| www.w3schools.com/w3css/4/w3.css | 192.229.133.221 | 200 OK | 5.3 kB |
URL GET HTTP/2www.w3schools.com/w3css/4/w3.css IP192.229.133.221:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerDigiCert Inc Subject*.w3schools.com Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text Hashba0537e9574725096af97c27d7e54f76 bd46b47d74d344f435b5805114559d45979762d5 4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 883
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 09 May 2024 19:32:20 GMT
etag: "0ed8b040a1da1:0+gzip"
last-modified: Wed, 08 May 2024 12:05:22 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js | 172.217.21.170 | 200 OK | 30 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP172.217.21.170:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashbfc9ea9322691e4815e1067e92c6e6a1 d748ede44b20a8094fc37bdf1dc745a520d933be 0c5fb7dc3baa0ddb999c8ea9432ed8536995f4f576470d9e2f529708f572675a
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 09 May 2024 19:32:21 GMT
Last-Modified: Thu, 09 May 2024 18:54:53 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tYd0efktCVrPia2_0dM-5C4sGyn0smqsAsgMo03XgMfQDoY4GscQpQ==
Age: 2248
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashbfc9ea9322691e4815e1067e92c6e6a1 d748ede44b20a8094fc37bdf1dc745a520d933be 0c5fb7dc3baa0ddb999c8ea9432ed8536995f4f576470d9e2f529708f572675a
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 09 May 2024 19:32:21 GMT
Last-Modified: Thu, 09 May 2024 18:05:37 GMT
Server: ECAcc (ska/F6A0)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Thc-ua3H2LQ5DukR-tKHHqAPBfA6VPoGt4WeaQKoabq-rlhJwmnGzA==
Age: 5204
|
|
| jsjs.4jpg.top/index.php?js=very | 104.21.77.220 | 200 OK | 544 B |
URL GET HTTP/3jsjs.4jpg.top/index.php?js=very IP104.21.77.220:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
File typeASCII text, with no line terminators Hash77542f8a3ada1bb8b45eb9139c5e69ef 08556fa802dce18bec90fc57d62c7caaa4dbbdd0 4a12c40c3eb9ed0e055519dbd5be4cb7e88ee707739484aa38e3e3284c0bdc46
GET /index.php?js=very HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:21 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--NO-rm162158222116/index.php?js=very
56nloadrate: 1.43
cache-control: max-age=360000, private
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wwskV8qAHDFSEJZk60FDfmytGr9mo1dvlA5PJNLvI%2BM23SaaAubHvCtK2MirS%2BgS%2FjFxbZe%2B3FiaEjFpO0uG9N%2F1h%2BbZG90C0kDF9NT9B1x8Q9Fvzz%2BB6sgTb2ZA60t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d6f0fdf1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashbfc9ea9322691e4815e1067e92c6e6a1 d748ede44b20a8094fc37bdf1dc745a520d933be 0c5fb7dc3baa0ddb999c8ea9432ed8536995f4f576470d9e2f529708f572675a
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 09 May 2024 19:32:21 GMT
Last-Modified: Thu, 09 May 2024 18:29:44 GMT
Server: ECAcc (amb/6AA6)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A7ObjMzBsIZ0KYQuZpQXyKDSPn8QG4_4qLaYh2zwT7ZO6Alj3ej2gw==
Age: 3757
|
|
| cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js | 104.17.25.14 | 200 OK | 4.0 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js IP104.17.25.14:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10613) Hashea77f824de2ef57acb12e7cb6596365e 10bad0dbdf30a0471c2c786b349daeb1dd19180e 2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 789235
expires: Tue, 29 Apr 2025 19:32:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7do3tpnUv9oVbO1RSKpAtVX6ct6CmmhPwcRhVPU8%2F0vk7IFu6MOXO2ujH7vOaAlEq%2Bu3Lo%2FguiRk9MU6zJd71%2FrZkobrTD4TfdEAIVAsk4c1YjTk8UEF5QaShGMijXT2cfqxlAvQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88141d74adf20b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js | 151.101.193.229 | 200 OK | 75 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js IP151.101.193.229:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563) Hash6e03b01f1b5a43c6aed614fc777eba49 5bcda76ab147e4e722143d58035368a889519fbd 6e0dd9005b931440353e4bdb651477d168f8a7081c1834042468de9febd97342
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"2c0ab-W82narFH5OciFD1YA1NoqIlRn70"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 19:32:21 GMT
age: 16112
x-served-by: cache-fra-eddf8230153-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 75372
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-620120-3 | 142.250.74.168 | 200 OK | 71 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-620120-3 IP142.250.74.168:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash084a3149dc86bba45fadedc15d17db4a 845d92d3406d31ab4f7a4dd701af09968f1dfeb4 1ae3ba68c0e11f326a6e9d98172a6ad4ea4a6d306bbdbeba1d65a25e8351856b
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:32:21 GMT
expires: Thu, 09 May 2024 19:32:21 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js | 45.133.44.52 | 200 OK | 36 kB |
URL GET HTTP/2e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjecte9b729472c.39268ea911.com FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8 ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT
File typegzip compressed data, from Unix Hashbb5625300bc629e96f6394d7d2b3a1e9 c313c97ee1da266ee0291c09a0ce018cdf916a7b 14293703fea05434a766d019057452a840c311065e100904117ef2bfe7b93537
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /34d6dd2e1c7f31ddf3a9042ff9eeb58b.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://img.4img.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:21 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 May 2024 10:50:20 GMT
etag: W/"663b58ec-1ab25"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:21 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fimg.4img.top%2F%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A118575885404%3Ahid%3A907241329%3Az%3A0%3Ai%3A20240509193222%3Aet%3A1715283142%3Ac%3A1%3Arn%3A274297499%3Arqn%3A1%3Au%3A171528314223579748%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C58%2C340%2C2%2C93%2C0%2C%2C730%2C9%2C1238%2C%2C%2C1245%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283140178%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283142%3At%3A%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E5%AE%9D%E5%B3%B6%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E5%B7%A8%E4%B9%B3%E6%8A%95%E7%A8%BF%E7%94%BB%E5%83%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) | 87.250.250.119 | | 448 B |
URL mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fimg.4img.top%2F%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A118575885404%3Ahid%3A907241329%3Az%3A0%3Ai%3A20240509193222%3Aet%3A1715283142%3Ac%3A1%3Arn%3A274297499%3Arqn%3A1%3Au%3A171528314223579748%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C58%2C340%2C2%2C93%2C0%2C%2C730%2C9%2C1238%2C%2C%2C1245%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283140178%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283142%3At%3A%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E5%AE%9D%E5%B3%B6%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E5%B7%A8%E4%B9%B3%E6%8A%95%E7%A8%BF%E7%94%BB%E5%83%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) IP87.250.250.119:0
Hashc13e2ff00f870b7a5ad31c129ad17f8c d2212d928ed921c448544cec4b9699b7da9b3b52 10fcaa0f34585bd84b7426e8db6653a2f4a1c9c940ae20b6f565aa6c743be7a0
GET /watch/48140495?wmode=7&page-url=https%3A%2F%2Fimg.4img.top%2F%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A118575885404%3Ahid%3A907241329%3Az%3A0%3Ai%3A20240509193222%3Aet%3A1715283142%3Ac%3A1%3Arn%3A274297499%3Arqn%3A1%3Au%3A171528314223579748%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C58%2C340%2C2%2C93%2C0%2C%2C730%2C9%2C1238%2C%2C%2C1245%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283140178%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283142%3At%3A%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E5%AE%9D%E5%B3%B6%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E5%B7%A8%E4%B9%B3%E6%8A%95%E7%A8%BF%E7%94%BB%E5%83%8F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://img.4img.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fimg.4img.top%2F%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A118575885404%3Ahid%3A907241329%3Az%3A0%3Ai%3A20240509193222%3Aet%3A1715283142%3Ac%3A1%3Arn%3A274297499%3Arqn%3A1%3Au%3A171528314223579748%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C58%2C340%2C2%2C93%2C0%2C%2C730%2C9%2C1238%2C%2C%2C1245%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283140178%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283142%3At%3A%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E5%AE%9D%E5%B3%B6%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E5%B7%A8%E4%B9%B3%E6%8A%95%E7%A8%BF%E7%94%BB%E5%83%8F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1
date: Thu, 09 May 2024 19:32:22 GMT
access-control-allow-origin: https://img.4img.top
set-cookie: yabs-sid=822722741715283142; Path=/; SameSite=None; Secure
i=4s0usya9IGVe4aup0Ou6h7UHJTELAWREJ5BwaKKBjRAr1XTaRYr+2+4hEBaLrs1WcAnjpAl+3avTG/TIjJ6sUYRBWq8=; Expires=Sun, 07-May-2034 19:32:19 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=952192421715283142; Expires=Sun, 07-May-2034 19:32:19 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=952192421715283142; Expires=Fri, 09-May-2025 19:32:22 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746819142.yrts.1715283142#1746819142.yrtsi.1715283142; Expires=Fri, 09-May-2025 19:32:22 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-May-2024 19:32:22 GMT
last-modified: Thu, 09-May-2024 19:32:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| www.w3schools.com/w3css/4/w3.css | 192.229.133.221 | 200 OK | 5.3 kB |
URL GET HTTP/2www.w3schools.com/w3css/4/w3.css IP192.229.133.221:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerDigiCert Inc Subject*.w3schools.com Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text Hashba0537e9574725096af97c27d7e54f76 bd46b47d74d344f435b5805114559d45979762d5 4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 885
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 09 May 2024 19:32:22 GMT
etag: "0ed8b040a1da1:0+gzip"
last-modified: Wed, 08 May 2024 12:05:22 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js | 172.217.21.170 | 200 OK | 30 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP172.217.21.170:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js | 104.17.25.14 | 200 OK | 4.0 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js IP104.17.25.14:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10613) Hashea77f824de2ef57acb12e7cb6596365e 10bad0dbdf30a0471c2c786b349daeb1dd19180e 2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 789237
expires: Tue, 29 Apr 2025 19:32:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BBl3ySmnPjOnAkIzDoqRlMznbds%2BTKnXobl7qgjWpvseaZdWSWM49XSCoP4bdnpI%2BPz014nSD5oKWrX4xEJfDzmInV1dhTnTVoCEgFZP4aUbkOWxncdJWXHmvqCh137yXkIOoLv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88141d7cae3db4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-620120-3 | 142.250.74.168 | 200 OK | 71 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-620120-3 IP142.250.74.168:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hashc6a64ff1bc4fff8e4daa30ee01e581c2 c6dedee84e06ad56e858865c4f1c5495e03b43b5 da8a93ebd216b9702ba2dbda9a5380b0c3895a2e5acd56bae107b05a36802e50
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:32:23 GMT
expires: Thu, 09 May 2024 19:32:23 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js | 151.101.193.229 | 200 OK | 75 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js IP151.101.193.229:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563) Hash6e03b01f1b5a43c6aed614fc777eba49 5bcda76ab147e4e722143d58035368a889519fbd 6e0dd9005b931440353e4bdb651477d168f8a7081c1834042468de9febd97342
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"2c0ab-W82narFH5OciFD1YA1NoqIlRn70"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 19:32:23 GMT
age: 16114
x-served-by: cache-fra-eddf8230153-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 75372
X-Firefox-Spdy: h2
|
|
| js.2mp4.xyz/AV4.us.jpg | 188.114.97.1 | 200 OK | 8.7 kB |
IP188.114.97.1:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject2mp4.xyz FingerprintED:E7:E0:E1:A9:53:73:B5:DC:2D:51:FA:D6:F6:F6:7B:04:99:02:28 ValidityThu, 02 May 2024 12:01:28 GMT - Wed, 31 Jul 2024 12:01:27 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3 Hashedfe007a6e5b3d268b2528f564b60b43 1644c8ef97c871079e07e5079d613af5cb94052f bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: js.2mp4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-614075c7eff6b"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 60786
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IPuvRADzn5ER2ypSfiQvliNCL3CTMOxFJAOm1kb3iBrIUM9SSzxy3303zQrKmkSQtKRC%2Fwte%2BEc3JXjwUFNTnTH94N1gZ3aM4iGFqQjEXvZmbRh2z9ikFunsADSGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d7fecd20b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js | 104.17.25.14 | 200 OK | 4.0 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js IP104.17.25.14:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10613) Hashea77f824de2ef57acb12e7cb6596365e 10bad0dbdf30a0471c2c786b349daeb1dd19180e 2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 789237
expires: Tue, 29 Apr 2025 19:32:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWwXyjS8sR6BnP9LezoE%2BIg6tTV0j70ys6k6qDaobfuROPqnZR8jux%2BkRdbIJvlhYge%2FXGsLD0O4SKRDTfW5tQ3wd654layU1devWyC6%2BL3BM1tE3xjCBoJ4C79O3C35ZZLDBJe0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88141d813ec556a2-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jsjs.4jpg.top/index.php?js=very | 172.67.211.235 | 200 OK | 30 kB |
URL GET HTTP/3jsjs.4jpg.top/index.php?js=very IP172.67.211.235:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
File typeASCII text, with no line terminators Hash77542f8a3ada1bb8b45eb9139c5e69ef 08556fa802dce18bec90fc57d62c7caaa4dbbdd0 4a12c40c3eb9ed0e055519dbd5be4cb7e88ee707739484aa38e3e3284c0bdc46
GET /index.php?js=very HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--NO-rm162158222116/index.php?js=very
56nloadrate: 1.403125
cache-control: max-age=360000, private
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBBAERo6q0yvvdrMjrwkImYrTENrZRhfwCCL5KtoatifMhKDDn4th0uj9w1%2Fwt0wCDWfnHdEKNw3T4EkHsvxQUxn3SrSU%2FUdAnCmJx65CjYRamrV5ZSomRoYJgqvcZLj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d7f8f4f569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js | 151.101.193.229 | 200 OK | 75 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js IP151.101.193.229:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (563) Hash6e03b01f1b5a43c6aed614fc777eba49 5bcda76ab147e4e722143d58035368a889519fbd 6e0dd9005b931440353e4bdb651477d168f8a7081c1834042468de9febd97342
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 75372
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.325.0
x-jsd-version-type: version
etag: W/"2c0ab-W82narFH5OciFD1YA1NoqIlRn70"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 19:32:23 GMT
age: 16114
x-served-by: cache-fra-eddf8230153-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-620120-3 | 142.250.74.168 | 200 OK | 71 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=UA-620120-3 IP142.250.74.168:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hashf3b281a37d6b0c93b7dbf8d49b54fbe3 461d3c4fe28b23d5e5b9db2d0080625b9c69909d da10b8683771fbf19920e643b6b4527a5484d1f595d510a435c699ec1d3c8f3f
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 19:32:23 GMT
expires: Thu, 09 May 2024 19:32:23 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 May 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js | 45.133.44.53 | 200 OK | 66 kB |
URL GET HTTP/2e9b729472c.39268ea911.com/34d6dd2e1c7f31ddf3a9042ff9eeb58b.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjecte9b729472c.39268ea911.com FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8 ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Hash3fe2950761b3cbf88532a49e6e8f857d b52a343a7a76eabe3abeab12bba0e14283a1a873 b7b293b5c9cb1f519330742be6d8da733fa7b6e3dea61aa0fb3b9827b4e591f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /34d6dd2e1c7f31ddf3a9042ff9eeb58b.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 08 May 2024 10:50:20 GMT
etag: W/"663b58ec-1ab25"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.52 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cacrz.4jpg.top/AV4.us.jpg | 188.114.97.1 | 200 OK | 8.7 kB |
URL GET HTTP/2cacrz.4jpg.top/AV4.us.jpg IP188.114.97.1:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3 Hashedfe007a6e5b3d268b2528f564b60b43 1644c8ef97c871079e07e5079d613af5cb94052f bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: cacrz.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-5499bcea176c0"
access-control-allow-origin: *
access-control-allow-headers: Cake
ahost: RZ
cache-control: public, max-age=3600000
cf-cache-status: HIT
age: 789259
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjgUUqHIpbkaMN26FvjluSOSeiphYOb5Omrku29jctlihMLwNeFZdBviP7YQsmjoSQ3sdp0D3to0lFe4uNDWpMh9%2B9Fvh8xmg2VGaYw1Q2wKWtSjTLqP%2BKDqpodkDM5vtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d859d6d56c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1 | 93.158.134.119 | 200 OK | 448 B |
URL GET HTTP/2mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1 IP93.158.134.119:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
Hash69810bb365fa98bffb72fd41ceaf4177 23c502d9e2130dfbc2be2c699eaa1c4b846857da de0236aa6cca4620fd78703fdd59323b5aefc51dd4514ac35613582a27e34feb
GET /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
Referer: https://data.jpg4.monster/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=708882881715283144; i=zjYE53E95tjF9agFmM076qxCngBgpepaNG2Z3f+hX5IA+3H9/o+uFdALTPojQ4gRbwIGheChldb9aEAbEqnX4CD4qJ4=; yandexuid=4687782831715283144; yuidss=4687782831715283144; ymex=1746819144.yrts.1715283144#1746819144.yrtsi.1715283144
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 448
date: Thu, 09 May 2024 19:32:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://data.jpg4.monster
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-May-2024 19:32:24 GMT
last-modified: Thu, 09-May-2024 19:32:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) | 93.158.134.119 | 302 Found | 0 B |
URL GET HTTP/2mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) IP93.158.134.119:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGlobalSign nv-sa Subjectmc.webvisor.com Fingerprint2A:A0:A6:9C:1E:F9:C0:FD:36:75:E2:D3:32:B9:34:8F:EE:3B:81:11 ValidityFri, 19 Apr 2024 21:07:47 GMT - Fri, 11 Oct 2024 20:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/48140495?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3441412)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://data.jpg4.monster/
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a1il64u1scsxvruylb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A1514973805510%3Ahid%3A995904042%3Az%3A0%3Ai%3A20240509193224%3Aet%3A1715283144%3Ac%3A1%3Arn%3A1016910035%3Arqn%3A2%3Au%3A1715283144792198659%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A866%3Ads%3A0%2C0%2C441%2C1%2C%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1715283143102%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1715283144%3At%3AContact%20%26%20Abuse%20-VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283441412%29fip%281%29ti%281%29&redirnss=1
date: Thu, 09 May 2024 19:32:24 GMT
access-control-allow-origin: https://data.jpg4.monster
set-cookie: yabs-sid=708882881715283144; Path=/; SameSite=None; Secure
i=zjYE53E95tjF9agFmM076qxCngBgpepaNG2Z3f+hX5IA+3H9/o+uFdALTPojQ4gRbwIGheChldb9aEAbEqnX4CD4qJ4=; Expires=Sun, 07-May-2034 19:32:23 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4687782831715283144; Expires=Sun, 07-May-2034 19:32:23 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=4687782831715283144; Expires=Fri, 09-May-2025 19:32:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746819144.yrts.1715283144#1746819144.yrtsi.1715283144; Expires=Fri, 09-May-2025 19:32:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 09-May-2024 19:32:24 GMT
last-modified: Thu, 09-May-2024 19:32:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| page.phic4.top/myda.php | 104.21.73.126 | 200 OK | 504 B |
IP104.21.73.126:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectphic4.top Fingerprint97:7B:53:56:9D:D4:88:D2:B6:C7:77:A9:FB:30:54:BA:5F:88:E8:B2 ValidityThu, 14 Mar 2024 14:09:59 GMT - Wed, 12 Jun 2024 14:09:58 GMT
Hash119af5345ace28d0b134ff0fbd54db2e c0d85f863d3011577d8bbded07cb91e951b40c1a 9df63d2baa22910e4bb560a131b0253812ef595efb6696a8253a9fa6f11658da
GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3870
last-modified: Thu, 09 May 2024 18:27:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiDdkNL6Nif2vVYFx9A6fbYs7HW5%2F%2FRs7s0lBsHv0HkXWn0WDkekc9%2BKbkYejCxT3CB2UTm1lJ6qE2%2B9%2FCySHqAZC992Wxw21AbtdAJc%2FA68y6vZ7PTxdiFtL3D%2FhxxdfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d829919b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=23782 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=23782 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://data.jpg4.monster/
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 09 May 2024 19:32:25 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://data.jpg4.monster
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| e275260174.05ae41c3fc.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk0MTI1NzcyNTYwNDc3ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU0LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2e275260174.05ae41c3fc.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk0MTI1NzcyNTYwNDc3ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU0LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjecte275260174.05ae41c3fc.com Fingerprint91:7A:C9:0C:9C:3B:D5:9C:7E:DC:91:F5:95:96:9C:15:4F:61:37:FE ValidityMon, 06 May 2024 02:50:55 GMT - Sun, 04 Aug 2024 02:50:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTk0MTI1NzcyNTYwNDc3ODAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEyMi4wIiwidGFnX2lkIjoyMzc4Miwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjU0LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: e275260174.05ae41c3fc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| js.wpshsdk.com/npc/sdk/push.m.js?v=1 | 45.133.44.53 | 200 OK | 15 kB |
URL GET HTTP/2js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectjs.wpshsdk.com Fingerprint7C:0A:CB:08:AD:6F:60:55:9E:07:7C:F7:07:AC:DD:CF:DF:AB:01:FD ValidityWed, 20 Mar 2024 05:01:38 GMT - Tue, 18 Jun 2024 05:01:37 GMT
File typegzip compressed data, from Unix Hasha4f864aa27b65e50df8eab4a4c3ebac0 1233ce002948d44e8e0727b02be5e598898a8bc4 fac9352c851236a0d94b13edf7d129a9dc586b51bcd7268860a6fea890845430
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Sat, 27 Apr 2024 11:13:42 GMT
etag: W/"662cdde6-845a"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js | 172.217.21.170 | 200 OK | 30 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP172.217.21.170:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 | 172.67.211.235 | 200 OK | 15 kB |
URL GET HTTP/3css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 IP172.67.211.235:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash0456d22f98d39a5028be86c6174e351c 64be9d29d1000d3a3b52162cabe27670d13cd125 40a127642cbca7fd5676489345663f1b1a7f8b7190ac0a1ebf49227c734d215c
GET /tagjpa.php?noself=1&url=av.av4us.top/tags/2 HTTP/1.1
Host: css.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html; charset=UTF-8
8tagproxuri: /tagjpa.php?noself=1&url=av.av4us.top/tags/2
x-frame-options: ALLOWALL
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=72000
594tagproxuri: /tagjpa.php?noself=1&url=av.av4us.top/tags/2
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 53365
last-modified: Thu, 09 May 2024 04:42:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjfOf%2FFt%2FXoMPx12M1WgkRNWKNqYdbHyKfOJpCLUnx1XoaqQUQd%2FhCHGxCDGtJ8v5rXPWHUcjvLjoUCzvgdDR3zNCzFfG2EeQBVOjSmAtAJ%2BMig8lCmmzqaO4Mp0kd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d878c03569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| av.av4us.top//js.2mp4.xyz/AV4.us.jpg | 172.67.200.220 | | 6.2 kB |
URL GET av.av4us.top//js.2mp4.xyz/AV4.us.jpg IP172.67.200.220:0
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerGoogle Trust Services LLC Subjectav4us.top Fingerprint88:5B:37:05:BC:F6:BA:AD:74:15:38:DB:11:3A:C8:B5:01:AE:9A:47 ValidityMon, 06 May 2024 11:10:43 GMT - Sun, 04 Aug 2024 11:10:42 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1299), with CRLF, LF line terminators Hash8341e5b845ad799be65e82884c4008f0 ce6ec5fcd534ad91b3f4a4cfc0e6633b9382ee07 a800fdc8418e559c59c1b77b2afe5e9c12e0509191c1d8b9c81a065a241198a0
GET //js.2mp4.xyz/AV4.us.jpg HTTP/1.1
Host: av.av4us.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/html; charset=UTF-8
pdojs-line8: host-av.av4us.top127.0.0.1-myhost-av.av4us.top127.0.0.1//js.2mp4.xyz/AV4.us.jpg
phost: av.av4us.top
pdojs-line1052: notjp--myhost-av.av4us.top-filteron-
line2128: notjp--myhost-av.av4us.top-filteron-//js.2mp4.xyz/AV4.us.jpg
line2131: notjp--myhost-av.av4us.top-filteron-
line2428: notjp-//js.2mp4.xyz/AV4.us.jpg-myhost-av.av4us.top-filteron-
cache-control: public, max-age=88451
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-re-la: EXPIRED
xkey-re-re-la: av.//js.2mp4.xyz/AV4.us.jpg-A-av.av4us.top-av.av4us.top-myzone---yes
x-proxy-cache-hd-la: HIT
xkey-hd-la: av.//js.2mp4.xyz/AV4.us.jpg-A-av.av4us.top--my_zone
cf-cache-status: HIT
age: 75944
last-modified: Wed, 08 May 2024 22:26:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swxyA4PuGnGrO0qGjHv9qLR0Bw%2FNaU8rOLs7ItT0ZA92iqKpG0kzSo6F5F4E6AkZKDC%2BXJhArQhQXMZAPgfP5PrVnqqUbWPnYEe0YAAjcfqUhsMCbYiAwbNPRgSxKJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d88cdda56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=a263c7d6-edaa-4cf7-8486-2c2a8d47985d&subid=809032184&sid=3937968599&spot_id=17050&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1 | 168.119.25.102 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=a263c7d6-edaa-4cf7-8486-2c2a8d47985d&subid=809032184&sid=3937968599&spot_id=17050&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1 IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=a263c7d6-edaa-4cf7-8486-2c2a8d47985d&subid=809032184&sid=3937968599&spot_id=17050&created_at=2024-05-09&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| e859321004.6423f6c6c4.com/in/multy | 157.90.84.246 | 200 OK | 0 B |
URL POST HTTP/2e859321004.6423f6c6c4.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subject6423f6c6c4.com Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31 ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://data.jpg4.monster/
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 09 May 2024 19:32:25 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash9a42e37278e1480da7ec417eb8b7285e 2ebb273a9d30622c0371647e60d4323937a9d5bc 0c3686dcbc184d61e8fd14b50520a7d83880a655fa38a7f14443a275130a446e
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 May 2024 19:32:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 464 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: bf89a58de3f68a0e2608cb9defb27fd4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztiXOtXkLl9RsPRdlYrzstmT1MP4e0e8AMZh7lwziZT36uFxwqK3MeB6neLZxFfYLhzh4agRZg6ijlUye4TL4q4XIrBJ5H5I8rn4Zc4U9vqtZZMRQASI8B6us3bT76VCLP1up5YzQEyMUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d87ad02b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js | 172.217.21.170 | 200 OK | 30 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP172.217.21.170:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:40:41 GMT
expires: Sat, 03 May 2025 00:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzOBO6tgQGfr_QJqwinVkQJIXnr0kaH3P6ZXWKAoCY38COFjQkXA1bnFR7L73ZvCRO_npmZJQ | 74.125.131.84 | 302 Found | 429 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzOBO6tgQGfr_QJqwinVkQJIXnr0kaH3P6ZXWKAoCY38COFjQkXA1bnFR7L73ZvCRO_npmZJQ IP74.125.131.84:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
File typeHTML document, ASCII text, with very long lines (406) Hash4cd25a88b53ffc2bac73bb9b84c2f5a0 981dbaf73cd216ac9fd4390c7361ca691079b79e fd3b88c73f48ec8557b4ae5dd722e8d62f237d5b46e66037fd602d57c1ffbd82
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzOBO6tgQGfr_QJqwinVkQJIXnr0kaH3P6ZXWKAoCY38COFjQkXA1bnFR7L73ZvCRO_npmZJQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:1AwdliAY0MuBpQAJB5Y5ZNOdmJ9_QQ:8U9c61E5HBPW2Tkw;Path=/;Expires=Sat, 09-May-2026 19:32:25 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:32:25 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwTSS8jucpEQKpZ2y8lUQHT8Gphhn_UY-fjq3Wlx91ArkHAU31-_i-0WiFPR_jrOc-vGyH_Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811735968%3A1715283145593400&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-bhq8ZvEHjx4gQR6PaslneA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 429
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hash295c1ab534489dc31c4940823ae306a6 f64846d666665600e9b3191323707b0312ea2103 f71d58c2003e0da135fb8f57ef576b17eebe7916ced184c7bf99f603049eaddb
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 May 2024 19:32:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| nereserv.com/in/dip?event_id=03966878-2ab9-4e69-bdfa-bb7b6ff7555b&subid=114096166&spot_id=81665&created_at=2024-05-09&timezone=0&ver=1.141.0 | 168.119.25.102 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?event_id=03966878-2ab9-4e69-bdfa-bb7b6ff7555b&subid=114096166&spot_id=81665&created_at=2024-05-09&timezone=0&ver=1.141.0 IP168.119.25.102:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?event_id=03966878-2ab9-4e69-bdfa-bb7b6ff7555b&subid=114096166&spot_id=81665&created_at=2024-05-09&timezone=0&ver=1.141.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| js.2mp4.xyz/?vidjs=51uad-5vq | 188.114.97.1 | | 22 kB |
URL GET js.2mp4.xyz/?vidjs=51uad-5vq IP188.114.97.1:0
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject2mp4.xyz FingerprintED:E7:E0:E1:A9:53:73:B5:DC:2D:51:FA:D6:F6:F6:7B:04:99:02:28 ValidityThu, 02 May 2024 12:01:28 GMT - Wed, 31 Jul 2024 12:01:27 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (752), with CRLF line terminators Hash43c2c8713d395513c4e66f9cde2b2e18 91f1d97a80a45df119062303003f7adaff9560a4 fd2a053201de2cea9f9808e7697513c0093f4be4324654d70752d8edf1986fbf
GET /?vidjs=51uad-5vq HTTP/1.1
Host: js.2mp4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/html; charset=UTF-8
pdo-line12: host-js.2mp4.xyz96.161.209-myhost-158.222.66/?vidjs=51uad-5vq
phost:
pdo-line55: host-js.2mp4.xyz96.161.209-myhost-158.222.66/?vidjs=51uad-5vq
cache-control: public, max-age=86400
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 21728
last-modified: Thu, 09 May 2024 13:30:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhT81iSz2ollUUhAOHw%2BsKtaR13%2BugPMYCB6zhrH77ASqLycJIwBhAvYFIcBuZa0%2F0d0c7k9INokpfVFE9UCpTxEjBwrXUuE4JdoT02ivhZvm91IwArv8401TQ%2B9IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d899d26b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| e859321004.6423f6c6c4.com/in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&icons=ebnbURIQjlrZrBJRqc2kHn2U8T1WDVl5fPGUS2E2o5bxnJaYo-1jboox88bPs-IweSdcTDUD6fJib4RY2nQhNuEfvxOLcoVyo5pkMN37FZswIThSo_end1Vrh2vWe9aZrgFrIi3rI4PxaJQVX_4KI5zVJKmYS4x_R5Wemi8Gd3BDVBq48w&ext_cid=0&px_id=17050&min_cpm=0.04354565869303446&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01658531723191051&cpm=0&verify_hash=47fdee545a851d3ef77477c99e19e135&is_native=4&real_bid=0.00044402996859443494&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001165825&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=a70638bf-1dc4-42d1-aa6a-dd8a6d8151df&prev_step_diff=771 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2e859321004.6423f6c6c4.com/in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&icons=ebnbURIQjlrZrBJRqc2kHn2U8T1WDVl5fPGUS2E2o5bxnJaYo-1jboox88bPs-IweSdcTDUD6fJib4RY2nQhNuEfvxOLcoVyo5pkMN37FZswIThSo_end1Vrh2vWe9aZrgFrIi3rI4PxaJQVX_4KI5zVJKmYS4x_R5Wemi8Gd3BDVBq48w&ext_cid=0&px_id=17050&min_cpm=0.04354565869303446&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01658531723191051&cpm=0&verify_hash=47fdee545a851d3ef77477c99e19e135&is_native=4&real_bid=0.00044402996859443494&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001165825&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=a70638bf-1dc4-42d1-aa6a-dd8a6d8151df&prev_step_diff=771 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subject6423f6c6c4.com Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31 ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&icons=ebnbURIQjlrZrBJRqc2kHn2U8T1WDVl5fPGUS2E2o5bxnJaYo-1jboox88bPs-IweSdcTDUD6fJib4RY2nQhNuEfvxOLcoVyo5pkMN37FZswIThSo_end1Vrh2vWe9aZrgFrIi3rI4PxaJQVX_4KI5zVJKmYS4x_R5Wemi8Gd3BDVBq48w&ext_cid=0&px_id=17050&min_cpm=0.04354565869303446&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.01658531723191051&cpm=0&verify_hash=47fdee545a851d3ef77477c99e19e135&is_native=4&real_bid=0.00044402996859443494&original_bid_usd=0.0011658249999999999&original_bid=0.0011658249999999999&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0011658249999999999&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001165825&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=a70638bf-1dc4-42d1-aa6a-dd8a6d8151df&prev_step_diff=771 HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| page.phic4.top/myda.php | 104.21.73.126 | 200 OK | 41 kB |
IP104.21.73.126:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectphic4.top Fingerprint97:7B:53:56:9D:D4:88:D2:B6:C7:77:A9:FB:30:54:BA:5F:88:E8:B2 ValidityThu, 14 Mar 2024 14:09:59 GMT - Wed, 12 Jun 2024 14:09:58 GMT
Hashe145154e333b2b1a80da1de26056820c 5d7c97e4762dc0beae7be21345fdda2e652f32d6 8467448c611182413a40e88d77debc847e38c4ab291fee4cdcf82c94e0017f66
GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3870
last-modified: Thu, 09 May 2024 18:27:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Clrraia9vgKJKv%2BEE2a12jrttf39tQxWs4ejmYsWjsQal3Rg2RwOnxmCmzOISxlPZx5hHX5xoJSdz86SqZu7%2FN%2B6PMrRgvpuqTX0HZbTsVKVSIScXMSA%2F4Pzxb6NtP4%2FYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d828902b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e859321004.6423f6c6c4.com/in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DMwx-FALdnEwFvPglO59bGXjSdtZgpjiVIS00IKIYinhv5apCJuk0IdH3FrLj0zoPWVQplgGYMOauCOOz0mY2R7UAnTcIOH0VxIVoaPZEupLJIIkXKBPJOB7UApS4cUQqPJo3uQEJ8vAExP45b8uQB3MZ8IAMS7zpdPsJdg-L5Zt0xS5Z10hl6tVGOkNY-ulzNT-hwWEW1Sm7qaonKbxTIytdnJkBW7M8qZAzuNe8hd0fWc9bCm94ku3DVpEp-73WD5iHastAlmhKJXtj43DbP5jtQ38lYx0I7lb57RSixdPU11ppJw-ZpgoGF1p8snyu2OdG46uaalYXDppzKz9EtOBKynv_QOHXhLuulDcE5TzZbREJP6h600EKLof8fOZj3BiTnqSVsO3K_dQAscoxr_0eSS44iyUoGLDaP_lvGVUzgN1deeRiF82szEqB6KuFYMnALzDFG8mAUIo6Tmj3tPBsp1eS8aR46WyCkUHEbtodhm0VMCNP0bYCKF-e-N3PIcOPAbjRiDxdmHFM_dzvIUN8NhmCE4U-mEKdrSMlhcnyLf3F-S1EQFQmR2y5utLJzSeGe_SHxvsu0aPKKa1vdq93SfA2U6ANjwA3_Pv-uwqiijnNry5OOaWIeFu6K9VAv5LZEEtCivwtBft5hQ8DYC_NSjFXC557JAFO_tD2nwEEw5XF89xTie4RdxKbIGPDh4_OLG86V-G65CsdNajHtNHUC5T6JUvuLQPq0SfnCMty1gLaaiW4falaNuQqVb9411rld8Vvdjw6F2zW9zP73y95LpsaLm3wNavlp5DmwzGut67j8M45p4-tdwVxB14ZfKlsC3HqDqJocCjNTx3LV1dGhaOY2k5TBQHAUwXdfT8lgYkYaxYA0DlmtTxVyjRyYb8ycQQNaqXzKXlyTmBcEcA7HCIZhD2ggd9-GTrZ6EDozoRtyKowbTr1LG2t89JJWX7VTMry_YJHZtrBe7TR9HtxlOPLTEu3HNEiwAma_8DwW5bOYxfVpsjWm9DErUEIoBhWZfMAJE3Yd8LjKwAdDx3uxxgBF5Hh9NMuD3YqfUI20RgJuRgqZzW9uDhKMFNoeToSVSicVozQO5_lyYbGaXjjB6yXIUDGj9R1CWlueFOkJVWCJE4WTgP49Vw97dIzl88k81Dw6gfoXmLHq35ajXGzFUS9DMgnIhTo8YB6Pn1hQiAwvzoBkgxn0LGk-FubJN8zFf-tQkkBocB3gqNRjQzfxKrfo0q3zkwkMOrYGFqu8GeRsc41Dy_0uHWEYucs6DTkEVpz8UHaiCJsPeZp5vZt1NUndC5rYMEVCkV3J7_XC8Y7FoddfQ%26bid%3D0.02334804326239332&icons=ono2q21UEA7dj1wlaeBvoZLKWnEccU252A19dwVxmYSDnzM_gc4WwkYV9jdswqHCYXL8fA-ySUCDy7JmZEnNk-1R-nTneu45DKhFJk6kzl2kjagSsViS5Ts_3ci7AWCyMxWpiNyvkJWCyOpRPKA89_I0f5ex4Ltdl87CojRc-HnrTs3-oFSErgVl37_KNmS5_Njp7OddlfJw68AgoHtG3JHQAr4BkckvoZqByf76CIQ7gf74TGWTzfOY5ehj1X1n6QnyKPR3L4H1UZ4NsilRQCjRqyZVQCN8p_C2gri7j-VkMmaoTjaJAS_Xf1j4JTLJQQoi8dZQnmfYs7RW893bDKIQqBcPJNevqzBG9gWKWAMOBbzKwrgHbFk4THxAug03cgzpgQ87P134WgzX4-sYeebf-8mhxeQ6SAXjpWer5wvtFads5oaAvraylO4ekCGWTR29okjXLJdliqap75j-C7j5CIQIJWxDn2hMccLgkF-TTN5HW1_wRCWHsxnY49MzASdYdcm2itJmxwlJS7Q-MKaGwR8Hp27EmTsbIiczgopRCT4kH_uqbvE1-60sA1xJmbkJlLttj0So0clpOiSwrg-AgjKWHjGjJHGoec5MHYF1ddM35tQKhEhd4hci5CZvvf4fYLKOaYm0tMoEw6OzdOJjScbUcqtJAUphkvTJqDHTW9C8CEBGmOThQs14bWnOHXl2J9b-sehyQsCc7PJpLjlQ8-fE1d3ns82KFLxHgQtCJSFw06DL9RiFJUNnGv_Dn9peTyKEuk2b1XGaIGRR08qS4PsKS0EyqjuAX4u5E7_1DohCVS2dlO-G08RzpnaTFgoltnVnJl0hF-JvWreWnf60KaxOzFmOOql3Lr7txshp6Qf7R3eCf71KRs5-DkimA8FQyy6Pq6RrOBAfG4Um8Fm9LnUbpHqhmnnX74KPv9EabQ2VTNFZiaquH0jXnt4-sxreCOy1oG_6reCt-RXH9crg12NypEiXQ2H5wICb8hGCD409lU7mi-qA5_YKuesVpqtSorMuB0-fa__7E_Mm3_53BP8tPO4xKm2XKPIHG7tdFHzoI6LfFyMqGnaSP4DaQ9s_m1LMuBFt_Uhl3U1g606ovh9hOOD4ZeLcX6x0gOqEATxjyaZya1EJ7j8W2cJrfN1MHwbKnFUX_LRUGi2Of5kTrPD8wwl9DFp7PO3-2_nZ0Uo8Yls93oe0Ue9WsQ5JkrGRBqi-ZF9YFLeiqqjuVD1JT78fFh0rRV6xWo0slV_lvbFF_CFE-H097QyxUnxIujVlmDlHwrkoYl1LZZgOzXO0YO6Ju_8CWAnbcnpQzSdz1m3WNydsuB8jm7Q&ext_cid=224906&px_id=7317050&min_cpm=0.0010248536794133295&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.02334804326239332&verify_hash=efb917f40bb55c2544e46b6943ce0a82&is_native=1&real_bid=0.023014166506485034&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715455945&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=cad85f50-5a33-467b-9165-572a515f7303&prev_step_diff=770 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2e859321004.6423f6c6c4.com/in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DMwx-FALdnEwFvPglO59bGXjSdtZgpjiVIS00IKIYinhv5apCJuk0IdH3FrLj0zoPWVQplgGYMOauCOOz0mY2R7UAnTcIOH0VxIVoaPZEupLJIIkXKBPJOB7UApS4cUQqPJo3uQEJ8vAExP45b8uQB3MZ8IAMS7zpdPsJdg-L5Zt0xS5Z10hl6tVGOkNY-ulzNT-hwWEW1Sm7qaonKbxTIytdnJkBW7M8qZAzuNe8hd0fWc9bCm94ku3DVpEp-73WD5iHastAlmhKJXtj43DbP5jtQ38lYx0I7lb57RSixdPU11ppJw-ZpgoGF1p8snyu2OdG46uaalYXDppzKz9EtOBKynv_QOHXhLuulDcE5TzZbREJP6h600EKLof8fOZj3BiTnqSVsO3K_dQAscoxr_0eSS44iyUoGLDaP_lvGVUzgN1deeRiF82szEqB6KuFYMnALzDFG8mAUIo6Tmj3tPBsp1eS8aR46WyCkUHEbtodhm0VMCNP0bYCKF-e-N3PIcOPAbjRiDxdmHFM_dzvIUN8NhmCE4U-mEKdrSMlhcnyLf3F-S1EQFQmR2y5utLJzSeGe_SHxvsu0aPKKa1vdq93SfA2U6ANjwA3_Pv-uwqiijnNry5OOaWIeFu6K9VAv5LZEEtCivwtBft5hQ8DYC_NSjFXC557JAFO_tD2nwEEw5XF89xTie4RdxKbIGPDh4_OLG86V-G65CsdNajHtNHUC5T6JUvuLQPq0SfnCMty1gLaaiW4falaNuQqVb9411rld8Vvdjw6F2zW9zP73y95LpsaLm3wNavlp5DmwzGut67j8M45p4-tdwVxB14ZfKlsC3HqDqJocCjNTx3LV1dGhaOY2k5TBQHAUwXdfT8lgYkYaxYA0DlmtTxVyjRyYb8ycQQNaqXzKXlyTmBcEcA7HCIZhD2ggd9-GTrZ6EDozoRtyKowbTr1LG2t89JJWX7VTMry_YJHZtrBe7TR9HtxlOPLTEu3HNEiwAma_8DwW5bOYxfVpsjWm9DErUEIoBhWZfMAJE3Yd8LjKwAdDx3uxxgBF5Hh9NMuD3YqfUI20RgJuRgqZzW9uDhKMFNoeToSVSicVozQO5_lyYbGaXjjB6yXIUDGj9R1CWlueFOkJVWCJE4WTgP49Vw97dIzl88k81Dw6gfoXmLHq35ajXGzFUS9DMgnIhTo8YB6Pn1hQiAwvzoBkgxn0LGk-FubJN8zFf-tQkkBocB3gqNRjQzfxKrfo0q3zkwkMOrYGFqu8GeRsc41Dy_0uHWEYucs6DTkEVpz8UHaiCJsPeZp5vZt1NUndC5rYMEVCkV3J7_XC8Y7FoddfQ%26bid%3D0.02334804326239332&icons=ono2q21UEA7dj1wlaeBvoZLKWnEccU252A19dwVxmYSDnzM_gc4WwkYV9jdswqHCYXL8fA-ySUCDy7JmZEnNk-1R-nTneu45DKhFJk6kzl2kjagSsViS5Ts_3ci7AWCyMxWpiNyvkJWCyOpRPKA89_I0f5ex4Ltdl87CojRc-HnrTs3-oFSErgVl37_KNmS5_Njp7OddlfJw68AgoHtG3JHQAr4BkckvoZqByf76CIQ7gf74TGWTzfOY5ehj1X1n6QnyKPR3L4H1UZ4NsilRQCjRqyZVQCN8p_C2gri7j-VkMmaoTjaJAS_Xf1j4JTLJQQoi8dZQnmfYs7RW893bDKIQqBcPJNevqzBG9gWKWAMOBbzKwrgHbFk4THxAug03cgzpgQ87P134WgzX4-sYeebf-8mhxeQ6SAXjpWer5wvtFads5oaAvraylO4ekCGWTR29okjXLJdliqap75j-C7j5CIQIJWxDn2hMccLgkF-TTN5HW1_wRCWHsxnY49MzASdYdcm2itJmxwlJS7Q-MKaGwR8Hp27EmTsbIiczgopRCT4kH_uqbvE1-60sA1xJmbkJlLttj0So0clpOiSwrg-AgjKWHjGjJHGoec5MHYF1ddM35tQKhEhd4hci5CZvvf4fYLKOaYm0tMoEw6OzdOJjScbUcqtJAUphkvTJqDHTW9C8CEBGmOThQs14bWnOHXl2J9b-sehyQsCc7PJpLjlQ8-fE1d3ns82KFLxHgQtCJSFw06DL9RiFJUNnGv_Dn9peTyKEuk2b1XGaIGRR08qS4PsKS0EyqjuAX4u5E7_1DohCVS2dlO-G08RzpnaTFgoltnVnJl0hF-JvWreWnf60KaxOzFmOOql3Lr7txshp6Qf7R3eCf71KRs5-DkimA8FQyy6Pq6RrOBAfG4Um8Fm9LnUbpHqhmnnX74KPv9EabQ2VTNFZiaquH0jXnt4-sxreCOy1oG_6reCt-RXH9crg12NypEiXQ2H5wICb8hGCD409lU7mi-qA5_YKuesVpqtSorMuB0-fa__7E_Mm3_53BP8tPO4xKm2XKPIHG7tdFHzoI6LfFyMqGnaSP4DaQ9s_m1LMuBFt_Uhl3U1g606ovh9hOOD4ZeLcX6x0gOqEATxjyaZya1EJ7j8W2cJrfN1MHwbKnFUX_LRUGi2Of5kTrPD8wwl9DFp7PO3-2_nZ0Uo8Yls93oe0Ue9WsQ5JkrGRBqi-ZF9YFLeiqqjuVD1JT78fFh0rRV6xWo0slV_lvbFF_CFE-H097QyxUnxIujVlmDlHwrkoYl1LZZgOzXO0YO6Ju_8CWAnbcnpQzSdz1m3WNydsuB8jm7Q&ext_cid=224906&px_id=7317050&min_cpm=0.0010248536794133295&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.02334804326239332&verify_hash=efb917f40bb55c2544e46b6943ce0a82&is_native=1&real_bid=0.023014166506485034&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715455945&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=cad85f50-5a33-467b-9165-572a515f7303&prev_step_diff=770 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subject6423f6c6c4.com Fingerprint2F:36:6C:E2:70:8D:26:9A:96:36:8B:43:26:81:52:60:C6:18:7B:31 ValiditySun, 05 May 2024 14:01:56 GMT - Sat, 03 Aug 2024 14:01:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=a&site_id=3117050&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fdata.jpg4.monster%2Fcontact%2F----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6%2Fpic1.html&refdom=data.jpg4.monster&auction_time=1715283145&subid=809032184&sid=3937968599&tcid=0&ver=8.159.0&ver_c=&spot_id=17050&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-05-09&iabcat=IAB25-3&keywords=&user_fp=10525439425521361963&score=27.577392754711752&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D809032184%26spot_id%3D17050%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdata.jpg4.monster%252Fcontact%252F----%2525E9%252580%2525B1%2525E5%252588%25258A%2525E5%2525AE%25259D%2525E7%25259F%2525B3%252520%2525E3%252582%2525A2%2525E3%252583%25258A%2525E3%252582%2525BF%2525E3%252581%2525AE%2525E3%252581%25258A%2525E3%252581%2525A3%2525E3%252581%2525B1%2525E3%252581%252584%2525E8%2525A6%25258B%2525E3%252581%25259B%2525E3%252581%2525A6%252Fpic1.html%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=16030&crtid=5fcbc33c86bbc49c561fd8fb36a2149b&url=https%3A%2F%2Fp.a64x.com%2Fin%2Ftip_clicks%2F%3Fkatds_ep%3DMwx-FALdnEwFvPglO59bGXjSdtZgpjiVIS00IKIYinhv5apCJuk0IdH3FrLj0zoPWVQplgGYMOauCOOz0mY2R7UAnTcIOH0VxIVoaPZEupLJIIkXKBPJOB7UApS4cUQqPJo3uQEJ8vAExP45b8uQB3MZ8IAMS7zpdPsJdg-L5Zt0xS5Z10hl6tVGOkNY-ulzNT-hwWEW1Sm7qaonKbxTIytdnJkBW7M8qZAzuNe8hd0fWc9bCm94ku3DVpEp-73WD5iHastAlmhKJXtj43DbP5jtQ38lYx0I7lb57RSixdPU11ppJw-ZpgoGF1p8snyu2OdG46uaalYXDppzKz9EtOBKynv_QOHXhLuulDcE5TzZbREJP6h600EKLof8fOZj3BiTnqSVsO3K_dQAscoxr_0eSS44iyUoGLDaP_lvGVUzgN1deeRiF82szEqB6KuFYMnALzDFG8mAUIo6Tmj3tPBsp1eS8aR46WyCkUHEbtodhm0VMCNP0bYCKF-e-N3PIcOPAbjRiDxdmHFM_dzvIUN8NhmCE4U-mEKdrSMlhcnyLf3F-S1EQFQmR2y5utLJzSeGe_SHxvsu0aPKKa1vdq93SfA2U6ANjwA3_Pv-uwqiijnNry5OOaWIeFu6K9VAv5LZEEtCivwtBft5hQ8DYC_NSjFXC557JAFO_tD2nwEEw5XF89xTie4RdxKbIGPDh4_OLG86V-G65CsdNajHtNHUC5T6JUvuLQPq0SfnCMty1gLaaiW4falaNuQqVb9411rld8Vvdjw6F2zW9zP73y95LpsaLm3wNavlp5DmwzGut67j8M45p4-tdwVxB14ZfKlsC3HqDqJocCjNTx3LV1dGhaOY2k5TBQHAUwXdfT8lgYkYaxYA0DlmtTxVyjRyYb8ycQQNaqXzKXlyTmBcEcA7HCIZhD2ggd9-GTrZ6EDozoRtyKowbTr1LG2t89JJWX7VTMry_YJHZtrBe7TR9HtxlOPLTEu3HNEiwAma_8DwW5bOYxfVpsjWm9DErUEIoBhWZfMAJE3Yd8LjKwAdDx3uxxgBF5Hh9NMuD3YqfUI20RgJuRgqZzW9uDhKMFNoeToSVSicVozQO5_lyYbGaXjjB6yXIUDGj9R1CWlueFOkJVWCJE4WTgP49Vw97dIzl88k81Dw6gfoXmLHq35ajXGzFUS9DMgnIhTo8YB6Pn1hQiAwvzoBkgxn0LGk-FubJN8zFf-tQkkBocB3gqNRjQzfxKrfo0q3zkwkMOrYGFqu8GeRsc41Dy_0uHWEYucs6DTkEVpz8UHaiCJsPeZp5vZt1NUndC5rYMEVCkV3J7_XC8Y7FoddfQ%26bid%3D0.02334804326239332&icons=ono2q21UEA7dj1wlaeBvoZLKWnEccU252A19dwVxmYSDnzM_gc4WwkYV9jdswqHCYXL8fA-ySUCDy7JmZEnNk-1R-nTneu45DKhFJk6kzl2kjagSsViS5Ts_3ci7AWCyMxWpiNyvkJWCyOpRPKA89_I0f5ex4Ltdl87CojRc-HnrTs3-oFSErgVl37_KNmS5_Njp7OddlfJw68AgoHtG3JHQAr4BkckvoZqByf76CIQ7gf74TGWTzfOY5ehj1X1n6QnyKPR3L4H1UZ4NsilRQCjRqyZVQCN8p_C2gri7j-VkMmaoTjaJAS_Xf1j4JTLJQQoi8dZQnmfYs7RW893bDKIQqBcPJNevqzBG9gWKWAMOBbzKwrgHbFk4THxAug03cgzpgQ87P134WgzX4-sYeebf-8mhxeQ6SAXjpWer5wvtFads5oaAvraylO4ekCGWTR29okjXLJdliqap75j-C7j5CIQIJWxDn2hMccLgkF-TTN5HW1_wRCWHsxnY49MzASdYdcm2itJmxwlJS7Q-MKaGwR8Hp27EmTsbIiczgopRCT4kH_uqbvE1-60sA1xJmbkJlLttj0So0clpOiSwrg-AgjKWHjGjJHGoec5MHYF1ddM35tQKhEhd4hci5CZvvf4fYLKOaYm0tMoEw6OzdOJjScbUcqtJAUphkvTJqDHTW9C8CEBGmOThQs14bWnOHXl2J9b-sehyQsCc7PJpLjlQ8-fE1d3ns82KFLxHgQtCJSFw06DL9RiFJUNnGv_Dn9peTyKEuk2b1XGaIGRR08qS4PsKS0EyqjuAX4u5E7_1DohCVS2dlO-G08RzpnaTFgoltnVnJl0hF-JvWreWnf60KaxOzFmOOql3Lr7txshp6Qf7R3eCf71KRs5-DkimA8FQyy6Pq6RrOBAfG4Um8Fm9LnUbpHqhmnnX74KPv9EabQ2VTNFZiaquH0jXnt4-sxreCOy1oG_6reCt-RXH9crg12NypEiXQ2H5wICb8hGCD409lU7mi-qA5_YKuesVpqtSorMuB0-fa__7E_Mm3_53BP8tPO4xKm2XKPIHG7tdFHzoI6LfFyMqGnaSP4DaQ9s_m1LMuBFt_Uhl3U1g606ovh9hOOD4ZeLcX6x0gOqEATxjyaZya1EJ7j8W2cJrfN1MHwbKnFUX_LRUGi2Of5kTrPD8wwl9DFp7PO3-2_nZ0Uo8Yls93oe0Ue9WsQ5JkrGRBqi-ZF9YFLeiqqjuVD1JT78fFh0rRV6xWo0slV_lvbFF_CFE-H097QyxUnxIujVlmDlHwrkoYl1LZZgOzXO0YO6Ju_8CWAnbcnpQzSdz1m3WNydsuB8jm7Q&ext_cid=224906&px_id=7317050&min_cpm=0.0010248536794133295&out_id=0&campaign_type=hq&aid=127&cid=12694&uniq=&mid=5611593267579448210&skin_id=72&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.03144383035898218&cpm=0.02334804326239332&verify_hash=efb917f40bb55c2544e46b6943ce0a82&is_native=1&real_bid=0.023014166506485034&original_bid_usd=0.0319&original_bid=0.0319&exp=1440&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,90,5,33,98&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=1715455945&image_url=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F777%2F777184%2Fconversions%2FQ5MjCrOM-minify.jpg&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=224906&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=cad85f50-5a33-467b-9165-572a515f7303&prev_step_diff=770 HTTP/1.1
Host: e859321004.6423f6c6c4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 09 May 2024 19:32:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwTSS8jucpEQKpZ2y8lUQHT8Gphhn_UY-fjq3Wlx91ArkHAU31-_i-0WiFPR_jrOc-vGyH_Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811735968%3A1715283145593400&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 2.9 kB |
URL GET HTTP/2accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwTSS8jucpEQKpZ2y8lUQHT8Gphhn_UY-fjq3Wlx91ArkHAU31-_i-0WiFPR_jrOc-vGyH_Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811735968%3A1715283145593400&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
File typegzip compressed data, max compression Hash723639b6805acd278ad4e55196b8dbe1 200a230b86eeb305bde0f65256da54397891a7e4 e2973533efaa801585a38d80dcee90dbbfc1fe662b2c76c1a73526b3a12c3e52
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwTSS8jucpEQKpZ2y8lUQHT8Gphhn_UY-fjq3Wlx91ArkHAU31-_i-0WiFPR_jrOc-vGyH_Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1811735968%3A1715283145593400&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:32:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-7TvlbLGvMJc4bf5ANq5hrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=574ebbde-47cf-4150-82f1-7103d585945f&prev_step_diff=771 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=574ebbde-47cf-4150-82f1-7103d585945f&prev_step_diff=771 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&mlf=1&mlc=1&st=0.04&cpa=574ebbde-47cf-4150-82f1-7103d585945f&prev_step_diff=771 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:26 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Fri, 09 May 2025 19:32:26 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:26 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Fri, 09 May 2025 19:32:26 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.w3schools.com/w3css/4/w3.css | 192.229.133.221 | 200 OK | 5.3 kB |
URL GET HTTP/2www.w3schools.com/w3css/4/w3.css IP192.229.133.221:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerDigiCert Inc Subject*.w3schools.com Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text Hashba0537e9574725096af97c27d7e54f76 bd46b47d74d344f435b5805114559d45979762d5 4a7611bc677873a0f87fe21727bc3a2a43f57a5ded3b10ce33a0f371a2e6030f
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 889
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 09 May 2024 19:32:26 GMT
etag: "0ed8b040a1da1:0+gzip"
last-modified: Wed, 08 May 2024 12:05:22 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5256
X-Firefox-Spdy: h2
|
|
| p.a64x.com/in/tip_shows/?katds_ep=dHLgRyDDJA_Aq-d_I5fMszatvA8V7a6irEAMBneaKukHilxbHR4ZWbcKYkSMSu3gLf14xfLNAGnW4ScCxm_MjbU-m1L4koDFxq50akAFeTxqgqBhLvNRQH7UfQWYXaPQdyoVWOwQhCI-lG8QuwHZSHweiizomqaH0jz-JlcdKqIW-VjP3rUfAayCGKbgtCdLSPW8vZAxjRAaQ4ndkJ8BW8715UconKTxJ_YMO2nGqVad0LafaNY8Uk8ATsJ5cRrPAPJX5l-vSvH4ww2MbobAJT9mzI9zf1SEwlVIQfG0iXlZCXny9_ChRrhl7zjElxUEZ4B_Cw3BDC-WuFNe5IhQ_DWMnh9627CnoOOQxNIN5R5fyHHQaWGWRbRx6OvBQvcyIHloJEjLq2m0I3fdxGOfU1ihXKZyZEi3HV_vpqek_X3mPCv-zhovMfdfrjBqLQg43yBHc41VXI6UmUWZPR3lzy24FvxqalRnJSNXBwOKqXnMNZgz72cI_piSptDa9aTTgd-Z4Lm3fGbOmOlCFMMQf0e8A90DpU6tuzocWHvSufiq_TK3s3mIBTW6Z3HriFw1rtTwFrfgmjI9Td1IU56ySPA0Ao0buHR3VoxIiLq_TqBpb8Ze8d-baoOPtk9zDFO87aK8nXDsNTpsnOkPcb5i4ghFrm7ZWcn7W_9iwPeYE101DBbNVsRQuYa2R52bVDjes5zWKp_AM-jMeySqgMPwwf-TEcI9MzGw8R49zpww-8FWs63nsXvxX1amIXYJIphnA-BBYJPFFVFvlVxuSCCk8Qni_dwMpgCcQyPNnb1DEy2bn7x-9n5jrNaq4ibV4yRiIIszAEx-cxJkDWPkDqLTuAK4LKrZIESwTzdOo7Jv4uBuxsfdbb9UTYxA8-Kdyg1YTw&bid=0.02334804326239332&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=e88ce319-12cf-4d36-b486-745297e1b58b&prev_step_diff=770 | 172.67.185.171 | 302 Found | 0 B |
URL GET HTTP/2p.a64x.com/in/tip_shows/?katds_ep=dHLgRyDDJA_Aq-d_I5fMszatvA8V7a6irEAMBneaKukHilxbHR4ZWbcKYkSMSu3gLf14xfLNAGnW4ScCxm_MjbU-m1L4koDFxq50akAFeTxqgqBhLvNRQH7UfQWYXaPQdyoVWOwQhCI-lG8QuwHZSHweiizomqaH0jz-JlcdKqIW-VjP3rUfAayCGKbgtCdLSPW8vZAxjRAaQ4ndkJ8BW8715UconKTxJ_YMO2nGqVad0LafaNY8Uk8ATsJ5cRrPAPJX5l-vSvH4ww2MbobAJT9mzI9zf1SEwlVIQfG0iXlZCXny9_ChRrhl7zjElxUEZ4B_Cw3BDC-WuFNe5IhQ_DWMnh9627CnoOOQxNIN5R5fyHHQaWGWRbRx6OvBQvcyIHloJEjLq2m0I3fdxGOfU1ihXKZyZEi3HV_vpqek_X3mPCv-zhovMfdfrjBqLQg43yBHc41VXI6UmUWZPR3lzy24FvxqalRnJSNXBwOKqXnMNZgz72cI_piSptDa9aTTgd-Z4Lm3fGbOmOlCFMMQf0e8A90DpU6tuzocWHvSufiq_TK3s3mIBTW6Z3HriFw1rtTwFrfgmjI9Td1IU56ySPA0Ao0buHR3VoxIiLq_TqBpb8Ze8d-baoOPtk9zDFO87aK8nXDsNTpsnOkPcb5i4ghFrm7ZWcn7W_9iwPeYE101DBbNVsRQuYa2R52bVDjes5zWKp_AM-jMeySqgMPwwf-TEcI9MzGw8R49zpww-8FWs63nsXvxX1amIXYJIphnA-BBYJPFFVFvlVxuSCCk8Qni_dwMpgCcQyPNnb1DEy2bn7x-9n5jrNaq4ibV4yRiIIszAEx-cxJkDWPkDqLTuAK4LKrZIESwTzdOo7Jv4uBuxsfdbb9UTYxA8-Kdyg1YTw&bid=0.02334804326239332&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=e88ce319-12cf-4d36-b486-745297e1b58b&prev_step_diff=770 IP172.67.185.171:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subjecta64x.com Fingerprint86:FD:2B:DD:CC:BD:8D:ED:C0:8D:41:81:C1:48:2D:45:D6:4F:67:88 ValidityTue, 19 Mar 2024 14:58:28 GMT - Mon, 17 Jun 2024 14:58:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=dHLgRyDDJA_Aq-d_I5fMszatvA8V7a6irEAMBneaKukHilxbHR4ZWbcKYkSMSu3gLf14xfLNAGnW4ScCxm_MjbU-m1L4koDFxq50akAFeTxqgqBhLvNRQH7UfQWYXaPQdyoVWOwQhCI-lG8QuwHZSHweiizomqaH0jz-JlcdKqIW-VjP3rUfAayCGKbgtCdLSPW8vZAxjRAaQ4ndkJ8BW8715UconKTxJ_YMO2nGqVad0LafaNY8Uk8ATsJ5cRrPAPJX5l-vSvH4ww2MbobAJT9mzI9zf1SEwlVIQfG0iXlZCXny9_ChRrhl7zjElxUEZ4B_Cw3BDC-WuFNe5IhQ_DWMnh9627CnoOOQxNIN5R5fyHHQaWGWRbRx6OvBQvcyIHloJEjLq2m0I3fdxGOfU1ihXKZyZEi3HV_vpqek_X3mPCv-zhovMfdfrjBqLQg43yBHc41VXI6UmUWZPR3lzy24FvxqalRnJSNXBwOKqXnMNZgz72cI_piSptDa9aTTgd-Z4Lm3fGbOmOlCFMMQf0e8A90DpU6tuzocWHvSufiq_TK3s3mIBTW6Z3HriFw1rtTwFrfgmjI9Td1IU56ySPA0Ao0buHR3VoxIiLq_TqBpb8Ze8d-baoOPtk9zDFO87aK8nXDsNTpsnOkPcb5i4ghFrm7ZWcn7W_9iwPeYE101DBbNVsRQuYa2R52bVDjes5zWKp_AM-jMeySqgMPwwf-TEcI9MzGw8R49zpww-8FWs63nsXvxX1amIXYJIphnA-BBYJPFFVFvlVxuSCCk8Qni_dwMpgCcQyPNnb1DEy2bn7x-9n5jrNaq4ibV4yRiIIszAEx-cxJkDWPkDqLTuAK4LKrZIESwTzdOo7Jv4uBuxsfdbb9UTYxA8-Kdyg1YTw&bid=0.02334804326239332&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=datingPurpleMessage-view-b_r-body&st=0.04&cpa=e88ce319-12cf-4d36-b486-745297e1b58b&prev_step_diff=770 HTTP/1.1
Host: p.a64x.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 09 May 2024 19:32:26 GMT
content-type: application/json
content-length: 0
location: https://imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbPwF%2BDDWYn%2BjVUlQy3j%2FKe7t%2BbsH6SnBxPzCNqek1NcEg1LW7wTpVuwawubou6Ozq8DRNwlWNQt9pIDkqAQxNM288qTI6Xd82%2FaCoN2P13t6VEGLslT2ZK5OOpW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d8ebeedb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg | 45.133.44.24 | 200 OK | 11 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 360x240, components 3 Hash7a0f4319e0c7d4e0ec42eae657ba39fd e2940c23868c5975a1dc1a3c963609b34abbe6b5 6c0278ead1dce8c37b6b233d5251184cd820586eeb5d30db860c1c7315d5dba0
GET /m/p/0/777/777184/conversions/Q5MjCrOM-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:26 GMT
content-type: image/jpeg
content-length: 11228
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:57 GMT
etag: "66159d89-2bdc"
x-request-id: 13aea49745d30295dcee0faf2bf8a0c1
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg | 45.133.44.24 | 200 OK | 2.5 kB |
URL GET HTTP/2imdn.pics/m/p/0/777/777181/conversions/PguV688J-minify.jpg IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectimdn.pics Fingerprint1B:F0:2A:16:F2:A2:CB:23:EA:4E:5D:DE:96:E2:AF:CC:A0:41:03:E5 ValidityTue, 12 Mar 2024 03:00:56 GMT - Mon, 10 Jun 2024 03:00:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3 Hash9eb726ecf5e85e3b48f854490ff8284a d08b4f022e64d06f2642c5c9217d35b7851516d5 30bd73405bb72856107c9e940bece489b670970c3d2e4d6b592cc138a67a3c05
GET /m/p/0/777/777181/conversions/PguV688J-minify.jpg HTTP/1.1
Host: imdn.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:26 GMT
content-type: image/jpeg
content-length: 2460
server: nginx
last-modified: Tue, 09 Apr 2024 19:56:49 GMT
etag: "66159d81-99c"
x-request-id: 064bc710493213dae1825c3b2f5e7289
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js | 45.133.44.53 | 200 OK | 470 kB |
URL GET HTTP/2e9b729472c.39268ea911.com/94a773ec0ce10439eaff9dd642e1fefb.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjecte9b729472c.39268ea911.com FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8 ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT
Size470 kB (470121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /94a773ec0ce10439eaff9dd642e1fefb.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:25 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services Subjectaccounts.google.com Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:bDsQRRxR3YVvYhWaDW_aJeSWCWKa6w:XPNZsHNI4d9WScOt; Expires=Sat, 09-May-2026 19:32:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 May 2024 19:32:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzOBO6tgQGfr_QJqwinVkQJIXnr0kaH3P6ZXWKAoCY38COFjQkXA1bnFR7L73ZvCRO_npmZJQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-oovX2qjKbiwEpo2eRrHHpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html | 188.114.97.1 | 200 OK | 9.7 kB |
URL User Request GET HTTP/3data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectjpg4.monster FingerprintCD:81:17:42:31:B2:2F:0A:11:E1:03:FC:4F:86:8C:3D:15:14:F6:8A ValidityThu, 18 Apr 2024 20:22:08 GMT - Wed, 17 Jul 2024 20:22:07 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9761), with no line terminators Hash88b45941fc17a28fadaecae05aa05caf 9e57d9c93752700e96164dc05e50c398072a62a0 40fd3501d176ed7a1aa93595735e117349ebbed6faa2367389ab3d25a32b6c94
GET /contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html HTTP/1.1
Host: data.jpg4.monster
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: text/html; charset=UTF-8
pdojs-line8: host-data.jpg4.monster127.0.0.1-myhost-data.jpg4.monster127.0.0.1/contact/----%E3%82%B8%E3%83%A5%E3%83%8B%E3%82%A2%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%82%AD%E3%83%A3%E3%83%97%E3%83%81%E3%83%A3/pic1.html
phost: data.jpg4.monster
pdojs-line1052: notjp-es-pt-myhost-data.jpg4.monster-filteron-
line2128: notjp-es-pt-myhost-data.jpg4.monster-filteron-/contact/----%E3%82%B8%E3%83%A5%E3%83%8B%E3%82%A2%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%82%AD%E3%83%A3%E3%83%97%E3%83%81%E3%83%A3/pic1.html
line2131: notjp-es-pt-myhost-data.jpg4.monster-filteron-
line2428: notjp-/contact/----%E3%82%B8%E3%83%A5%E3%83%8B%E3%82%A2%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%E3%82%AD%E3%83%A3%E3%83%97%E3%83%81%E3%83%A3/pic1.html-myhost-data.jpg4.monster-filteron-
cache-control: public, max-age=1816846
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-re-la: HIT
xkey-re-re-la: contactdata.jpg4.monster--data.jpg4.monster-data.jpg4.monster-myzone---no
x-proxy-cache-g-sg1: HIT
xkey-g-sg1: contactdata.jpg4.monster--data.jpg4.monster--my_zone
cf-cache-status: MISS
last-modified: Thu, 09 May 2024 19:32:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwzvRvZj2OZhAgL05efcz2%2FTj6Vizj8%2BwroPo9auexlgOJ9q0GbuJwQs6%2Fh4a%2BP3BLaMA51yhN14H6O13bJYgfpNoiANY%2FzqnYZH5ftbhk7dVEnECfRg3GtPoUqUSI0suWCItw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d7c8ee70b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| css.4jpg.top/mycss/av4.css?3 | 172.67.211.235 | 200 OK | 3.8 kB |
URL GET HTTP/3css.4jpg.top/mycss/av4.css?3 IP172.67.211.235:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
File typeUnicode text, UTF-8 text, with very long lines (4145), with no line terminators Hash632229e131d295fe4f9a0bf73260d8c7 6a026881304a0ca059d5778fead6af759d0bacad c2b0ff53f6e3c34914c3de2a5d3de4120f0af66f43d47e8df680b1f8c9e80016
GET /mycss/av4.css?3 HTTP/1.1
Host: css.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: text/css
etag: W/"ef8-615968e3e7700"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 54979
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKhP%2F2SJsdUrrWrxLpQJFDGSiej6%2BoUnE0WfO4D6f3%2Bd%2B0BrJ1woDO8Glsm8DIhG7ltPpL99hWw7dFgTKxwTg9MnVWmQBzy%2Bp3kfU8KAjnNMIQqmpTCi1geNSMivkYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d8119fc569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| css.4jpg.top/mycss/av4.css?3 | 172.67.211.235 | 200 OK | 3.8 kB |
URL GET HTTP/3css.4jpg.top/mycss/av4.css?3 IP172.67.211.235:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
File typeUnicode text, UTF-8 text, with very long lines (4145), with no line terminators Hash632229e131d295fe4f9a0bf73260d8c7 6a026881304a0ca059d5778fead6af759d0bacad c2b0ff53f6e3c34914c3de2a5d3de4120f0af66f43d47e8df680b1f8c9e80016
GET /mycss/av4.css?3 HTTP/1.1
Host: css.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/css
etag: W/"ef8-615968e3e7700"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 54981
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1h1dBq2Q%2B%2BIR5WvNe1CYzvBVsT73bEJ7%2F18PZ1OiRThxY32B9Cf0uHjhT96XCmwPKnq%2BiuF8V1H7RmQ6QZEk%2B8KuRC05U56uG7EWHxKuP6tG%2BRyEsTm9wRKWb6GlHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d899fbc569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jsjs.4jpg.top/index.php?js=av4&advertisement& | 0.0.0.0 | | 0 B |
URL GET jsjs.4jpg.top/index.php?js=av4&advertisement& IP0.0.0.0:0
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:23 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--RU-rm16215822257/index.php?js=av4&advertisement&
56nloadrate: 1.4496875
cache-control: public, max-age=14400, s-max-age=1800
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 101
last-modified: Thu, 09 May 2024 19:30:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=le0giszc6O55pL%2FYMvW052igXbp9qjby5H2z5S3E9dxX3e9rEpvv%2BLDNtUasBFkUgPcSEKwG8A2wRkEZap99sSyXvK5GWgcEp2avEZI7KOgKq5HniS3pQ4cM3IUERYgb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d7f8f54569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 2.1 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2088), with no line terminators Hash8b5ed051eb80e6859ce7240db6a5f16d 2157d7496b2435b7ca06605fb1d32ac8dfac1123 9cf98df45bcd9a2d6dd35d3644ecad0db9c657c33a32ca5ce481d83b054fea9b
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://data.jpg4.monster/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1170
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 09 May 2024 19:32:25 GMT
content-type: application/json
content-length: 2076
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| e9b729472c.39268ea911.com/c24b4e831b8a6d9c926c8506ce6591f3/23782?version_name=a | 45.133.44.53 | 200 OK | 4.8 kB |
URL GET HTTP/2e9b729472c.39268ea911.com/c24b4e831b8a6d9c926c8506ce6591f3/23782?version_name=a IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjecte9b729472c.39268ea911.com FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8 ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (5445), with no line terminators Hash8b418870ec62fb8cc0fa958bc75dad4a 7ff6c845f369977b6abdae7954aaef052c39bebf 78aa6cb8a462ebcbbddb3d20f4575b906a876015e06d5a78b66838ece45e7ff1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /c24b4e831b8a6d9c926c8506ce6591f3/23782?version_name=a HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Thu, 09 May 2024 19:37:24 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| comments.4jpg.top/comments/embed.js?37 | 172.67.211.235 | 302 Found | 0 B |
URL GET HTTP/3comments.4jpg.top/comments/embed.js?37 IP172.67.211.235:443
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comments/embed.js?37 HTTP/1.1
Host: comments.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 09 May 2024 19:32:24 GMT
content-type: text/html
location: http://av.tub4us.top/1
x-proxy-cache-re-la: MISS
xkey-re-re-la: jcomments./comments/embed.js?37-A-comments.4jpg.top-comments.4jpg.top-myzone---no
x-proxy-cache-hd-la: HIT
xkey-hd-la: comments.4jpg.top/comments/embed.js?37--comments.4jpg.top--my_zone
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QXoFhX7mJP6pOc6w%2BlNAbBnbGuGBylx1O1vUnzlPrKOgWkQP8C%2FZbqX%2F5YTOVe3pr6ZoZKAJOJM33WjEoG5oPYz7rnRPpx1DgGfHgJgCYdk0UEN2MZA%2BY7TWtLCKYjDVuTj%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d8109ca569f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js | 45.133.44.53 | 200 OK | 169 kB |
URL GET HTTP/2e9b729472c.39268ea911.com/939b87343a3eb6ec5a1c3e8c8c6f7c47.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjecte9b729472c.39268ea911.com FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8 ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT
Size169 kB (168568 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /939b87343a3eb6ec5a1c3e8c8c6f7c47.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=a&med_script_id=61&page=https%3A//data.jpg4.monster/contact/----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6/pic1.html | 78.47.199.206 | 204 No Content | 0 B |
URL GET HTTP/2notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=a&med_script_id=61&page=https%3A//data.jpg4.monster/contact/----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6/pic1.html IP78.47.199.206:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?tag_id=23782&timezone_olson=UTC&version_name=a&med_script_id=61&page=https%3A//data.jpg4.monster/contact/----%25E9%2580%25B1%25E5%2588%258A%25E5%25AE%259D%25E7%259F%25B3%2520%25E3%2582%25A2%25E3%2583%258A%25E3%2582%25BF%25E3%2581%25AE%25E3%2581%258A%25E3%2581%25A3%25E3%2581%25B1%25E3%2581%2584%25E8%25A6%258B%25E3%2581%259B%25E3%2581%25A6/pic1.html HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://data.jpg4.monster
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.18.0
date: Thu, 09 May 2024 19:32:24 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| comments.4jpg.top/comments/embed.js?37 | 172.67.211.235 | 302 Found | 0 B |
URL GET HTTP/3comments.4jpg.top/comments/embed.js?37 IP172.67.211.235:443
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comments/embed.js?37 HTTP/1.1
Host: comments.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/html
location: http://av.tub4us.top/1
x-proxy-cache-re-la: MISS
xkey-re-re-la: jcomments./comments/embed.js?37-A-comments.4jpg.top-comments.4jpg.top-myzone---no
x-proxy-cache-hd-la: HIT
xkey-hd-la: comments.4jpg.top/comments/embed.js?37--comments.4jpg.top--my_zone
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=weJAT0SpUNp37nN99rOcTLsKkJN6L04Pp%2B6OFLu8Nehk3kuSvn02Vr6kh49jlPZg0TxYHmbQsEC%2BEjwbX%2FywbYRdeinEigp0pqg9L9Z2pAoDk8d1jiMoJm0kKKnk2jSOTFWqxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88141d897f86569f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jsjs.4jpg.top/index.php?js=av4&advertisement& | 0.0.0.0 | | 0 B |
URL GET jsjs.4jpg.top/index.php?js=av4&advertisement& IP0.0.0.0:0
Requested byhttps://css.4jpg.top/tagjpa.php?noself=1&url=av.av4us.top/tags/2 CertificateIssuerGoogle Trust Services LLC Subject4jpg.top Fingerprint84:93:BE:88:1C:E2:D4:76:8E:23:38:F1:13:0D:83:E0:35:05:9E:02 ValiditySun, 05 May 2024 16:05:08 GMT - Sat, 03 Aug 2024 16:05:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://css.4jpg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 19:32:25 GMT
content-type: text/html; charset=UTF-8
imghost: 17296161209-h-jsjs4jpgtopmh--RU-rm16215822257/index.php?js=av4&advertisement&
56nloadrate: 1.4496875
cache-control: public, max-age=14400, s-max-age=1800
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: HIT
age: 103
last-modified: Thu, 09 May 2024 19:30:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2BcPojhEdZepPuZzUy4oe6oUpQut3%2F0GCVOb3pTvGFIVMmUWBnjLYblTZApPGYtX4%2FMsVrUb4Yc5i9rF927yVTLqn%2FehGNrRMv37q%2BS7556Fnl8hoT6J6YEfqQl7ZdqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88141d883d7b569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js | 45.133.44.53 | 200 OK | 101 kB |
URL GET HTTP/2e9b729472c.39268ea911.com/8d49d19b7765f1a8c2fc9471c8f12409.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://data.jpg4.monster/contact/----%E9%80%B1%E5%88%8A%E5%AE%9D%E7%9F%B3%20%E3%82%A2%E3%83%8A%E3%82%BF%E3%81%AE%E3%81%8A%E3%81%A3%E3%81%B1%E3%81%84%E8%A6%8B%E3%81%9B%E3%81%A6/pic1.html CertificateIssuerLet's Encrypt Subjecte9b729472c.39268ea911.com FingerprintB5:9F:EF:07:F2:D5:84:63:A5:90:19:76:24:EB:38:B3:AB:84:6E:C8 ValidityMon, 06 May 2024 02:20:40 GMT - Sun, 04 Aug 2024 02:20:39 GMT
Size101 kB (100855 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8d49d19b7765f1a8c2fc9471c8f12409.js HTTP/1.1
Host: e9b729472c.39268ea911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://data.jpg4.monster/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 19:32:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 06 May 2024 08:27:28 GMT
etag: W/"66389470-189f7"
content-encoding: gzip
expires: Thu, 09 May 2024 19:37:24 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|