871009b5edc5d082d231ee15e1f6bff5feb8bb3fb1729f535f0efc9095dd2
GET /futbolcafecc/imgs/1000saha.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 1234992
last-modified: Wed, 23 Nov 2022 18:07:30 GMT
etag: "637e6162-12d830"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmtRR4jmYJ2RD4rkbjMbaJu1RUeqwCiSpQvGkJ55T7Hkch1gcHMJ6aSYC2eElkVpkJ7tBmcRBZqA6XmQK01rz%2BkIjbqvO9PG%2BbxRptCAMQK0lLJjboh9V4HFATceaYI%2Frw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a50d4fb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash f6113ce82eb9f10781430e54618d8996
a2a1fa854c4d3f44a323c5fcfaa882056e84439f
189f683c1d0193192124bffc9b6ff925539589c2c5330e02c068ba7f85649588
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4790
Cache-Control: max-age=145860
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Etag: "6384b97f-116"
Expires: Wed, 30 Nov 2022 14:56:53 GMT
Last-Modified: Mon, 28 Nov 2022 13:37:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
s7.addthis.com/l10n/client.tr.min.json
200 OK 1.7 kB URL HTTP/2 s7.addthis.com/l10n/client.tr.min.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3262), with no line terminators
Hash 0e882c7c1c0479d777eea2c5300e58ab
29f38bebeefd4a00438487130179d32c95720707
d4227e04a9f14a5047d5193033490786d9e2aab49a8ecb3aae866f08f7275535
GET /l10n/client.tr.min.json HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rwbc.net
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-d99"
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1685
date: Mon, 28 Nov 2022 22:25:53 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jwpsrv.com/library/SakQCEfSEeOHhRIxOQfUww.js
200 OK 46 kB URL HTTP/1.1 jwpsrv.com/library/SakQCEfSEeOHhRIxOQfUww.js
IP
File type Unicode text, UTF-8 text, with very long lines (65143)
Hash d763b6c19bd3f6c7048130f86cd7865d
ee9487cc96ad06878662c9ad006d0be2026ec9b5
d67808b392745d3048aa229af3c984aa5cd8c44707b7bb6e33129d4dd0c6d48a
GET /library/SakQCEfSEeOHhRIxOQfUww.js HTTP/1.1
Host: jwpsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Content-Length: 45718
Connection: keep-alive
access-control-allow-origin: *
Cache-Control: max-age=180
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 22:25:27 GMT
Server: openresty
x-robots-tag: noindex, indexifembedded
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L2nsMRCXrGZR165wQaQG9Ipb_87GmtjA7wYbELkcFctm0GPsTfgbwg==
Age: 26
4.bp.blogspot.com/-gqmCHgeS4yI/WJAeuIucjdI/AAAAAAAAEmU/xdFdp6UkMGkP5YQKfPIA6FVkr8rhjh0KQCLcB/s1600/close.gif
200 OK 2.5 kB URL HTTP/2 4.bp.blogspot.com/-gqmCHgeS4yI/WJAeuIucjdI/AAAAAAAAEmU/xdFdp6UkMGkP5YQKfPIA6FVkr8rhjh0KQCLcB/s1600/close.gif
IP
File type GIF image data, version 89a, 42 x 42\012- data
Hash d146589452746fe06acd656a761a0127
9342b39f9080c50ec8f729fdf8dde497fb3bbb20
95cd38d20b81bfd7c70c30aaff5b268cdac4b9b800dc5408d547b9845815cc42
GET /-gqmCHgeS4yI/WJAeuIucjdI/AAAAAAAAEmU/xdFdp6UkMGkP5YQKfPIA6FVkr8rhjh0KQCLcB/s1600/close.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="close.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2495
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:51:24 GMT
expires: Thu, 13 Oct 2022 05:55:16 GMT
cache-control: public, max-age=86400, no-transform
age: 9269
etag: "v1266"
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=8420
date: Mon, 28 Nov 2022 22:25:53 GMT
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
200 OK 141 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 141 kB (141142 bytes)
Hash 7e7fdfacdb1943ea810449001d165a53
fc230e8b4a933497a2da4a783574a5b07b889a7e
d530a67ca2ed5e6d11c2f4ef080c8b8c1cc55a587af2ef45da9a9415ebd788cf
GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:25:53 GMT
age: 22444
x-served-by: cache-fra-eddf8230106-FRA, cache-bma1657-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141142
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash cd7fd5d9f8308093a602c46f2cdff526
f80013b17b7d193ecff140d524fa2be4e41543f3
9c4475d1bb016559c108f0413639c8287e80017db183ddff7e6e2d720b94b465
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:25:53 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E9CC4CBE9A5C199023D177A3CA62E5883FAE9180"
Expires: Tue, 29 Nov 2022 10:00:00 GMT
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1040
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771685a689211c06-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 22:25:53 GMT
Connection: keep-alive
m.addthis.com/live/red_lojson/300lo.json?si=6385357031993053&bkl=0&bl=1&pdt=1593&sid=6385357031993053&pub=ra-567744105ddcae4a&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=rwbc.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669674352445&jsl=1&uvs=638535704641b84b000&skipb=1&callback=addthis.cbs.jsonp__117900812139212550
200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6385357031993053&bkl=0&bl=1&pdt=1593&sid=6385357031993053&pub=ra-567744105ddcae4a&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=rwbc.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669674352445&jsl=1&uvs=638535704641b84b000&skipb=1&callback=addthis.cbs.jsonp__117900812139212550
IP
File type ASCII text, with no line terminators
Hash be1cc378948041dd4767c1c4ea865088
d2be1f7e5b0693e7877eda15b80942400befaaf1
bc218d4b4162192f0be58cb0412ca61cfc73120de62ad0b444112fd493c3012a
GET /live/red_lojson/300lo.json?si=6385357031993053&bkl=0&bl=1&pdt=1593&sid=6385357031993053&pub=ra-567744105ddcae4a&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=rwbc.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669674352445&jsl=1&uvs=638535704641b84b000&skipb=1&callback=addthis.cbs.jsonp__117900812139212550 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 28 Nov 2022 22:25:53 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 22:25:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 22:25:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 22:25:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 2145
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: eb4599b5-e88a-47cd-8d1b-5839c4f7593e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnbGLToAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852962-67476fac77c8d1ee36f89ecc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 09Pb9RMyAoRWXYfw5mxwtpl6fnHwlxDJryR4c-F3rurGKUgo-HYUOg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 2630
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 2630
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 53145
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 2219
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ab97acd46d3380fa12711c96b3c2d35
b703ea2cc2fcd68e60135ff77d5a5f1b93fac128
aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8106
x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnQEhQoAMFbLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sYK4SFsG-No3Bd-CyGIKSWh4sUokwaHa20tc8zvbqUpxkplJOiASIA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 2630
etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-567744105ddcae4a/_ate.track.config_resp
200 OK 911 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-567744105ddcae4a/_ate.track.config_resp
IP
File type Unicode text, UTF-8 text, with very long lines (3373), with no line terminators
Hash 875ef15ab280be588800e2eaa9bab653
2d0ad4839c28c070bedf19391ddfdfeef574773c
9a858f731309958b6cda579b9cd6f044391b15bf9003dbae394d356343826dc3
GET /live/boost/ra-567744105ddcae4a/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 911
etag: 1022175661--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=55, s-maxage=86400
date: Mon, 28 Nov 2022 22:25:53 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Mon, 28 Nov 2022 22:25:53 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-74068698-18
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-74068698-18
IP
File type ASCII text, with very long lines (1921)
Hash 01c64061e0272b9214a852decf9323ed
967034cd483dcb5c3c94bc6a99ac5c30d4b1d0fa
65a84b8b083c670bf72c479145a1be34e822efe8969f748fa3087405e8542949
GET /gtag/js?id=UA-74068698-18 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 22:25:53 GMT
expires: Mon, 28 Nov 2022 22:25:53 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43685
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:25:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash ebedc2ec4252a54928ffc21c1ab1bb51
da7ffc7850a3c5f0e61287497ae7db665e796753
8b0ad4330c60cfa6c6bb4a24827fdb80075eb89e67e06cd89d0c868b98fd002e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:25:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 05:29:12 GMT
Expires: Sat, 03 Dec 2022 05:29:11 GMT
Etag: "da7ffc7850a3c5f0e61287497ae7db665e796753"
Cache-Control: max-age=370396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771685a87e7c0b49-OSL
sportframe1.cc/imgs/1000matador.webp
302 Found 472 B URL HTTP/2 sportframe1.cc/imgs/1000matador.webp
IP
Hash ebedc2ec4252a54928ffc21c1ab1bb51
da7ffc7850a3c5f0e61287497ae7db665e796753
8b0ad4330c60cfa6c6bb4a24827fdb80075eb89e67e06cd89d0c868b98fd002e
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/1000matador.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/1000matador.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONZP7XBvrgazFKLrMTfqdjSr6wzhU2pXc0KG9fdLJ5cydAjjx68ypz2CTNv9AxB5sd7wPLlYXVDIZJ1W84BngifZVIBKV2%2BgldrJzIt%2B8DE6Yw5%2BmEqslz8QbuvxrUqg9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc92b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 20:41:08 GMT
expires: Mon, 28 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 6286
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=ligtvmax&t=&c=c&x=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fsayac.html&y=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fizle%2Fch77.html&a=0&d=0.04&v=27&r=1527
200 OK 352 B URL HTTP/2 whos.amung.us/pingjs/?k=ligtvmax&t=&c=c&x=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fsayac.html&y=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fizle%2Fch77.html&a=0&d=0.04&v=27&r=1527
IP
File type ASCII text, with very long lines (425), with no line terminators
Hash d29aaee5ed8eb447abb0de0164dbd8cb
fcabb6761d3de3b7f3fa8c8b8cc0a5252511e6fd
45d8ea04b281923526fc7971e311aee34eed8da2cf698e06833e582c56c7bcce
GET /pingjs/?k=ligtvmax&t=&c=c&x=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fsayac.html&y=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fizle%2Fch77.html&a=0&d=0.04&v=27&r=1527 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:54 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 771685aa3a0e95f6-ARN
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9b7502862b847fab779159f4a93f36b3
5c965ad315b05988499fbc01ff0c02dfc488ea8b
5fdc96148b88f35128f54ad482e3fa998c2ea3ec1ffe79057fd4157fa7c1ab2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:25:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 11:33:40 GMT
Expires: Sun, 04 Dec 2022 11:33:39 GMT
Etag: "5c965ad315b05988499fbc01ff0c02dfc488ea8b"
Cache-Control: max-age=478664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771685a9e80e0b49-OSL
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Frwbc.net%2F&callback=_ate.cbs.rcb_adjc0
200 OK 55 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Frwbc.net%2F&callback=_ate.cbs.rcb_adjc0
IP
File type ASCII text, with no line terminators
Hash 0c9d73d83d9654ff7012016a88104236
9db695103578642b168ddcfcea0e7fbb1fb14457
2dc6bd33eaa2e1b48fa193dcef61cf9fd5d5d7551d43c9a934abe9a8ad2a2341
GET /url/shares.json?url=http%3A%2F%2Frwbc.net%2F&callback=_ate.cbs.rcb_adjc0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: rwbc.net/
last-modified: Mon, 28 Nov 2022 22:25:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 55
date: Mon, 28 Nov 2022 22:25:54 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Frwbc.net%2F&callback=_ate.cbs.rcb_4ihs0
200 OK 55 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Frwbc.net%2F&callback=_ate.cbs.rcb_4ihs0
IP
File type ASCII text, with no line terminators
Hash 089e4797e32fffaa72261f010137e481
44adba9381acce30ab8067afac3a73aa9feebdab
4c7a680a83bbc773741dc939612e55a137a70afdc46bc89a192fc1dcb49881fd
GET /url/shares.json?url=https%3A%2F%2Frwbc.net%2F&callback=_ate.cbs.rcb_4ihs0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: rwbc.net/
last-modified: Mon, 28 Nov 2022 22:25:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 55
date: Mon, 28 Nov 2022 22:25:54 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Frwbc.net%2F
200 OK 1.1 kB URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Frwbc.net%2F
IP
Hash a89a045c83d4faf25e5f746f2032ffc8
7efd76dac0320e552be8175f61faf574d202e5bd
2804fae8ef2eb1a30eb2162778e38da1b72e56bfe69970bd47d75fb3113e9cd9
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Frwbc.net%2F HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://rwbc.net
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://rwbc.net/
last-modified: Mon, 28 Nov 2022 22:00:00 GMT
access-control-allow-origin: https://rwbc.net
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 28 Nov 2022 22:25:54 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9b7502862b847fab779159f4a93f36b3
5c965ad315b05988499fbc01ff0c02dfc488ea8b
5fdc96148b88f35128f54ad482e3fa998c2ea3ec1ffe79057fd4157fa7c1ab2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:25:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 11:33:40 GMT
Expires: Sun, 04 Dec 2022 11:33:39 GMT
Etag: "5c965ad315b05988499fbc01ff0c02dfc488ea8b"
Cache-Control: max-age=478664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771685abc815b527-OSL
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
200 OK 6.7 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:54 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 111625
expires: Thu, 01 Dec 2022 22:25:54 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 771685ac29e7b4f7-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:54 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=betcanlimacizle
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=betcanlimacizle
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=betcanlimacizle HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=a.hosting5.cfd HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=betcanlimacizle
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=betcanlimacizle
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F&t=betcanlimacizle HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1&r=https%3A%2F%2Frwbc.net%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=https%3A%2F%2Frwbc.net%2F
200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=https%3A%2F%2Frwbc.net%2F
IP
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!ligtvmax&dn=TC&cc=1&r=https%3A%2F%2Frwbc.net%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Tue, 29 Nov 2022 22:25:55 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Mon, 28 Nov 2022 22:25:54 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=https%3A%2F%2Frwbc.net%2F
200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=https%3A%2F%2Frwbc.net%2F
IP
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!ligtvmax1&dn=TC&cc=1&r=https%3A%2F%2Frwbc.net%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Tue, 29 Nov 2022 22:25:55 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Mon, 28 Nov 2022 22:25:54 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax&lm=5&ts=1669674353913&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!ligtvmax1&lm=3&ts=1669674353911&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 22:25:55 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
IP
GET /css?family=Droid+Sans%3Aregular%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rwbc.net
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 22:25:52 GMT
date: Mon, 28 Nov 2022 22:25:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/imgs/300capitol.webp
200 OK 0 B URL HTTP/2 a.hosting5.cfd/futbolcafecc/imgs/300capitol.webp
IP
GET /futbolcafecc/imgs/300capitol.webp HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: image/webp
content-length: 493632
last-modified: Wed, 23 Nov 2022 18:07:48 GMT
etag: "637e6174-78840"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEgqNo6Nvwo7dyogxmkzGadB5A5MOAd%2BeuxPXuS8Cb255uvlNzz2coqFrez8PI%2BUwh6cdoc3ejm5wIWjcCWmrE35T2TadHnuTRCKkvtp3ZnmbBG42X%2FCbbvjTyXb%2F60sSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa94b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe1.cc/imgs/300setra.webp
302 Found 0 B URL HTTP/2 sportframe1.cc/imgs/300setra.webp
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/300setra.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/300setra.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7KUOq%2FZ8OcXzdmGB79fr9Y3n8LJjSBW%2B1SAw6jhsr9AVCeyx%2BdpfHIDG9i8W1R4k%2FrlGEpxYhTEzKcxVaBrVIQvhP5ml6vNb1ddxzHdw35USX9D6FIY%2BjKrCe57gWn5sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc88b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe1.cc/imgs/1000tipo.webp
302 Found 0 B URL HTTP/2 sportframe1.cc/imgs/1000tipo.webp
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/1000tipo.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/1000tipo.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdvAIn3LbiqZix8JeN6JyCFo5%2BfLtHcr7LBP84Id4v448AGjYQWFDWVrjWw7jkwiGVbuxOJ%2Fx%2FsBXh%2F14HVY9uAq1pokmK1z4GXTSHlP2kQ7vIAYqQObKQVh6771WYNvfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc90b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Frwbc.net%2F&callback=window._ate.cbs.rcb_kx8i0
200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Frwbc.net%2F&callback=window._ate.cbs.rcb_kx8i0
IP
GET /v1/urls/count.json?url=https%3A%2F%2Frwbc.net%2F&callback=window._ate.cbs.rcb_kx8i0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Mon, 28 Nov 2022 22:40:54 GMT
x-envoy-upstream-service-time: 1
x-pinterest-rid: 9458710695632589
date: Mon, 28 Nov 2022 22:25:54 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
widgets.amung.us/classic.js
200 OK 0 B URL HTTP/2 widgets.amung.us/classic.js
IP
GET /classic.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:54 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Nov 2022 22:14:56 GMT
etag: W/"636ec960-32c5"
expires: Tue, 29 Nov 2022 21:50:07 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 2147
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a90d3009a8-ARN
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=a.hosting5.cfd&_ss=3y6261lgxy&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=29s4&_cb=_dtspv.c
200 OK 0 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=a.hosting5.cfd&_ss=3y6261lgxy&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=29s4&_cb=_dtspv.c
IP
GET /pv/?_a=v&_h=a.hosting5.cfd&_ss=3y6261lgxy&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=29s4&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: m=1; oa=1; df=1669674353
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:54 GMT
content-type: application/javascript
x-t: 0.147
x-c: 0
expires: Mon, 28 Nov 2022 22:25:53 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNKvSxSIT%2BMEtZV5fLMB1FMh4HYSW7DUkjxBpQSpCPkpKm6yutjWYn2gbN%2B%2BXkNDuaqtjuYDnJqoudzEMRsDZMGSWnYPvgQ0zsGITEYrtqu5o%2BhYYfBMm8AbnxDRfJCf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771685a85c3288ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe1.cc/imgs/728kral.webp
302 Found 0 B URL HTTP/2 sportframe1.cc/imgs/728kral.webp
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/728kral.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/728kral.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMTEaAgvCDIygINV4mxEjPY0tz1CTanvuxSozRnowdjOQSvjZHlVVt%2F1H4e5yyXpuNr1MRJ5BDxIEqt1UAJTzNBB%2F6OL5T6JmsAXsFn5xQpbBcYEDzhi1tNQ5%2FIHCrXT8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc8bb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/izle/ch77.html
200 OK 0 B URL HTTP/2 a.hosting5.cfd/futbolcafecc/izle/ch77.html
IP
GET /futbolcafecc/izle/ch77.html HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rwbc.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: text/html
last-modified: Wed, 23 Nov 2022 18:10:56 GMT
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwY3MVU2WMqJt1E30PB1zleN6O2yPLfx7kbSXPZDv4EUPVl%2BFd1Tc2%2BjlXy%2BxQxt4Ul9w8Q2yiRCCqbqWf3xfUInmDbEpsfH1JOO7tdvOlurTajBotBmy3O9tQY9qjcF5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a2aa91b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.hosting5.cfd/futbolcafecc/izle/player/player_config.js
200 OK 0 B URL HTTP/2 a.hosting5.cfd/futbolcafecc/izle/player/player_config.js
IP
GET /futbolcafecc/izle/player/player_config.js HTTP/1.1
Host: a.hosting5.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.hosting5.cfd/futbolcafecc/izle/ch77.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 18:13:07 GMT
etag: W/"637e62b3-213f"
access-control-allow-origin: *
cache-control: max-age=16070400
cf-cache-status: HIT
age: 7029
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbxs5EABP6Gr36U%2FvMAemVgWk3ZOYtVkGgV5Ai18dAiNumMZKL59Ih2WsEG82j0AbHUi%2FUlBpru0fg%2BO7xdh0qhPBI2AGaiOm38Cd9cljFnuJgF7Ohm6yaq4sAV%2FNBIPTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a49c9fb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe1.cc/imgs/728tipo.webp
302 Found 0 B URL HTTP/2 sportframe1.cc/imgs/728tipo.webp
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/728tipo.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/728tipo.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DPIYeABgEPkt8UvlKtfd3LiCdw7hWEpT6u0xSDlWRNtytpwUQfgjCg%2FA2dREfOCSxU0xZJ6taF0lJQqGiNblD5XM%2B00tMGa9BAcknA3vdB2O6effy2bhQNUPfT7Nr%2FaZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc8eb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Frwbc.net%2F&callback=window._ate.cbs.rcb_4gtq0
200 OK 0 B URL HTTP/2 widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Frwbc.net%2F&callback=window._ate.cbs.rcb_4gtq0
IP
GET /v1/urls/count.json?url=http%3A%2F%2Frwbc.net%2F&callback=window._ate.cbs.rcb_4gtq0 HTTP/1.1
Host: widgets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Mon, 28 Nov 2022 22:40:54 GMT
x-envoy-upstream-service-time: 2
x-pinterest-rid: 3455407702852732
date: Mon, 28 Nov 2022 22:25:54 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fbetcanlimacizle.html&j=https%3A%2F%2Frwbc.net%2F
200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fbetcanlimacizle.html&j=https%3A%2F%2Frwbc.net%2F
IP
GET /i/?l=https%3A%2F%2Fa.hosting5.cfd%2Ffutbolcafecc%2Fbetcanlimacizle.html&j=https%3A%2F%2Frwbc.net%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:25:53 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Mon, 28-Nov-2022 23:49:13 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Tue, 29-Nov-2022 02:25:53 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1669674353; Domain=dtscout.com; Expires=Wed, 08-Mar-2023 22:25:53 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.46
expires: Mon, 28 Nov 2022 22:25:52 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys%2BHkq%2FbMP9K0J8YTQ8zwkg60i7yd3ZIvyNKT2Ql2yZHNR9zUlDOV7hhbWUc169IiFUNoC%2F%2B6u9kuINKHbSplLrG2upvucO1z1xoPmc8Nug1j7GbWe%2BgXsPMjizlgk6N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771685a6e9a688ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sportframe1.cc/imgs/728saha.webp
302 Found 0 B URL HTTP/2 sportframe1.cc/imgs/728saha.webp
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /imgs/728saha.webp HTTP/1.1
Host: sportframe1.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rwbc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:25:52 GMT
location: https://a.hosting5.cfd/futbolcafecc/imgs/728saha.webp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa5aJlftXVhBXO%2BYfwadP1VUgfC7m1jp4%2Fyo8I2XoidHjUumMKUgvE4asUnl21CkUyHypcIQa%2BNSGT%2FWRQ21QA1WZ8kyEJCuw7Sfr%2BEui2qlpAqmHb3pt61sQETJlU6lUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771685a0fc9eb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.68.102
23.38.201.146
104.22.75.171
216.58.207.195
151.101.84.84
93.184.220.29