Overview

URL flipmerki.cf/
IP104.28.14.28
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2017-09-14 07:25:50 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-09-14 07:25:16 CEST 2 Client IP  Internal IP ET DNS Query to a *.top domain - Likely Hostile


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 3 reports on IP: 104.28.14.28

Date UQ / IDS / BL URL IP
2017-09-15 20:54:54 +0200
0 - 2 - 1 us.cryuyaoc.pw/sadd/0_index0.php 104.28.14.28
2017-08-14 07:51:15 +0200
0 - 0 - 0 streamportal.sportsdonkey.club 104.28.14.28
2017-07-18 23:52:04 +0200
0 - 0 - 2 us.cryuyaoc.pw/sadd/0_index0.php 104.28.14.28

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2017-09-21 12:27:23 +0200
0 - 0 - 4 hotjapaneseschoolgirls.com/ 104.18.62.7
2017-09-21 12:27:02 +0200
0 - 0 - 1 biz7739567691.xinlimaoyi.com/ 162.159.238.165
2017-09-21 12:26:48 +0200
0 - 0 - 1 https://www.unknowncheats.me/forum/downloads. (...) 104.27.118.74
2017-09-21 12:26:45 +0200
0 - 0 - 0 midtowncomics.com 104.20.39.246
2017-09-21 12:24:32 +0200
0 - 0 - 0 www.clictune.com/id=491051 104.24.110.139
2017-09-21 12:17:28 +0200
0 - 0 - 0 www.spine.host/ga/?c\=_ga 104.28.8.40
2017-09-21 12:12:52 +0200
0 - 1 - 8 www.idiomassemfronteiras.org/idiomas-sem-fron (...) 104.18.40.189
2017-09-21 12:10:02 +0200
0 - 0 - 1 wang45348.honpu.com/ 162.159.224.166
2017-09-21 12:08:48 +0200
0 - 0 - 2 www.grainua.com/ 104.27.189.162
2017-09-21 12:07:36 +0200
0 - 0 - 1 supergeldmethode.com/ 104.27.152.99

No other reports on domain: flipmerki.cf



JavaScript

Executed Scripts (13)


Executed Evals (0)


Executed Writes (3)

#1 JavaScript::Write (size: 301, repeated: 1) - SHA256: 8a7fc369a4852a1f104b6217ee9ea1836c8a5eea7665b5ddee78fd82e4c022b5

                                        < a href = '//www.liveinternet.ru/click'
target = _blank > < img src = '//counter.yadro.ru/hit?t52.6;rhttp%3A//flipmerki.cf/;s1176*885*24;uhttp%3A//av.gally.jp/cntr.php;0.8624786484166257'
alt = ''
title = 'LiveInternet: number of pageviews and visitors for 24 hours is shown'
border = '0'
width = '88'
height = '31' > < /a>
                                    

#2 JavaScript::Write (size: 240, repeated: 1) - SHA256: e9484a8d0577a12a82986de06cd64621455e5fec646bde515803dd28269058c2

                                        < iframe frameborder = "0"
scrolling = "no"
width = "300"
height = "250"
src = "http://syndication.exosrv.com/ads-iframe-display.php?idzone=2216953&type=300x250&p=http%3A//flipmerki.cf/&dt=1505366718284&sub=&tags=&screen_resolution=1176x885" > < /iframe>
                                    

#3 JavaScript::Write (size: 240, repeated: 1) - SHA256: 4b04eb4ff7a85289db873be4f2ff521a8085a344801711145ad095d4d63ebcbd

                                        < iframe frameborder = "0"
scrolling = "no"
width = "300"
height = "250"
src = "http://syndication.exosrv.com/ads-iframe-display.php?idzone=2303833&type=300x250&p=http%3A//flipmerki.cf/&dt=1505366718279&sub=&tags=&screen_resolution=1176x885" > < /iframe>
                                    


HTTP Transactions (46)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: flipmerki.cf
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.28.15.28
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 05:25:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=daf215a8d9dc5997c7d18fc56614a987e1505366715; expires=Fri, 14-Sep-18 05:25:15 GMT; path=/; domain=.flipmerki.cf; HttpOnly PHPSESSID=jsu729vlv8he09u4qu90sk8l61; path=/
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Server: cloudflare-nginx
CF-RAY: 39e0ecb590464261-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6653
Md5:    9ea2c7f98baf5c71571231c9dd7d31e1
Sha1:   581f1bd26509bd7408d6caee5be25f4760d0b93c
Sha256: f5fbcb6e527c136b8c3e2c79cbb5f76a6897a20a38ddb65532324170afee2983
                                        
                                            GET /exo.php HTTP/1.1 
Host: mygf.gdn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         31.214.157.75
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 14 Sep 2017 05:25:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.6.31
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   340
Md5:    01490d3f1619998bd728a038c3a06bae
Sha1:   f01812a430d4f652adeb4edad8bb7aa04ccacb8d
Sha256: c0563db24777cdb14d89cf04dd85e7f05e71a146c00044eedb1c7cb07b6478e3
                                        
                                            GET /exo.php HTTP/1.1 
Host: edating.top
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         104.31.93.109
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 05:25:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d65936800e1fa6e0fbbbd18b7bc2549e81505366716; expires=Fri, 14-Sep-18 05:25:16 GMT; path=/; domain=.edating.top; HttpOnly
X-Powered-By: PHP/5.6.31
Server: cloudflare-nginx
CF-RAY: 39e0ecb8c3604297-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   349
Md5:    87ce8a464a6c6283e269da8c12024728
Sha1:   288901ad18453fdc3ca9ae6729b3113c8cbdd706
Sha256: fc88a0bc1ae72ef888e0828db077bab786587f4092d0c4da0f01aceef1718afd
                                        
                                            GET /cube.php HTTP/1.1 
Host: jpx.life
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         104.27.157.16
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 05:25:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da354f49a7a61ff8791ae998162bc5b751505366716; expires=Fri, 14-Sep-18 05:25:16 GMT; path=/; domain=.jpx.life; HttpOnly
X-Powered-By: PHP/5.6.30
Server: cloudflare-nginx
CF-RAY: 39e0ecb8c722428b-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   534
Md5:    e87ab5e4f74e43e3dc3bc73a587f35d0
Sha1:   8951d48f326d594abd2ff6bc4d8c2f85ba488298
Sha256: 6138d4aafc388d4f3f8238aa603203cd5e9edba2ee4277644879f1446d1d0612
                                        
                                            GET /jads.php HTTP/1.1 
Host: erot.bid
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         31.214.157.75
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 14 Sep 2017 05:25:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.6.31
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   489
Md5:    c10078b393a53fdf9f25a7ba60cf936a
Sha1:   c06a4ffb7f0359fd00e9882ff47eb1e3fd6e615a
Sha256: d923b1b87754c7f190d8b4449d79341e8568a47b2e4f51c2f580409669e5399e
                                        
                                            GET /cntr.php HTTP/1.1 
Host: av.gally.jp
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         192.99.14.211
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.13.5
Date: Thu, 14 Sep 2017 05:25:16 GMT
Content-Length: 406
Connection: keep-alive
X-Powered-By: PHP/5.6.30-0+deb8u1
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   406
Md5:    6a5f54dc6c88d085c7ece5ae9b02d31e
Sha1:   26d9a06db68a870f165176530b9a6d8db78d0b7c
Sha256: 5228d5032c314908c7e95510abd921259700e734fe27cf7b3852778b264fb212
                                        
                                            GET /jam_min.js HTTP/1.1 
Host: js.juicyads.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://erot.bid/jads.php

                                         
                                         198.232.125.132
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 14 Sep 2017 05:25:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 06 Jun 2016 18:41:27 GMT
Etag: W/"5755c3d7-5394"
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6760
Md5:    ea621279dc503aa46b3ce13d2d944387
Sha1:   b9c70caaa9b16e9121f943d63fa686127653a501
Sha256: f1c02f4b8abc58beb5f9fbbb7595c62a57b76316505ea8e21e0afb68a26daac5
                                        
                                            GET /pub.js HTTP/1.1 
Host: prscripts.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://jpx.life/cube.php

                                         
                                         23.235.244.224
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Thu, 14 Sep 2017 05:25:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=db53988f70cc061aa75af14d80c26ecb; path=/ woa1quur7O=7cbda49b49043dbfd6ac9ff013ecd5e3f2e8a815d39cdaa37d7d47bc1b204696b71b396980f4c4ed2ee92a468956adf178554e201340232df8dff54825fe2f37; expires=Tue, 13-Mar-2018 05:25:17 GMT; Max-Age=15552000
Pragma: no-cache
Cache-Control: must-revalidate, no-cache, no-transform
Expires: Tue, 31 Dec 2013 23:59:59 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   31186
Md5:    38666227310d70a5813d85dc1522e7da
Sha1:   a775b67114ecedb524005f94fc5669a535b996b8
Sha256: 1c9753cf40595285d55efee497dc1d280cfa199f8e0702c43ff4a1af0d8f6e66
                                        
                                            GET /hit?t52.6;rhttp%3A//flipmerki.cf/;s1176*885*24;uhttp%3A//av.gally.jp/cntr.php;0.8624786484166257 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://av.gally.jp/cntr.php

                                         
                                         88.212.196.124
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Thu, 14 Sep 2017 05:25:17 GMT
Server: 0W/0.8c
Location: http://counter.yadro.ru/hit?q;t52.6;rhttp%3A//flipmerki.cf/;s1176*885*24;uhttp%3A//av.gally.jp/cntr.php;0.8624786484166257
Content-Length: 32
Expires: Tue, 13 Sep 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: FTID=1PkXAz1Zrhvc1PkXAz00BJUG; path=/; expires=Thu, 13 Sep 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  HTML document text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /j/a/p/japanweb/kjhgeg.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:16 GMT
Content-Length: 39393
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:18:15 GMT
Etag: "59a2aa77-99e1"
Cache-Control: max-age=1618420
X-Oke-Middle-Via: oke-u19-middle205 from cache
Expires: Tue, 26 Sep 2017 11:18:40 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058004
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   39393
Md5:    42a82679f4cc8246761f639894c5099b
Sha1:   bf70d7f8946d0d834151bdbe6ef143b732081043
Sha256: 20fdd0e450bda62030b19f19435edda75f718fa6d33951a22666c95239aa03a1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         195.159.219.11
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "6631F22E95C2D20BD12138BE03A2DCB5505A51677705E05AA97E407822C5DB7D"
Last-Modified: Mon, 11 Sep 2017 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=25898
Expires: Thu, 14 Sep 2017 12:36:55 GMT
Date: Thu, 14 Sep 2017 05:25:17 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    af4d6308fe32c6c5f2e5cf90a367271b
Sha1:   4134beb2e54c61fd370d1c4bfa72c1dfb0ffef23
Sha256: 6631f22e95c2d20bd12138be03a2dcb5505a51677705e05aa97e407822c5db7d
                                        
                                            GET /js/jads.js HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://erot.bid/jads.php

                                         
                                         192.230.77.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Etag: "58754e06-eb9"
Last-Modified: Tue, 10 Jan 2017 21:11:34 GMT
Content-Length: 1720
Content-Encoding: gzip
Date: Thu, 14 Sep 2017 05:25:17 GMT
Set-Cookie: visid_incap_165243=W7Rn6AIZTne7f8VyuUU6Rb0SulkAAAAAQUIPAAAAAABxLcp+w4Vpns5IJHy6JpFq; expires=Fri, 14 Sep 2018 04:32:00 GMT; path=/; Domain=.juicyads.com incap_ses_722_165243=FC5BSS0WD1H0Go7+Sg8FCr0SulkAAAAA+4+ATpgIETdbFPSbv/4w+Q==; path=/; Domain=.juicyads.com ___utmvmsyupNBI=WDrmuSTEYCf; path=/; Max-Age=900 ___utmvasyupNBI=xvudmhI; path=/; Max-Age=900 ___utmvbsyupNBI=yZi XetOMals: pty; path=/; Max-Age=900
X-Iinfo: 3-4186954-0 0CNN RT(1505366716756 291) q(0 -1 -1 1) r(0 -1)
X-CDN: Incapsula


--- Additional Info ---
Magic:  gzip compressed data
Size:   1720
Md5:    280aa63e2081300532739f16dd9e7759
Sha1:   1012d7ef1155c963b91f60481640e0c1d67c4377
Sha256: 2fef9ac811aa0cfd05e29385f8829a0a20ad64762a7263c316807f27f3e00342
                                        
                                            GET /j/a/p/japanweb/jhhfrvg.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:16 GMT
Content-Length: 35920
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:16:17 GMT
Etag: "59a2aa01-8c50"
Cache-Control: max-age=1618304
X-Oke-Middle-Via: oke-u19-middle204 from cache
Expires: Tue, 26 Sep 2017 11:16:44 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1057888
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   35920
Md5:    9ed7472429e4648d1df0edd4a5511719
Sha1:   8a7e1f5eb9b46ab3f286a1f49e406f8945b223d7
Sha256: b95c965d877ea2fb8c6c197a6c631b0df809ebf68240bd150d996b454bc9ee17
                                        
                                            GET /image/hey_channel/1520005.jpg HTTP/1.1 
Host: affiliate.dtiserv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         38.118.199.227
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Zeus/4.3
Date: Thu, 14 Sep 2017 05:25:15 GMT
Expires: Thu, 14 Sep 2017 06:25:15 GMT
Content-Length: 48921
Accept-Ranges: bytes
Sh: 102
Last-Modified: Wed, 30 Nov 2016 22:37:36 GMT


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   48921
Md5:    6ea8389126896b4771867b696f055854
Sha1:   30bfd1d2207af29f96c6845b7e1b49918c0bd514
Sha256: 277cc46a73f2b6b7bdbf09e8043bc1d68e7dda6737accf29531798f1432b9476
                                        
                                            GET /hit?q;t52.6;rhttp%3A//flipmerki.cf/;s1176*885*24;uhttp%3A//av.gally.jp/cntr.php;0.8624786484166257 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://av.gally.jp/cntr.php
Cookie: FTID=1PkXAz1Zrhvc1PkXAz00BJUG

                                         
                                         88.212.196.124
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 14 Sep 2017 05:25:17 GMT
Server: 0W/0.8c
Connection: Close
Content-Length: 419
Expires: Tue, 13 Sep 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VID=31IdBe3F32fc1PkXAz00BJVQ; path=/; expires=Thu, 13 Sep 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 31
Size:   419
Md5:    2041faba8276fc4dcdb043cf8ec3eba7
Sha1:   dace733790dd1e9140d1ae5df5ee7fac26b608c6
Sha256: d527189fcbd7a26d222bce6fb5e1739db0a8c5ac8b96eb1116edd2f944b2b92a
                                        
                                            GET /service_async.php/serveAd?JSON-response-callback=rpc.callbacks.r1&id=1&c=55079&s=166207 HTTP/1.1 
Host: mobile.juicyads.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://erot.bid/jads.php

                                         
                                         192.230.77.254
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 14 Sep 2017 05:25:17 GMT
Content-Length: 154
Location: http://mobile.juicyads.com/service_async.php?JSON-response-callback=rpc.callbacks.r1&id=1&c=55079&s=166207
Connection: keep-alive
Set-Cookie: visid_incap_162936=PaZZV/mCR1G7lZF41rgTXb0SulkAAAAAQUIPAAAAAADXZOb0+TTsir97RCbMsHhr; expires=Thu, 13 Sep 2018 10:30:46 GMT; path=/; Domain=.juicyads.com nlbi_162936=mHTzSWJa1jpeY2IzMFJRgAAAAADahsUYFfD0QvDMeWkMC6LB; path=/; Domain=.juicyads.com incap_ses_723_162936=yDE7ArXJjTWBHOr2y5wICr0SulkAAAAA+CaWcDM3UzEfco9NMh0UaA==; path=/; Domain=.juicyads.com ___utmvmiyuXcMF=iTbeOHwyHeR; path=/; Max-Age=900 ___utmvaiyuXcMF=QWhQUQm; path=/; Max-Age=900 ___utmvbiyuXcMF=oZj XoXOtalk: UtR; path=/; Max-Age=900
X-Iinfo: 10-8873987-8873989 NNNN CT(100 -1 0) RT(1505366717152 211) q(0 0 1 0) r(2 2) U5
X-CDN: Incapsula


--- Additional Info ---
Magic:  HTML document text
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /d/x/c/dxcam/2017-09-06_203708_20170907023646f58.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:16 GMT
Content-Length: 91991
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Wed, 06 Sep 2017 17:36:46 GMT
Etag: "59b0322e-16757"
Cache-Control: max-age=2591983
X-Oke-Middle-Via: oke-u19-middle202 from cache
Expires: Fri, 06 Oct 2017 17:37:30 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1944734
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   91991
Md5:    49040b728ad9eea0b4f015e6d0a30290
Sha1:   c059b4498d0ef3c7550b6a5129a4dd2841794bd3
Sha256: ff2d25ac2c67330f38727ef713f2ac3dd7771e76feb8361457fec7d596f655df
                                        
                                            GET /service_async.php?JSON-response-callback=rpc.callbacks.r1&id=1&c=55079&s=166207 HTTP/1.1 
Host: mobile.juicyads.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://erot.bid/jads.php
Cookie: visid_incap_165243=W7Rn6AIZTne7f8VyuUU6Rb0SulkAAAAAQUIPAAAAAABxLcp+w4Vpns5IJHy6JpFq; incap_ses_722_165243=FC5BSS0WD1H0Go7+Sg8FCr0SulkAAAAA+4+ATpgIETdbFPSbv/4w+Q==; visid_incap_162936=PaZZV/mCR1G7lZF41rgTXb0SulkAAAAAQUIPAAAAAADXZOb0+TTsir97RCbMsHhr; nlbi_162936=mHTzSWJa1jpeY2IzMFJRgAAAAADahsUYFfD0QvDMeWkMC6LB; incap_ses_723_162936=yDE7ArXJjTWBHOr2y5wICr0SulkAAAAA+CaWcDM3UzEfco9NMh0UaA==; ___utmvmiyuXcMF=iTbeOHwyHeR; ___utmvaiyuXcMF=QWhQUQm; ___utmvbiyuXcMF=oZj XoXOtalk: UtR

                                         
                                         192.230.77.254
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 14 Sep 2017 05:25:17 GMT
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip
Set-Cookie: visid_incap_162936=PaZZV/mCR1G7lZF41rgTXb0SulkAAAAAQUIPAAAAAADXZOb0+TTsir97RCbMsHhr; expires=Thu, 13 Sep 2018 10:30:46 GMT; path=/; Domain=.juicyads.com incap_ses_723_162936=yDE7ArXJjTWBHOr2y5wICr0SulkAAAAA+CaWcDM3UzEfco9NMh0UaA==; path=/; Domain=.juicyads.com ___utmvbiyuXcMF=a; Max-Age=0; path=/; expires=Wed, 06 Sep 2017 10:28:43 GMT ___utmvaiyuXcMF=a; Max-Age=0; path=/; expires=Wed, 06 Sep 2017 10:28:43 GMT ___utmvmiyuXcMF=a; Max-Age=0; path=/; expires=Wed, 06 Sep 2017 10:28:43 GMT
X-Iinfo: 13-26986839-26986840 NNNN CT(0 -1 0) RT(1505366717593 1) q(0 0 0 -1) r(2 2) U5
X-CDN: Incapsula


--- Additional Info ---
Magic:  gzip compressed data
Size:   63
Md5:    9346c4afd4af4004bc47269b0f01c205
Sha1:   2a8088466e8c3406852123088aed900b45a71f3a
Sha256: e97e103a83e1c8057b215ef774ddd1a4dc0489a7c7f0c698d5f664d07610decc
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         192.35.177.195
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Sep 2017 05:25:17 GMT
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 14 Sep 2017 02:31:56 GMT
Etag: "b755a52318d89311d9ba07486a4ef5447c08a9a8"
Expires: Fri, 15 Sep 2017 02:31:56 GMT
Cache-Control: max-age=43200,public,no-transform,must-revalidate
Content-Length: 1398
Connection: close


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    cf8f12834256b3bf7bbe1c7f57dbbde5
Sha1:   b755a52318d89311d9ba07486a4ef5447c08a9a8
Sha256: c99511c52e46c356172358cdde97071c8ba615ca6bf3a5c4b9f386817adb1d46
                                        
                                            GET /j/a/p/japanweb/20170827201944b00.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:17 GMT
Content-Length: 28820
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:19:44 GMT
Etag: "59a2aad0-7094"
Cache-Control: max-age=1618678
X-Oke-Middle-Via: oke-u19-middle202 from cache
Expires: Tue, 26 Sep 2017 11:22:58 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058261
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   28820
Md5:    79f3ffd6f594813c435775443e01e3cc
Sha1:   52e19f435096d70758ef811d31ee588653678d37
Sha256: e447cff868ed885971650fdeaa8ef6014402620ee514bb3a4669f6897fb515e5
                                        
                                            GET /j/a/p/japanweb/jfutrty.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:17 GMT
Content-Length: 38826
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:21:16 GMT
Etag: "59a2ab2c-97aa"
Cache-Control: max-age=1618678
X-Oke-Middle-Via: oke-u19-middle203 from cache
Expires: Tue, 26 Sep 2017 11:22:58 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058261
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   38826
Md5:    921910064c19b21d263d8ed94aefec28
Sha1:   a440c437c4f1c0489a7e3e8e76dcc7ffb9fb5709
Sha256: 300c652cb0a0f7be63a1bbb8ccf4630228f573b1da5efd7f40bb591da28d9d1b
                                        
                                            GET /j/a/p/japanweb/jhvtuyytvg.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 33558
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:22:33 GMT
Etag: "59a2ab79-8316"
Cache-Control: max-age=1618678
X-Oke-Middle-Via: oke-u19-middle202 from cache
Expires: Tue, 26 Sep 2017 11:22:58 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058260
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   33558
Md5:    4ac9f35ed0f2fe85f9603ebccaff854e
Sha1:   922244dfdb9c0ab289a0fdf141948c8fb78fd68e
Sha256: 26e737983b5367ddda56825fda2d2fb1f3bc4576d5849a3078b8fbe2d7e0c84a
                                        
                                            GET /ads.js HTTP/1.1 
Host: ads.exosrv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mygf.gdn/exo.php

                                         
                                         199.167.65.64
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 882
Last-Modified: Thu, 14 Sep 2017 04:48:02 GMT
Connection: keep-alive
Keep-Alive: timeout=20
Cache-Control: max-age=3600
Expires: Thu, 14 Sep 2017 05:48:02 GMT
Etag: "59ba0a02-372"
Server: BelugaCDN/v2.33.6
X-Beluga-Cache-Status: Hit (1)
X-Beluga-Trace: 86a38d45-08b4-4e87-bd94-07c7d65b20d5
X-Beluga-Record: 19f9253460bbd146279b9dda039fca0a62941b8f
X-Beluga-Node: 28
X-Beluga-Status: 003
X-Beluga-Response-Time: 0.000 sec
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   882
Md5:    1d32a1e1731cde99c10363d53176a832
Sha1:   cdd165c55326e74738d21e159d48de1bffd58db2
Sha256: c97ef572223e332f57ea67ef93ccd800f6d5340c3dbfa724e294c83695690123
                                        
                                            GET /ads-iframe-display.php?idzone=2303833&type=300x250&p=http%3A//flipmerki.cf/&dt=1505366718279&sub=&tags=&screen_resolution=1176x885 HTTP/1.1 
Host: syndication.exosrv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mygf.gdn/exo.php

                                         
                                         95.211.229.247
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 14 Sep 2017 05:25:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2259ba12be543694.05457572527840243%22%3B%7D; expires=Mon, 30-Aug-2077 05:25:18 GMT; Max-Age=1892160000; domain=exosrv.com impressions=x%9Cm%C9K%0A%80+%14%85%E1%BD%DC%15x%29%1F%5D%17%13%22VB%89%A5%0DB%DC%7B%E6%B8%C9%81%FF%7C%86%90%8A%27%94%9CM%12%B5%A1%91Jj%03%9B%CF%09t%13%DD3%FB%C3%F5%E4%8C%0FBHT%EDW%04%BBI%F9%D7P%12X%13%A3%0F%EB%BC%5C%EE%BC%5D%B0%0F%7C%40%80%A0k%7D%01%3B%04%23p; expires=Thu, 14-Sep-2017 05:26:18 GMT; Max-Age=60; path=/; domain=.exosrv.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   773
Md5:    e5cac3c5523cdc35703435e046f36af8
Sha1:   eb0c5ae165019c501d7ec02f3e9df6d798a18a61
Sha256: 90d16548ee3e341e86b838ea4ae383306ca4ceb224a2f17baebbe80484f21cb3
                                        
                                            GET /ads-iframe-display.php?idzone=2216953&type=300x250&p=http%3A//flipmerki.cf/&dt=1505366718284&sub=&tags=&screen_resolution=1176x885 HTTP/1.1 
Host: syndication.exosrv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://edating.top/exo.php

                                         
                                         95.211.229.247
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 14 Sep 2017 05:25:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2259ba12be54a965.196221883665997902%22%3B%7D; expires=Mon, 30-Aug-2077 05:25:18 GMT; Max-Age=1892160000; domain=exosrv.com impressions=x%9Cm%8CK%0A%80+%14E%F7%F2V%E0%23%7F%3D%17%13%22VB%89%A5%0D%22%DC%7Bb%D3%26%17%CE%3Dp%2C%21%3D%81p%D4R1i%2Cqzr%1BXC%C9%60%9A1%1DK%D8%7DG%C1%C4+%A5B%DD%7EM%B0%D9%5C%7E%1D%2A%02gS%0Aq%99%E6%D3%1F%97%8F%EE%86%2F%86%9C30%B5%BE%A81%24%12; expires=Fri, 15-Sep-2017 05:25:18 GMT; Max-Age=86400; path=/; domain=.exosrv.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   621
Md5:    49bf8c61fa193d39bed9cfeee2a791bf
Sha1:   03c389077e85da32f68c5c6a06e9dda43a8e75e5
Sha256: 3861efe376a96475d634ebc0dc0cbeb1eaecb28b2784aba5a0e51fafe807f7ce
                                        
                                            GET /6a97888ec52c042c679a36e919843cca/banners/358224/17317095643533700_1_xacd.gif HTTP/1.1 
Host: static.exosrv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://syndication.exosrv.com/ads-iframe-display.php?idzone=2303833&type=300x250&p=http%3A//flipmerki.cf/&dt=1505366718279&sub=&tags=&screen_resolution=1176x885
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2259ba12be543694.05457572527840243%22%3B%7D; impressions=x%9Cm%C9K%0A%80+%14%85%E1%BD%DC%15x%29%1F%5D%17%13%22VB%89%A5%0DB%DC%7B%E6%B8%C9%81%FF%7C%86%90%8A%27%94%9CM%12%B5%A1%91Jj%03%9B%CF%09t%13%DD3%FB%C3%F5%E4%8C%0FBHT%EDW%04%BBI%F9%D7P%12X%13%A3%0F%EB%BC%5C%EE%BC%5D%B0%0F%7C%40%80%A0k%7D%01%3B%04%23p

                                         
                                         199.167.65.64
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 24925
Connection: keep-alive
Keep-Alive: timeout=20
Cache-Control: max-age=31536000
Expires: Sat, 11 Aug 2018 07:12:31 GMT
Etag: "58cbb2db-615d"
Server: BelugaCDN/v2.33.6
X-Beluga-Cache-Status: Hit (1)
X-Beluga-Trace: d7a63d0f-c68b-43fd-b896-ef823ae623b4
X-Beluga-Record: 452372b01a4c125cfaa7fc568ce5878b0955f7dd
X-Beluga-Node: 28
X-Beluga-Status: 003
X-Beluga-Response-Time: 0.001 sec
Last-Modified: Fri, 17 Mar 2017 09:56:43 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250
Size:   24925
Md5:    0ce6bdf856a753034b718d29d46fe605
Sha1:   c6f7279e895c9a07fadbc8e2714d9fee264b1e0e
Sha256: 6097fd92414ff9432fbad63a9b2308c56931c04c1b1d4eb31266ebd53b9bbcca
                                        
                                            GET /6a97888ec52c042c679a36e919843cca/banners/314590/17817110451125252_1.gif HTTP/1.1 
Host: static.exosrv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://syndication.exosrv.com/ads-iframe-display.php?idzone=2216953&type=300x250&p=http%3A//flipmerki.cf/&dt=1505366718284&sub=&tags=&screen_resolution=1176x885
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2259ba12be54a965.196221883665997902%22%3B%7D; impressions=x%9Cm%8CK%0A%80+%14E%F7%F2V%E0%23%7F%3D%17%13%22VB%89%A5%0D%22%DC%7Bb%D3%26%17%CE%3Dp%2C%21%3D%81p%D4R1i%2Cqzr%1BXC%C9%60%9A1%1DK%D8%7DG%C1%C4+%A5B%DD%7EM%B0%D9%5C%7E%1D%2A%02gS%0Aq%99%E6%D3%1F%97%8F%EE%86%2F%86%9C30%B5%BE%A81%24%12

                                         
                                         199.167.65.64
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 416165
Connection: keep-alive
Keep-Alive: timeout=20
Cache-Control: max-age=31536000
Expires: Fri, 17 Aug 2018 11:16:55 GMT
Etag: "59957853-659a5"
Server: BelugaCDN/v2.33.6
X-Beluga-Cache-Status: Hit (1)
X-Beluga-Trace: c31590b5-3e3b-4b3f-999c-b8ce291e5ad4
X-Beluga-Record: 06ea40b91291d79b339131d9d3428bf1fbf6ffed
X-Beluga-Node: 28
X-Beluga-Status: 003
X-Beluga-Response-Time: 0.000 sec
Last-Modified: Thu, 17 Aug 2017 11:04:51 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250
Size:   416165
Md5:    21e4ee9008bb2d426f0072833206a738
Sha1:   89c85bf03c85f1cf413a0cc2ea8ce6d49e84d608
Sha256: d2425f2dcb2b47745198162cd8d4f50ab2867e842bf266c42f5671d2d02e3a71
                                        
                                            GET /j/a/p/japanweb/hairpussy.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 56100
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:24:14 GMT
Etag: "59a2abde-db24"
Cache-Control: max-age=1618777
X-Oke-Middle-Via: oke-u19-middle202 from cache
Expires: Tue, 26 Sep 2017 11:24:37 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058359
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   56100
Md5:    e4be371ac52a6746f517ad61402372f0
Sha1:   e97eead51f7e82d24d46e5ef5c3d23babc250dfd
Sha256: 3dbf1ae02bf985beb2067ebd9fe76fb0d2fa864c28d0e6d92fef43992220177b
                                        
                                            GET /j/a/p/japanweb/shavedpussy.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 47001
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:25:53 GMT
Etag: "59a2ac41-b799"
Cache-Control: max-age=1619071
X-Oke-Middle-Via: oke-u19-middle205 from cache
Expires: Tue, 26 Sep 2017 11:29:31 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058653
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   47001
Md5:    488b9a2c38a500fd43f2f3b915601ee1
Sha1:   d10a264f0d4bd883dc93fb31de85ae5f5b436944
Sha256: f368d730059e74bc68feac0354d4c2a1a0b7632b6fffb20123218f3ac51cdc2e
                                        
                                            GET /j/a/p/japanweb/kylei.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:16 GMT
Content-Length: 222456
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 07:04:40 GMT
Etag: "59a26f08-364f8"
Cache-Control: max-age=2394470
X-Oke-Middle-Via: oke-u19-middle203 from cache
Expires: Tue, 26 Sep 2017 07:12:47 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1043251
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   222456
Md5:    192fbfc846cdc701d6a15fcf0d5f1112
Sha1:   093c2334c3ae722c34d66c0dbbd59b8ec85e6282
Sha256: 986eac2c30c533c053a2240fcde30549311061dcc454b9933f6e8fc07d9d6cab
                                        
                                            GET /j/a/p/japanweb/japanpussy.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 54993
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:27:07 GMT
Etag: "59a2ac8b-d6d1"
Cache-Control: max-age=1619071
X-Oke-Middle-Via: oke-u19-middle201 from cache
Expires: Tue, 26 Sep 2017 11:29:31 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058653
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   54993
Md5:    c773b733092befc333bc8f5147268bec
Sha1:   eab25d0c52268c11cf4c5c4ed991e8ad0d7adb07
Sha256: 70cd491193e381d83079227a5db89463894fea7c02ff3f8751cc5cdcb5815452
                                        
                                            GET /j/a/p/japanweb/japanlife.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 42062
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:34:28 GMT
Etag: "59a2ae44-a44e"
Cache-Control: max-age=1619961
X-Oke-Middle-Via: oke-u19-middle202 from cache
Expires: Tue, 26 Sep 2017 11:44:21 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1059543
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   42062
Md5:    67c171e5af4a06ff7b1d5223c59d0e90
Sha1:   439ac1f8acd8110f7fe5f4365a1e9bd804b0e6e9
Sha256: a6780e186420abe940124e50943ffabd1cbe26d2ddf15f182789e3f22c394ad6
                                        
                                            GET /j/a/p/japanweb/webcamslutjapan.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 31502
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:33:14 GMT
Etag: "59a2adfa-7b0e"
Cache-Control: max-age=1619961
X-Oke-Middle-Via: oke-u19-middle205 from cache
Expires: Tue, 26 Sep 2017 11:44:21 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1059543
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   31502
Md5:    fb322617bf79ae4f39845d34099b0fb4
Sha1:   9f068a76bbcf928375dcf42903ef9bec684b7f2d
Sha256: 6642b3cfdf46526161eb7bc2fa1b946a7294f8586d3433257c63fe70ca494164
                                        
                                            GET /d/x/c/dxcam/2017-09-06_203708_20170909203631ea2.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:16 GMT
Content-Length: 241005
Connection: keep-alive
Last-Modified: Sat, 09 Sep 2017 11:36:31 GMT
Cache-Control: max-age=2592000
Etag: "59b3d23f-3ad6d"
X-Oke-Middle-Via: oke-u19-middle203 from 179.195
Expires: Mon, 09 Oct 2017 11:46:25 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 2182869
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   241005
Md5:    772a89d25e338a0b12c75a43f6f26711
Sha1:   66e2183b9a2df5c6ee9c868585d4afaeb88fd11f
Sha256: c7fb57882c6c137f0f780810fd57e9a876c7d4fe49051d7acd371baab3ffa16d
                                        
                                            GET /j/a/p/japanweb/Tiffanysoft.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:16 GMT
Content-Length: 297718
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Mon, 28 Aug 2017 06:57:43 GMT
Etag: "59a3bee7-48af6"
Cache-Control: max-age=1871585
X-Oke-Middle-Via: oke-u19-middle205 from cache
Expires: Wed, 27 Sep 2017 07:19:42 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1130066
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   297718
Md5:    1c20409ed5f5e391e7163c2d81ce4faf
Sha1:   998301164b3b1cbbe17a16e8d906214346943184
Sha256: 1d0990a9f804db4a6a0f553b2f2d11f112c0eabd4ad6d511ad52949591515057
                                        
                                            GET /j/a/p/japanweb/cuteharypussyjapanese.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 59820
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:31:21 GMT
Etag: "59a2ad89-e9ac"
Cache-Control: max-age=1619391
X-Oke-Middle-Via: oke-u19-middle203 from cache
Expires: Tue, 26 Sep 2017 11:34:51 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058973
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   59820
Md5:    c52302181ce76a74595331c72d5455f9
Sha1:   8a7732541ad33571f9bd5651c8cdc829974ef4c5
Sha256: 5dc82255491b3706159bc49ddce57da22971ad12486e62e2a7f028ec6bfee2ba
                                        
                                            GET /j/a/p/japanweb/japanshavedcutepussy.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:19 GMT
Content-Length: 34140
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:41:40 GMT
Etag: "59a2aff4-855c"
Cache-Control: max-age=1620043
X-Oke-Middle-Via: oke-u19-middle201 from cache
Expires: Tue, 26 Sep 2017 11:45:43 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1059624
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   34140
Md5:    a1fc47df7b7a4306bafa1684e28f7443
Sha1:   7bfb4dbd1e0b94b909440e0c6af1581cc8c4fa75
Sha256: f55ddb8a0c609fc59c764e9efcdf6f06185145bd06c5fc3aba294549892666c6
                                        
                                            GET /j/a/p/japanweb/thaishavedpussy.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:19 GMT
Content-Length: 49117
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:48:42 GMT
Etag: "59a2b19a-bfdd"
Cache-Control: max-age=1620337
X-Oke-Middle-Via: oke-u19-middle200 from cache
Expires: Tue, 26 Sep 2017 11:50:37 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1059918
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   49117
Md5:    3c5af86d5d883d5f7c7cde80d9e9c09c
Sha1:   8bfa90242454b1e824c587c9249680623dd5e53f
Sha256: 6e67d9399a18c9bf12c1f84c7f7c7e76e4850ba8696fdcdfd77b44fd9ba2f4df
                                        
                                            GET /j/a/p/japanweb/teenjapanesenaked.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:19 GMT
Content-Length: 43735
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:50:14 GMT
Etag: "59a2b1f6-aad7"
Cache-Control: max-age=1620337
X-Oke-Middle-Via: oke-u19-middle202 from cache
Expires: Tue, 26 Sep 2017 11:50:37 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1059918
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   43735
Md5:    0f553aff2a78c05a6702847f9a87a485
Sha1:   5f2283651559cdc7aafa307ce174b2eca375d717
Sha256: 126e75eaa676effb3e3b8d2b6689b8e5e9ea73d458095ebc8b7e762bb8e8ed26
                                        
                                            GET /j/a/p/japanweb/niceass.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:19 GMT
Content-Length: 36194
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:51:36 GMT
Etag: "59a2b248-8d62"
Cache-Control: max-age=1620508
X-Oke-Middle-Via: oke-u19-middle201 from cache
Expires: Tue, 26 Sep 2017 11:53:29 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1060090
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   36194
Md5:    060190c01bc927d83db84c13d0ee736a
Sha1:   9bf1ab9df5d8e7e4306cb2deebce25f22b14a702
Sha256: 7687793e4eeccc5a8a0d817b45490b358ec1090473cba39c16749889ad706ac4
                                        
                                            GET /j/a/p/japanweb/sexyjapanhairypussy.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:18 GMT
Content-Length: 46288
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:29:10 GMT
Etag: "59a2ad06-b4d0"
Cache-Control: max-age=1619071
X-Oke-Middle-Via: oke-u19-middle202 from cache
Expires: Tue, 26 Sep 2017 11:29:31 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1058653
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   46288
Md5:    d8fa2d947a82e53e1e73bc3a71efda6c
Sha1:   21c2a73f89327f5056a407d03118432b45bc425a
Sha256: a2e2f8f0a7328910e800302d77fc9540a0202d6a32e9f4b57841efed40bd3fee
                                        
                                            GET /j/a/p/japanweb/teenjapanesemasturbating.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:19 GMT
Content-Length: 35631
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:53:05 GMT
Etag: "59a2b2a1-8b2f"
Cache-Control: max-age=1620588
X-Oke-Middle-Via: oke-u19-middle205 from cache
Expires: Tue, 26 Sep 2017 11:54:48 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1060169
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   35631
Md5:    16130c49474101b837383aa4b4b439af
Sha1:   02e7e0d8fea4a6a0a412d015418656dcfda17210
Sha256: ab77590dcc4323c3b54183fc4ec593d578177fb3ac4970f23610b39c68ae4d30
                                        
                                            GET /j/a/p/japanweb/webcamorgasm.jpg HTTP/1.1 
Host: blog-imgs-105.fc2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         210.138.144.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Thu, 14 Sep 2017 05:25:19 GMT
Content-Length: 21833
Connection: keep-alive
X-Oke-Middle-Cache: HIT
Last-Modified: Sun, 27 Aug 2017 11:55:54 GMT
Etag: "59a2b34a-5549"
Cache-Control: max-age=1620742
X-Oke-Middle-Via: oke-u19-middle200 from cache
Expires: Tue, 26 Sep 2017 11:57:22 GMT
x-oke-front-cache: HIT
x-oke-front-ttl: 1060323
x-oke-front-via: oke-u18-edge200 from cache
x-oke-time-cache: 0.000
x-oke-time-filter: 0.000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   21833
Md5:    5958f9fbeab613f881abb6aeb42474a5
Sha1:   62e8b9e2c9b6307e7aa6e05bb25a4f1cab5914ba
Sha256: 4c33ebcf186cc70458830a5da838d3502882552d60149dc110203eb845078e6a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: flipmerki.cf
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=daf215a8d9dc5997c7d18fc56614a987e1505366715; PHPSESSID=jsu729vlv8he09u4qu90sk8l61

                                         
                                         104.28.15.28
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 05:25:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 39e0ecd8d68e4261-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8113
Md5:    2a9e6da1a801a6a9a5fbfa4f66d62fca
Sha1:   bd428fa074f1f2af0416c5a0dc4941f875c2f413
Sha256: e0efa07ab2f6160f665204d79f064407a5699dac8d2145f97c5344efc5f825be
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: flipmerki.cf
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=daf215a8d9dc5997c7d18fc56614a987e1505366715; PHPSESSID=jsu729vlv8he09u4qu90sk8l61

                                         
                                         104.28.15.28
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 05:25:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 39e0ecebb2144261-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7041
Md5:    d48d8ccccfb3a63b05066e83c03346ef
Sha1:   d9dad6615453687cb0a9d8598463f678bf2cc5c0
Sha256: b1aa8153e07f83f50fd80b44a86e4be5ffafa5494ed42b9f9775dec245be1ef1
                                        
                                            GET /auto/lesshin/auto02.jpg HTTP/1.1 
Host: affiliate.dtiserv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://flipmerki.cf/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---