Overview

URL azhar4g.tk/
IP217.182.16.97
ASNAS5503 RM Education plc
Location United Kingdom
Report completed2018-12-16 14:06:29 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-12-16 14:05:54 CET 2 Client IP  217.182.16.97 ET POLICY HTTP Request to a *.tk domain
2018-12-16 14:05:55 CET 2 Client IP  217.182.16.97 ET POLICY HTTP Request to a *.tk domain
2018-12-16 14:05:54 CET 2 Client IP  217.182.16.97 ET POLICY HTTP Request to a *.tk domain
2018-12-16 14:05:54 CET 2 Client IP  217.182.16.97 ET POLICY HTTP Request to a *.tk domain
2018-12-16 14:05:54 CET 2 Client IP  217.182.16.97 ET POLICY HTTP Request to a *.tk domain


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

No other reports on IP: 217.182.16.97


Last 10 reports on ASN: AS5503 RM Education plc

Date UQ / IDS / BL URL IP
2019-03-19 22:01:22 +0100
0 - 0 - 1 https://spaces.slimspots.com/mobiledirect/?tr (...) 217.182.172.141
2019-03-19 17:20:48 +0100
2 - 0 - 3 cnhv.co/info/legal 217.182.164.9
2019-03-19 07:49:08 +0100
0 - 0 - 1 fastloadmedia.ru/libs/core/downstaler.bin 217.182.52.83
2019-03-18 18:23:49 +0100
0 - 0 - 1 joshuajasonpr.com/ 217.182.22.159
2019-03-18 18:22:27 +0100
0 - 0 - 9 technologietazo.com/ 217.182.14.103
2019-03-18 16:52:03 +0100
0 - 0 - 9 www.webercomunicaciones.es/ 217.182.51.1
2019-03-18 13:48:35 +0100
0 - 0 - 0 ecb1.tedmailing.fr/media/uploads/tedipro/2019 (...) 217.182.84.233
2019-03-18 04:25:51 +0100
0 - 0 - 2 megaklik.top/endy/endy.exe 217.182.138.150
2019-03-18 02:28:32 +0100
0 - 0 - 1 targat-china.com/nn/zb.exe 217.182.138.150
2019-03-18 02:25:55 +0100
0 - 0 - 5 fabloks.com/ki/casr.exe 217.182.138.150

No other reports on domain: azhar4g.tk



JavaScript

Executed Scripts (32)


Executed Evals (0)


Executed Writes (5)

#1 JavaScript::Write (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#2 JavaScript::Write (size: 306, repeated: 1) - SHA256: 264161db8a220a93a331aed7110937b464b8718881278a8ebc31384bd1cfc1bc

                                        < !doctype html > < html > < body > < script > google_sl_win = window.parent;
google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_0"; < /script><script>window.parent.google_sa_impl({iframeWin: window, pubWin: window.parent, vars: window.parent['google_sv_map']['aswift_0']});</script > < /body></html >
                                    

#3 JavaScript::Write (size: 306, repeated: 1) - SHA256: 5efcb9fc2a44ea42dca7f3a6201c413bf996957c8642429d6bfa6d151206a13e

                                        < !doctype html > < html > < body > < script > google_sl_win = window.parent;
google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_1"; < /script><script>window.parent.google_sa_impl({iframeWin: window, pubWin: window.parent, vars: window.parent['google_sv_map']['aswift_1']});</script > < /body></html >
                                    

#4 JavaScript::Write (size: 1373, repeated: 1) - SHA256: 1807495045cc1687a81e9d0fd0d9e83d2bc3cce457672707f709a04c3cfe80b7

                                        < iframe id = "google_ads_frame0"
name = "google_ads_frame0"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8875556660951297&amp;output=html&amp;adk=1812271804&amp;adf=807048394&amp;lmt=1543833567&amp;loeid=332260022&amp;plat=1%3A1081352%2C2%3A1081352%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1048576&amp;guci=1.2.0.0.2.2.0.0&amp;format=0x0&amp;url=http%3A%2F%2Fazhar4g.tk%2F&amp;ea=0&amp;flash=10.0.45&amp;pra=5&amp;wgl=0&amp;adsid=NT&amp;dt=1544965556471&amp;bpp=8&amp;fdt=302&amp;idt=298&amp;shv=r20181205&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;nras=1&amp;correlator=1972829757576&amp;frm=20&amp;pv=2&amp;ga_vid=1085715825.1544965557&amp;ga_sid=1544965557&amp;ga_hid=970946598&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=0&amp;ady=0&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=332260012%2C21060853%2C21061977%2C410075081&amp;oid=3&amp;rx=0&amp;eae=6&amp;fc=1936&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7Cs%7C&amp;abl=NS&amp;ppjl=u&amp;fu=16&amp;bc=1&amp;ifi=0&amp;uci=0.4bnf9xz5qyke&amp;dtd=867"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#5 JavaScript::Write (size: 1373, repeated: 1) - SHA256: 70ef24aef4508abb823807477804d8cfc8bdc0ee193b421e6e3fae5fd4e0bc47

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "468"
height = "60"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8875556660951297&amp;output=html&amp;h=60&amp;slotname=3660272241&amp;adk=3229948736&amp;adf=807048394&amp;w=468&amp;lmt=1543833567&amp;loeid=332260022&amp;guci=1.2.0.0.2.2.0.0&amp;format=468x60&amp;url=http%3A%2F%2Fazhar4g.tk%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;adsid=NT&amp;dt=1544965557550&amp;bpp=21&amp;fdt=27&amp;idt=-M&amp;shv=r20181205&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;prev_fmts=0x0&amp;nras=1&amp;correlator=1972829757576&amp;frm=20&amp;pv=1&amp;ga_vid=1085715825.1544965557&amp;ga_sid=1544965557&amp;ga_hid=970946598&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=300&amp;ady=136&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=332260012%2C21060853%2C21061977%2C410075081&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=1936&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;uci=1.5lce444oxt7x&amp;dtd=48"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    


HTTP Transactions (62)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 16 Dec 2018 12:54:46 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 03 Dec 2018 10:39:27 GMT
Etag: "35a5-57c1bc35a75c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3730
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3730
Md5:    e4dfb5f888720d1329f93a99f74fc4b3
Sha1:   aacbb830a8906512b39cb2196195b341a5329c58
Sha256: 0e12ac4d6efd0e3bad85ed1de3b6d4db1dc35b1fb21d0cf32f633f2248e94ba9

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /templates/default/assets/css/mainn.css HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 311
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   311
Md5:    e9eb46f2f72970a13efb6378c3afa3d8
Sha1:   3341a33e36630820c4f2e172f8e6ecf8e42cfc04
Sha256: a1663c323260068a1a144ee6ada6f17757fb9e6e5a76a4b3bab07ce14c569593

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /css?family=Noto+Sans:400,700,400italic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.209.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sun, 16 Dec 2018 13:05:54 GMT
Date: Sun, 16 Dec 2018 13:05:54 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   258
Md5:    6a7b3f6bd2adfe5fc7d430252766576c
Sha1:   ab6424f6463f259ec3dfdc0b07882f521ad48302
Sha256: eccfbb6cebe0bf4a9b193e8c02b9e1e7bac86a1fc632a447e8dd1dc52eba56a7
                                        
                                            GET /templates/default/assets/js/jquery-ui/css/no-theme/jquery-ui-1.10.3.custom.min.css HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 01 Feb 2014 05:32:38 GMT
Etag: "3818-4f1519e572980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3014
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3014
Md5:    cbe6e18f75f86998dacc29c650e3ad84
Sha1:   a21559cff02e0ef4b309c222fc0831d40b16f8cb
Sha256: a544d8b383dc8f5350fd1529de2c7d89bad86fb87ca78b6e7d0557b509d270a6
                                        
                                            GET /templates/default/assets/css/custom.css HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 01 Feb 2014 05:32:32 GMT
Etag: "36-4f1519dfb9c00"
Accept-Ranges: bytes
Content-Length: 54
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   54
Md5:    f3e46dc77c920ad4106d5c1b832f2ebc
Sha1:   10fa9c9e880c6d5acffa762302d7ad0c5368feeb
Sha256: 251e1a589209d064de85f12cf99578630d4f65bf1ef3a73314160aa4f6ef7871
                                        
                                            GET /templates/default/assets/js/jquery-1.10.2.min.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 13 Nov 2013 15:29:36 GMT
Etag: "16bb3-4eb10a1f47800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32802
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   32802
Md5:    7e1dc6526190c5ed10a7c46efab6308f
Sha1:   357183b385b66f7178a78ae0f29b318bf98715c4
Sha256: 4ea55c30856ac22e9991922eada0c9bc28d4f20848437da1f0ab55fe38c27bd3

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /templates/default/assets/css/font-icons/entypo/css/entypo.css HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 01 Feb 2014 05:32:32 GMT
Etag: "4815-4f1519dfb9c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3668
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3668
Md5:    b2587b8219ec1d77ab1ced9e31747ca5
Sha1:   5c0195348ef08ff7c754c97cb9d8b7a6d42bd817
Sha256: 83d6f368c32a0ab326e0ca83826f62de51d524eb126efe7f95af2d51b4182e8d
                                        
                                            GET /templates/default/assets/css/font-icons/entypo/css/animation.css HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 01 Feb 2014 05:32:32 GMT
Etag: "763-4f1519dfb9c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 251
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   251
Md5:    6e22fbe4390a9e5df8de4722245542eb
Sha1:   219383e3596617fe0b8c3bae316bdc42da5b0bec
Sha256: e67ea4f136cf83197e546bec94a857d9a59b50aa2ff43f8dfc3cb84fb2ca4ef4
                                        
                                            GET /favicon.png HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         217.182.16.97
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   284
Md5:    a54769fe73e34a2686c91ef04b8f3f28
Sha1:   a8a3be968a92b68b524ab83a7296ec71ead7296c
Sha256: a605592bb9e5e05b8ceca117ebe881077ea59b15a9a602e7f82898627d5a9e2f
                                        
                                            GET /templates/default/assets/js/bootstrap.min.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 07 Nov 2013 02:10:46 GMT
Etag: "6c64-4ea8cc60e7580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7309
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7309
Md5:    48030c45125cab2284cbfd285b04b05b
Sha1:   55e307451ce555c6bb49ae1f0bb82ad9919816bc
Sha256: d52d6262db0d804a09f0f628cf68711d7414d73a3014fdffe56f2981694db763
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Sun, 16 Dec 2018 13:05:54 GMT
Expires: Sun, 16 Dec 2018 13:05:54 GMT
Cache-Control: private, max-age=3600
Etag: 2266865073180887146
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 28224
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   28224
Md5:    29df8b2db30ed21b89e571a6e39b7156
Sha1:   ba15771b5bf0e8244651558a19a23964abbe2096
Sha256: c4d66fbf75b4b96943c221d79f8734e9a38ac2d40af9c48a50ea3f74870e69de
                                        
                                            GET /templates/default/assets/js/resizeable.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 29 Dec 2013 20:22:54 GMT
Etag: "95c-4eeb21793e380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 865
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   865
Md5:    a8e89ebf942a6c8500ca584963fe38bb
Sha1:   9de04771597f080e4616a3f9860f712f4e6ac44c
Sha256: a5de3987cde5cf0b5dfab7e5bf76e15ba2607e0317b26442a8d1b9c023191824
                                        
                                            GET /templates/default/assets/js/neon-api.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 08 Jan 2014 04:00:50 GMT
Etag: "1bac-4ef6d89d8c080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1443
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1443
Md5:    33e4634a9a39d5a5c39de84e4e63c0b9
Sha1:   4beffb6ab9583391ae40ce6f69a6e2b2f5d28e80
Sha256: f73b0de98e0561a1573a1b762e5c25438f6012ce669f01fbebeb14a1ea353fd9
                                        
                                            GET /templates/default/assets/js/jquery.validate.min.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 22 Mar 2013 18:20:16 GMT
Etag: "524c-4d88781c1f800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6362
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6362
Md5:    0cfa72ba3f1a29f903eb6022239ea29c
Sha1:   14e920f067a5f469350f34e19ab3899771b840d5
Sha256: 7fad8f94a31f231be238b1fbd414811c6d54b0eb1c8cae493ef84c47234d5e77
                                        
                                            GET /templates/default/assets/js/gsap/main-gsap.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 16 Dec 2013 17:33:14 GMT
Etag: "182bf-4edaa34dd8a80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 32655
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   32655
Md5:    697483a860a7946431fcf043915f68a8
Sha1:   b321a52cd8bd32e7caa9c74530136ddee0335531
Sha256: 397d8243db0a999b59c0c17fda8b479b1f918211be03f6c927b1091ca639edd6
                                        
                                            GET /templates/default/assets/js/neon-login.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 28 Jan 2014 21:36:46 GMT
Etag: "2043-4f10e9efc1780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2474
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2474
Md5:    fa691f5a27fc399d4f2ca03a254265a2
Sha1:   c704ce7065b5db66637b1711423d0c783aed9f8e
Sha256: f5072e00d57719163eb632fd1eb49da8c11142706def7c46045881f749047de9
                                        
                                            GET /templates/default/assets/js/jquery-ui/js/jquery-ui-1.10.3.minimal.min.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 17 Dec 2013 19:58:42 GMT
Etag: "1831c-4edc05aefa080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25116
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   25116
Md5:    0bfe806b496edbe4cb336996244fb019
Sha1:   3c1d68a3de10e10f24986b16d9fea28209cdf8ba
Sha256: 2fb5c297ba0f2045ec9b82c2842d72317ea7803348dcce8b4f4de7c4f3661ada

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /templates/default/assets/js/joinable.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 08 Jan 2014 02:53:26 GMT
Etag: "1d46a-4ef6c98ce3580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35998
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   35998
Md5:    c64cd04bceb30dacd6e967a7b29fa17e
Sha1:   b173e7a32efd3b159d7a4a6cd62361f6cbce007e
Sha256: cae9f0a8db2df39c95d07a65d8e864612ea503455f7044bf4348d1ae4cd2b8fb
                                        
                                            GET /templates/default/assets/css/neon.css HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 01 Feb 2014 05:32:36 GMT
Etag: "8dc99-4f1519e38a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   64679
Md5:    9682783451e98e8256d57f6e334c5ade
Sha1:   057a66699eb45f000bd8fb263054910009cdd30b
Sha256: ae5dce3f4b7d53305090418de8aca9897b8dad3578c090bae02291ddc6fd64c7

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /templates/default/assets/js/neon-custom.js HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 10 Jan 2014 17:24:08 GMT
Etag: "a674-4efa0fe5a9e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10515
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10515
Md5:    aee5af1ca32a2811dd11611937aa9d53
Sha1:   d4885ac9d257e0a880611e8f4e9d3e0cfa42569a
Sha256: 0e28d1d29259ce9d45c6d128dfd9acbfccc2e1267d6bdaa0f515d404691b0658
                                        
                                            GET /banner.png HTTP/1.1 
Host: hd.tezhd.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 16 Dec 2018 12:54:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 285
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   285
Md5:    739c4a826aad7966ab78aa60383f7697
Sha1:   408c754878cd7a79b33df885520eff5e85b9f1ea
Sha256: c05ef480a739e55394e18d5d838a52107b98835069d94a58497cdfa2913b73e1
                                        
                                            GET /s/notosans/v7/o-0IIpQlx3QUlC5A4PNr5TRG.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic
Origin: http://azhar4g.tk

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19284
Date: Tue, 04 Dec 2018 22:46:17 GMT
Expires: Wed, 04 Dec 2019 22:46:17 GMT
Last-Modified: Wed, 11 Oct 2017 18:23:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1001978


--- Additional Info ---
Magic:  data
Size:   19284
Md5:    4bdffaaa646258ee12f4303664e3c806
Sha1:   711a2232abbbfb55abcbfeaebc0c478f8d65e286
Sha256: 2451972dbb9b65a5ae8854d4390eff7095a70b9fe47ddb92bcd8cd821a406790
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 16 Dec 2018 13:05:55 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    465b9a017f558418ee884ebaf3b502c2
Sha1:   caad272d2cc125f59572e5d550c17a1d9f1128b4
Sha256: b333f9d97532d299e8eb1444f78edcd1203f49f4889dbf25583fac532418c666
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 16 Dec 2018 13:05:55 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=155958
Date: Sun, 16 Dec 2018 13:05:56 GMT
Etag: "5c160154-1d7"
Expires: Tue, 18 Dec 2018 08:25:14 GMT
Last-Modified: Sun, 16 Dec 2018 07:40:04 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    a5d13caf23559dc55bc8ab4c61eea5ed
Sha1:   238ce3e56f6c69af5a688fe26be7021ed24e6bc3
Sha256: 15e5b78a209bc8557e2c5556189f16139936d5c349faa9bef34e551c238f19c1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=135136
Date: Sun, 16 Dec 2018 13:05:56 GMT
Etag: "5c15aaa4-1d7"
Expires: Tue, 18 Dec 2018 02:38:12 GMT
Last-Modified: Sun, 16 Dec 2018 01:30:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    012c8fea744653ff9c7440d6ccdfeb46
Sha1:   757c409766797f25724481dfb61bf499a8bd5d4a
Sha256: e09ebfb388f393c42b978bcd9d94dba4b0b2a2cca27f21a6aefb0acfde82b31c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=149679
Date: Sun, 16 Dec 2018 13:05:56 GMT
Etag: "5c15de41-1d7"
Expires: Tue, 18 Dec 2018 06:40:35 GMT
Last-Modified: Sun, 16 Dec 2018 05:10:25 GMT
Server: ECS (ams/D02F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    0340711d4a7e4acd45bcd9ba97146494
Sha1:   2b198e1342f2109c07c4a4cb50719ff2b5a0a455
Sha256: 3db5ad3404cd22678bb9561fa13915269b689d64f50232a4753c35de6f7d893f
                                        
                                            POST / HTTP/1.1 
Host: s.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.51.123.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1754
Content-Transfer-Encoding: binary
Cache-Control: max-age=319657, public, no-transform, must-revalidate
Last-Modified: Thu, 13 Dec 2018 05:49:10 GMT
Expires: Thu, 20 Dec 2018 05:49:10 GMT
Date: Sun, 16 Dec 2018 13:05:56 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1754
Md5:    ce5cdbd2cf405af5c1dc00c2abb5c032
Sha1:   cd082dfd59fb62eb8018f161925c9c4248ddb733
Sha256: 7785101d1519cc282b1f4b43737771b1b4436f6b6baece60dbd4b4b9ff971f71
                                        
                                            GET /-WR82t54N9YU/Vjz8AjGVaJI/AAAAAAAApeQ/YWhk6Q326vk/s0/pakistan-flag-animation.gif HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         172.217.21.129
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "va5e7"
Expires: Mon, 17 Dec 2018 13:05:56 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pakistan-flag-animation.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 16 Dec 2018 13:05:56 GMT
Server: fife
Content-Length: 63076
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 120
Size:   63076
Md5:    44ae455ff1675a06d9840a46e8b52c74
Sha1:   24c51ca4e7d75ec3c1a4d13d041e05b59615957a
Sha256: 0473eb50029d6a1a4eb042b0bbf8f164641b38234cdb5e021a36fa840c46d47b
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 16 Dec 2018 13:05:56 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ddcde1fc8e36fd2eb2097fd2a173221d
Sha1:   eacf6389e2f98098cd0811494367c41dbd6970a2
Sha256: 67005ac564e1e2b01a512472b692b20f5d542decc07dd8b2ac7893bedf826554
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 16 Dec 2018 13:05:56 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d6d2eafa5f9f6b79775e7edaf7ac7e31
Sha1:   1fb0ba899b37fccb75920fe0a2455602a1bcc575
Sha256: 4a821ec784369005c461fe9bfb8077433a25c35feec4d0fb7ff38b8eec14cadf
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 16 Dec 2018 13:05:56 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    cd9ac6aa9b47f0a2d3acef8afc89d451
Sha1:   bc4d06590383a2fdb7f4c50b500d3f34decf0814
Sha256: 37592d8b3bd03267f202e6157a251d3d9dc3bb98eba4ab533de9af02e19b0624
                                        
                                            GET /adsid/integrator.js?domain=azhar4g.tk HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Sun, 16 Dec 2018 13:05:56 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /en_US/i/scr/pixel.gif HTTP/1.1 
Host: www.paypalobjects.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         104.123.121.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Apache
Last-Modified: Thu, 10 May 2018 20:41:53 GMT
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 16 Dec 2018 13:05:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 16 Dec 2018 13:05:56 GMT
Connection: keep-alive
Set-Cookie: PYPF=CT; expires=Sun, 13-Jan-2019 13:05:56 GMT; path=/; domain=.paypalobjects.com
P3P: CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    fc94fb0c3ed8a8f909dbc7630a0987ff
Sha1:   56d45f8a17f5078a20af9962c992ca4678450765
Sha256: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
                                        
                                            GET /adsid/integrator.js?domain=azhar4g.tk HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Sun, 16 Dec 2018 13:05:56 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /pagead/js/r20181205/r20180604/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Sun, 16 Dec 2018 13:05:56 GMT
Expires: Sun, 16 Dec 2018 13:05:56 GMT
Cache-Control: private, max-age=1209600
Etag: 11651059295933233243
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 75629
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   75629
Md5:    dd8f7327a57b5024b7afe88267e56b35
Sha1:   a700fe67d73e1a345f46126d5ab4193ef0033887
Sha256: 53919813bb81de4065de0878d2a4c54edb7b7999f152b7cecf3338c7dc73506f
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "f137d48c145890d81009c8bb54ef05ab"
Expires: Sun, 16 Dec 2018 13:05:56 GMT
Date: Sun, 16 Dec 2018 13:05:56 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=150=Z7ITxycFlI1uA4jBQ6XWctOtVqpfE3HZVbQgazQxeT2QMRhdA4I-DXSjEvNbqf18HuYW7AezBSlfR-aPlJQx4tYOBlNIjzrFcOUm9ebJUr5gfYWZqyb2RSM_3jI_uh1pzKE5oZvEFednMu0Zz36RkQxAY_ML4fbnVASVzMDydLg;Domain=.google.com;Path=/;Expires=Mon, 17-Jun-2019 13:05:56 GMT;HttpOnly
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16820
Md5:    c6addc0a53b4db70e26d131a475c8605
Sha1:   5df8a1d7440732854f0b8206545cdec098b10d9b
Sha256: 6dd7e355b2fe421115d28064b98ff79d597401139fcd1a3857dde3f076ba8af8
                                        
                                            GET /s/notosans/v7/o-0OIpQlx3QUlC5A4PNr4ARCQ_8.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic
Origin: http://azhar4g.tk

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18560
Date: Fri, 07 Dec 2018 22:09:25 GMT
Expires: Sat, 07 Dec 2019 22:09:25 GMT
Last-Modified: Wed, 11 Oct 2017 18:25:11 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 744991


--- Additional Info ---
Magic:  data
Size:   18560
Md5:    164d380d71bd87a07b1fc888512b333e
Sha1:   ff61e24b2c9c5fba3a020650312afab4472a8fb8
Sha256: 234014c5903360d342b4fd2fba5a613a1f91db6db92ea7f5d447187739283ad1
                                        
                                            GET /templates/default/assets/css/font-icons/entypo/font/entypo.woff?71205724 HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/templates/default/assets/css/font-icons/entypo/css/entypo.css

                                         
                                         217.182.16.97
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Date: Sun, 16 Dec 2018 12:54:48 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2013 03:31:28 GMT
Etag: "9d80-4eb1ab78d2400"
Accept-Ranges: bytes
Content-Length: 40320
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   40320
Md5:    a033955de72f912ecffb31dab2aa6032
Sha1:   c227c4dbb358de1325c89a6d3efd89c8b39931d4
Sha256: 7ffbe887817ae548550910bd20e191191fd027ef89d4e39d1825e4c9a2ebf03d
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 16 Dec 2018 13:05:57 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    7c2d52fd2c4347886d01e6a8d209c169
Sha1:   61b072c3efa25bac46eb53860a66d3d9d0a30372
Sha256: aba27fcfecaa54e07ce0c2817cc2755cb30a7aebee0f87e1309b305b58b3ba8e
                                        
                                            GET /pagead/html/r20181205/r20180604/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 12 Dec 2018 05:09:51 GMT
Expires: Wed, 26 Dec 2018 05:09:51 GMT
Etag: 12810928231326100212
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6940
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 374166
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6940
Md5:    d777326182433d075d044edb2f090fa9
Sha1:   6b39f197a7908fff24360fe81de0d221134a3197
Sha256: c8232f61c75ebbbe71b20c2aca70b70dcb6b65a0d35509a9ada4994a41c1976b
                                        
                                            GET /pub-config/r20160913/ca-pub-8875556660951297.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sun, 16 Dec 2018 13:05:57 GMT
Expires: Mon, 17 Dec 2018 01:05:57 GMT
Cache-Control: public, max-age=43200
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
Content-Length: 88
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   88
Md5:    447300cfe76a026545c27482e7ada077
Sha1:   995fa7efb4f9b8be29ea4c3c69a361e0a1f27ba1
Sha256: 994d8a1f3b94c1b503343b827ffd37a0a2a50015d48a054812591825cc305a40
                                        
                                            GET /pagead/js/r20181205/r20100101/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 12 Dec 2018 05:09:31 GMT
Expires: Wed, 26 Dec 2018 05:09:31 GMT
Etag: 10366987592970477111
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 26696
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 374186
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26696
Md5:    91a87cc2bcd9cbebc88e95671016e324
Sha1:   fdcd51c5aa00495a55a559c4fa79a812d19f1cd7
Sha256: c7ebfc575409dc9731cca912ef08a2ac5f39e40ef4d2d853ec7f45dabacdc7e1
                                        
                                            GET /banner.png HTTP/1.1 
Host: hd.tezhd.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         217.182.16.97
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 16 Dec 2018 12:54:49 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   285
Md5:    739c4a826aad7966ab78aa60383f7697
Sha1:   408c754878cd7a79b33df885520eff5e85b9f1ea
Sha256: c05ef480a739e55394e18d5d838a52107b98835069d94a58497cdfa2913b73e1
                                        
                                            GET /pagead/ads?client=ca-pub-8875556660951297&output=html&adk=1812271804&adf=807048394&lmt=1543833567&loeid=332260022&plat=1%3A1081352%2C2%3A1081352%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1048576&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fazhar4g.tk%2F&ea=0&flash=10.0.45&pra=5&wgl=0&adsid=NT&dt=1544965556471&bpp=8&fdt=302&idt=298&shv=r20181205&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=1972829757576&frm=20&pv=2&ga_vid=1085715825.1544965557&ga_sid=1544965557&ga_hid=970946598&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=0&ady=0&biw=1176&bih=754&scr_x=0&scr_y=0&eid=332260012%2C21060853%2C21061977%2C410075081&oid=3&rx=0&eae=6&fc=1936&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=1&ifi=0&uci=0.4bnf9xz5qyke&dtd=867 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 16 Dec 2018 13:05:57 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 16-Dec-2018 13:20:57 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   82
Md5:    87b49554493c15fb23b8e5d2f13b1ebf
Sha1:   328cbcb1c58530fd3f554ca7386ef7a85e1e982f
Sha256: 590b4bba70579d67368d97259fc85f56fda4fa5cb82f404fa8ec67a43369db17
                                        
                                            GET /pagead/ads?client=ca-pub-8875556660951297&output=html&h=60&slotname=3660272241&adk=3229948736&adf=807048394&w=468&lmt=1543833567&loeid=332260022&guci=1.2.0.0.2.2.0.0&format=468x60&url=http%3A%2F%2Fazhar4g.tk%2F&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1544965557550&bpp=21&fdt=27&idt=-M&shv=r20181205&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1972829757576&frm=20&pv=1&ga_vid=1085715825.1544965557&ga_sid=1544965557&ga_hid=970946598&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=300&ady=136&biw=1176&bih=754&scr_x=0&scr_y=0&eid=332260012%2C21060853%2C21061977%2C410075081&oid=3&rx=0&eae=4&fc=1936&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&uci=1.5lce444oxt7x&dtd=48 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         216.58.207.194
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 16 Dec 2018 13:05:57 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 16-Dec-2018 13:20:57 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   82
Md5:    87b49554493c15fb23b8e5d2f13b1ebf
Sha1:   328cbcb1c58530fd3f554ca7386ef7a85e1e982f
Sha256: 590b4bba70579d67368d97259fc85f56fda4fa5cb82f404fa8ec67a43369db17
                                        
                                            GET /en_US/i/btn/btn_buynowCC_LG.gif HTTP/1.1 
Host: www.paypalobjects.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/
Cookie: PYPF=CT

                                         
                                         104.123.121.136
HTTP/1.1 302 Moved Temporarily
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif?akam_redir=1
Cache-Control: max-age=7776000
Expires: Sat, 16 Mar 2019 13:05:57 GMT
Date: Sun, 16 Dec 2018 13:05:57 GMT
Connection: keep-alive
Set-Cookie: AKA_MVT_ID=659fef5007170000b54d165c43030000d6981800; expires=Sun, 16-Dec-2018 13:15:57 GMT; path=/; domain=.paypalobjects.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000


--- Additional Info ---
                                        
                                            GET /s/notosans/v7/o-0NIpQlx3QUlC5A4PNjXhFVZNyH.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic
Origin: http://azhar4g.tk

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19372
Date: Tue, 11 Dec 2018 16:59:31 GMT
Expires: Wed, 11 Dec 2019 16:59:31 GMT
Last-Modified: Wed, 11 Oct 2017 18:23:19 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 417986


--- Additional Info ---
Magic:  data
Size:   19372
Md5:    75d288254ebf75e35a355823ac2b3d8f
Sha1:   6662eaf4e1243b5dec3ee929b714cfea90368bdd
Sha256: 830bbf7bee3df038c78114f29952cdc0412557e87c62fd6905a7ac4e2d2d11ee
                                        
                                            GET /favicon.png HTTP/1.1 
Host: azhar4g.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         217.182.16.97
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 16 Dec 2018 12:54:50 GMT
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   284
Md5:    a54769fe73e34a2686c91ef04b8f3f28
Sha1:   a8a3be968a92b68b524ab83a7296ec71ead7296c
Sha256: a605592bb9e5e05b8ceca117ebe881077ea59b15a9a602e7f82898627d5a9e2f
                                        
                                            GET /en_US/i/btn/btn_buynowCC_LG.gif?akam_redir=1 HTTP/1.1 
Host: www.paypalobjects.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/
Cookie: PYPF=CT; AKA_MVT_ID=659fef5007170000b54d165c43030000d6981800

                                         
                                         104.123.121.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Apache
Last-Modified: Thu, 10 May 2018 20:41:52 GMT
Accept-Ranges: bytes
Content-Length: 3091
Cache-Control: max-age=7776000
Expires: Sat, 16 Mar 2019 13:05:58 GMT
Date: Sun, 16 Dec 2018 13:05:58 GMT
Connection: keep-alive
Set-Cookie: AKA_MVT_BUTTONS=|btn_buynowCC_LG.gif=btn_buynowCC_LG_var4.gif|; expires=Sun, 23-Dec-2018 13:05:58 GMT; path=/; domain=.paypalobjects.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000


--- Additional Info ---
Magic:  GIF image data, version 89a, 171 x 47
Size:   3091
Md5:    34772043efc93ccb66abac570e1f4709
Sha1:   3bad2befd9c5af50458a7b0c888734e8ddda1c48
Sha256: 5d754136a0e1d699d48fa6850556e977974343c0785ecd5de89ad7d88ea8e180
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.ovH4L1GQXbU.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/
Cookie: NID=150=Z7ITxycFlI1uA4jBQ6XWctOtVqpfE3HZVbQgazQxeT2QMRhdA4I-DXSjEvNbqf18HuYW7AezBSlfR-aPlJQx4tYOBlNIjzrFcOUm9ebJUr5gfYWZqyb2RSM_3jI_uh1pzKE5oZvEFednMu0Zz36RkQxAY_ML4fbnVASVzMDydLg

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 39661
Date: Wed, 12 Dec 2018 05:07:58 GMT
Expires: Thu, 12 Dec 2019 05:07:58 GMT
Last-Modified: Sun, 09 Dec 2018 10:31:36 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 374280
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   39661
Md5:    431af720b745fe8c8737ad86b5039f47
Sha1:   96ecd14e159825b3f74bda0810575a2a68601cc9
Sha256: 113fe994c0477a3dfec9d2b4a6efeb429c79a4b301d6734f3b04b28088792f25
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.ovH4L1GQXbU.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g/cb=gapi.loaded_1 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/
Cookie: NID=150=Z7ITxycFlI1uA4jBQ6XWctOtVqpfE3HZVbQgazQxeT2QMRhdA4I-DXSjEvNbqf18HuYW7AezBSlfR-aPlJQx4tYOBlNIjzrFcOUm9ebJUr5gfYWZqyb2RSM_3jI_uh1pzKE5oZvEFednMu0Zz36RkQxAY_ML4fbnVASVzMDydLg

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 42079
Date: Tue, 11 Dec 2018 00:22:40 GMT
Expires: Wed, 11 Dec 2019 00:22:40 GMT
Last-Modified: Sun, 09 Dec 2018 10:31:36 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 477798
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   42079
Md5:    40a15ac5836e80a369691c7e00e183dd
Sha1:   f0263bc013f2093ac2cde24818b81f8bd14bafb7
Sha256: 400ec495c2291adbfdcc7ebc14d43637a99d8e4d6e515e6db8f9593bb1128733
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 16 Dec 2018 13:05:58 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    2dfc3f4ccdcda957fdfa68a191aa5db8
Sha1:   d9b7cdd90b9e23323ebb9d23f28df24d316e0c23
Sha256: c60c1780842a2bde2dc30ed21f797bcc4fa219c78db24e7000b930c8b143ef10
                                        
                                            GET /subscribe_embed?usegapi=1&count=default&layout=full&channelid=UCN9cJCGGcGIWQXKh61M0XAg&origin=http%3A%2F%2Fazhar4g.tk&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ovH4L1GQXbU.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g%2Fm%3D__features__ HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Expires: Tue, 27 Apr 1971 19:44:06 EST
X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
Date: Sun, 16 Dec 2018 13:05:58 GMT
Server: YouTube Frontend Proxy
Set-Cookie: VISITOR_INFO1_LIVE=u7RIyyk_XfU; path=/; domain=.youtube.com; expires=Fri, 14-Jun-2019 13:05:58 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sat, 17-Aug-2019 00:58:58 GMT YSC=6MjhIDty1yU; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Sun, 16-Dec-2018 13:35:58 GMT
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   1969
Md5:    a9771361d5488081107f76ed8ad940d6
Sha1:   ceb58559a3db916e6d49e272bcea38ac7891a906
Sha256: b4da4493a52733af0d309bf523d0a9f81614a718acad5c5688e0f14a883d329d
                                        
                                            GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fazhar4g.tk&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ovH4L1GQXbU.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g%2Fm%3D__features__ HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://azhar4g.tk/
Cookie: NID=150=Z7ITxycFlI1uA4jBQ6XWctOtVqpfE3HZVbQgazQxeT2QMRhdA4I-DXSjEvNbqf18HuYW7AezBSlfR-aPlJQx4tYOBlNIjzrFcOUm9ebJUr5gfYWZqyb2RSM_3jI_uh1pzKE5oZvEFednMu0Zz36RkQxAY_ML4fbnVASVzMDydLg

                                         
                                         216.58.207.205
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 16 Dec 2018 13:05:59 GMT
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   360
Md5:    8754628908dc10031daaa48ccde681ac
Sha1:   1ab8c3596e72107501bb05ee6aa6e671b9b38283
Sha256: 89544d94041044240999236c77876cb286dd6baa13da206963c1ab590a7a3aee
                                        
                                            GET /yts/cssbin/www-subscribe-embed-vflVM2IOJ.css HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&count=default&layout=full&channelid=UCN9cJCGGcGIWQXKh61M0XAg&origin=http%3A%2F%2Fazhar4g.tk&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ovH4L1GQXbU.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g%2Fm%3D__features__
Cookie: VISITOR_INFO1_LIVE=u7RIyyk_XfU; PREF=f1=50000000; YSC=6MjhIDty1yU; GPS=1

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 6009
Date: Wed, 12 Dec 2018 05:33:51 GMT
Expires: Thu, 12 Dec 2019 05:33:51 GMT
Last-Modified: Thu, 06 Dec 2018 02:30:31 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 372728
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6009
Md5:    0b8b982c7610f33898fa773e23358ef2
Sha1:   9785a00ef53a0979ea7869c424119a607de37510
Sha256: d0f0a41b185e128b0a0357fb8992bcede0bc2208341fd84ce9f64ff171cbb94e
                                        
                                            GET /yts/jsbin/www-subscribe-embed-vfl0qGUxq/www-subscribe-embed.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&count=default&layout=full&channelid=UCN9cJCGGcGIWQXKh61M0XAg&origin=http%3A%2F%2Fazhar4g.tk&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ovH4L1GQXbU.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g%2Fm%3D__features__
Cookie: VISITOR_INFO1_LIVE=u7RIyyk_XfU; PREF=f1=50000000; YSC=6MjhIDty1yU; GPS=1

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 44885
Date: Fri, 14 Dec 2018 15:25:24 GMT
Expires: Sat, 22 Dec 2018 15:25:24 GMT
Last-Modified: Fri, 14 Dec 2018 10:30:57 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 164435
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   44885
Md5:    eedde887acad511fc47a91192d516e14
Sha1:   580e1394acb19c1b6f36beb801a651bda56aae9b
Sha256: f7cc7e289f0264b4ea694d389529b03419dce55ae4240ff02526d7debbe8ac7d
                                        
                                            GET /js/rpc:shindig_random.js?onload=init HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fazhar4g.tk&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ovH4L1GQXbU.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g%2Fm%3D__features__
Cookie: NID=150=Z7ITxycFlI1uA4jBQ6XWctOtVqpfE3HZVbQgazQxeT2QMRhdA4I-DXSjEvNbqf18HuYW7AezBSlfR-aPlJQx4tYOBlNIjzrFcOUm9ebJUr5gfYWZqyb2RSM_3jI_uh1pzKE5oZvEFednMu0Zz36RkQxAY_ML4fbnVASVzMDydLg

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "8dadb9c819cb616fc7497904867e9275"
Expires: Sun, 16 Dec 2018 13:05:59 GMT
Date: Sun, 16 Dec 2018 13:05:59 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   4678
Md5:    ec6d7fbedf4d7465d1325a6e626b59a3
Sha1:   d12466b456aad5b30fbe6237b15a21655ed5ecd4
Sha256: c5bed090188f1c35294ecbccab1b2c8d0b7a7e23520f73cf99458e9390e0cf66
                                        
                                            GET /yts/imgbin/www-hitchhiker-vfllYIUv0.png HTTP/1.1 
Host: s.ytimg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/yts/cssbin/www-subscribe-embed-vflVM2IOJ.css

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Vary: Origin
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 33305
Date: Sat, 15 Dec 2018 23:45:39 GMT
Expires: Sun, 15 Dec 2019 23:45:39 GMT
Last-Modified: Fri, 14 Dec 2018 19:13:41 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 48021
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  PNG image, 290 x 942, 8-bit colormap, non-interlaced
Size:   33305
Md5:    958214bf47f5508c8aff04320b25efd5
Sha1:   f2a77035c0cce2fdc43cbcb7475d57c9ccded422
Sha256: 44a4f1ad5ef3b2e83635601a1233625e9d645108795cae8f576db050afdfd24c
                                        
                                            GET /accounts/o/748736246-postmessagerelay.js HTTP/1.1 
Host: ssl.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fazhar4g.tk&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ovH4L1GQXbU.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g%2Fm%3D__features__

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3892
Date: Tue, 11 Dec 2018 16:57:46 GMT
Expires: Wed, 11 Dec 2019 16:57:46 GMT
Last-Modified: Sat, 08 Dec 2018 03:24:37 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 418094
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3892
Md5:    426c1a3faf24e442993d785a45b961ec
Sha1:   66c3e6a705875959be219d8f0be12c03bf4651e4
Sha256: de8a66f90d2f8097aa0df79cbda696701ebfb9f3372ca2462d8892d13ef2f3af
                                        
                                            GET /a-/AN66SAwLQj6_76Rma2sLEBCXpCMkgkn4sDci6xWisg=s48-c-k-c0xffffffff-no-rj-mo HTTP/1.1 
Host: yt3.ggpht.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&count=default&layout=full&channelid=UCN9cJCGGcGIWQXKh61M0XAg&origin=http%3A%2F%2Fazhar4g.tk&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ovH4L1GQXbU.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g%2Fm%3D__features__

                                         
                                         172.217.21.129
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v3e"
Expires: Mon, 17 Dec 2018 13:06:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 16 Dec 2018 13:06:00 GMT
Server: fife
Content-Length: 2394
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   2394
Md5:    a251411486e9c3f536ad4a6c552db238
Sha1:   6efb03f166849ce329fb003b64a8824f7527bf1a
Sha256: 8cd9285ae44d652bba35680fd3689f6784146eaab4664c67cb4a973a6a670552
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.ovH4L1GQXbU.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=QQ/rs=AGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fazhar4g.tk&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.ovH4L1GQXbU.O%2Fam%3DQQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPIcZXE9FCiF0NG096nQcdxr7QS9g%2Fm%3D__features__
Cookie: NID=150=Z7ITxycFlI1uA4jBQ6XWctOtVqpfE3HZVbQgazQxeT2QMRhdA4I-DXSjEvNbqf18HuYW7AezBSlfR-aPlJQx4tYOBlNIjzrFcOUm9ebJUr5gfYWZqyb2RSM_3jI_uh1pzKE5oZvEFednMu0Zz36RkQxAY_ML4fbnVASVzMDydLg

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16531
Date: Wed, 12 Dec 2018 05:08:50 GMT
Expires: Thu, 12 Dec 2019 05:08:50 GMT
Last-Modified: Sun, 09 Dec 2018 10:31:36 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 374230
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   16531
Md5:    a12587ad338bb85386ed1cf2faa492b4
Sha1:   78c057341c8356a4c4bf422b02d7157427e26b5f
Sha256: 3461305450815481c8e5a0b27699e44e6fddda92bf5dd72f313cbd1a6ead5842