bobsvagene.club/shujuku
172.67.144.166301 Moved Permanently 0 B IP 172.67.144.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /shujuku HTTP/1.1
Host: bobsvagene.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 01 Apr 2023 04:43:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 01 Apr 2023 05:43:57 GMT
Location: https://bobsvagene.club/shujuku
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxjAKB%2ByDpdlaUeVYQY4Aw6fW9YFcv0R07r6LhJTl8WOAaeLoCQi%2B0V6PoAz8oTtrtgDVJUVLE0sOnyksQmA6G15UUGmj%2BQWTm4UjK8owOueNO%2BBqFQmitOEH9lczz15kY0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0e2c941d37b4f7-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 034b06325b334948200ef1d79d4ddeb7
b9a3c93cff37cbaaf20cca79b965b1a21c525ce8
417ce2093027b05cc34199c75e6b29f155c4dd3150651b6b3dbe8564098c4143
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417CE2093027B05CC34199C75E6B29F155C4DD3150651B6B3DBE8564098C4143"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20561
Expires: Sat, 01 Apr 2023 10:26:38 GMT
Date: Sat, 01 Apr 2023 04:43:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18569
Expires: Sat, 01 Apr 2023 09:53:26 GMT
Date: Sat, 01 Apr 2023 04:43:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 01 Apr 2023 04:16:13 GMT
content-type: application/json
age: 1664
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a57eb49c1ac36edd2db6573eb357bd87
592724177530a39ce4af02874beb776b91fefbbe
0dd258adc062ad2b6f5ce8fec0457e55e594c942817f37509ca2d1f2e8152edf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DD258ADC062AD2B6F5CE8FEC0457E55E594C942817F37509CA2D1F2E8152EDF"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8158
Expires: Sat, 01 Apr 2023 06:59:55 GMT
Date: Sat, 01 Apr 2023 04:43:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cHaBKhAxPl886T+0lPMtUlywaQJE5Myl+klovYCwFS+1WMrrNyC2LGn4BEYQwj1wvdEzRmG0IkQ=
x-amz-request-id: 5V7F8G65P6RR2W0Z
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Apr 2023 04:12:27 GMT
age: 1890
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:43:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Expires, Cache-Control, Content-Length, Retry-After, Last-Modified, Pragma, ETag, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 01 Apr 2023 04:17:27 GMT
age: 1591
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7620
Expires: Sat, 01 Apr 2023 06:50:58 GMT
Date: Sat, 01 Apr 2023 04:43:58 GMT
Connection: keep-alive
push.services.mozilla.com/
35.83.222.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.222.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QtOZ3DzeNlf6wznY/cxPTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ehzrNTabVWEX91b6vC1FbRBsrl0=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ac29d7d71ef6c0cc7547974c8c4f7b
29108a8370757ef63f347d1fd2ae696f5842342c
3371093d6dab54c7c3b612e3774435f0a592bee4e40fbcc2edd55d29d7715c26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cfadaec0a4e530de86a5b3ab09bfb1e3
a755a45246d2d5f7ac5e6fa499f31a045dabf24e
38d12bf0270a7a8805a0f5111121f0a6e9c707dc0471258b313871a485269acb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:43:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 01 Apr 2023 02:35:30 GMT
Expires: Sat, 08 Apr 2023 02:35:29 GMT
Etag: "a755a45246d2d5f7ac5e6fa499f31a045dabf24e"
Cache-Control: max-age=596489,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0e2ca1edcbb4fd-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ac29d7d71ef6c0cc7547974c8c4f7b
29108a8370757ef63f347d1fd2ae696f5842342c
3371093d6dab54c7c3b612e3774435f0a592bee4e40fbcc2edd55d29d7715c26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
poweredby.jads.co/js/jads.js
185.94.236.244301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 01 Apr 2023 04:43:59 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
ocsp.buypass.com/
23.36.76.129200 OK 6.2 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 193c4680c1094f6793f1dba92635e396
e6687e6828759c570f36cf6a9a0938d59c1a5c98
612ab269554ee5ccb103940e4f44eb8841ccb94aa034d617e7b13e33f30241bd
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: bfa65cdf-254c-49d8-8f7f-1a27442e121c
Content-Length: 1701
Date: Sat, 01 Apr 2023 04:43:59 GMT
Connection: keep-alive
poweredby.jads.co/js/jads2.js
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.244:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bobsvagene.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:43:59 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 24 Dec 2019 19:10:29 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"5e0262a5-eae"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20111
Expires: Sat, 01 Apr 2023 10:19:10 GMT
Date: Sat, 01 Apr 2023 04:43:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20111
Expires: Sat, 01 Apr 2023 10:19:10 GMT
Date: Sat, 01 Apr 2023 04:43:59 GMT
Connection: keep-alive
www.blockadsnot.com/js-joda.min.js
185.76.9.25200 OK 16 kB URL HTTP/2 www.blockadsnot.com/js-joda.min.js
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
Hash 86203c6a0893aabbaf716cb7979a823a
9973dfa83d11eddca6a0664a5b51492b56b52f07
a46814f9b4b97411aa8e5ecbd43e3240d829cfe74a781a8888c596ba5869a3a8
GET /js-joda.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:43:59 GMT
content-type: application/x-javascript
vary: Accept-Encoding
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Tue, 04 Apr 2023 22:50:57 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
server: CDN77-Turbo
x-77-nzt: AblMCRTOvqj/PkcEAA
x-77-nzt-ray: af5856305d0f698c8fb6276488c43f2e
x-accel-expires: @1680648657
x-cache: HIT
x-age: 280382
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c193cd4520e8ee5d17cd1f3faadc1c73
b46effcb93e0ad066474ec1f67bcd54020615caf
bc824341b884278e7e69ae3bb87484ad914e5909544959ebc8f8661a545cb929
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10128
x-amzn-requestid: bdd46a1d-4b43-4450-be32-3e3947d2fcd7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VELdIAMFmmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-346e92d143f6fcf46db741c8;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jidQVHgb6EK_fyGj4wYgdWEBeth8CIB5szPrwrgmirz4Q9tSYpRrsw==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:47:06 GMT
age: 25013
etag: "b46effcb93e0ad066474ec1f67bcd54020615caf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa438448b-437b-48c9-af47-94514486c67e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa438448b-437b-48c9-af47-94514486c67e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ee37ccafa69e9c352768fa30819a54f
c5268d4749fa57e8602fcb12fd11d5ffb10d0503
4186438aaede57d6b47306caa12a61328fdc83f421cecce44337ff6df9c8c028
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa438448b-437b-48c9-af47-94514486c67e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8513
x-amzn-requestid: c96fbbef-3321-40ca-9f82-79db833d14ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnXDEcQoAMFZkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64275293-75f3dfe836f9fb52292e0c21;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:37:23 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UMFfJ465bKY7Fr0I3-8brzOQtUUbCvnqkwvHmbBKYB65f-Gd8h8tOQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:46:59 GMT
age: 25020
etag: "c5268d4749fa57e8602fcb12fd11d5ffb10d0503"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddcef2c96778d9fdee670e187a43ab32
e8c98891a1ffdbb6d30cf8746e067d56fe65d964
4e6fb506079b1daab0b1913a31c6252452f133af9276e18d25fe6fb622ce54ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3800
x-amzn-requestid: a182fb32-649a-4228-a591-080aae8c053a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VEY2oAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-3a1abb584aa61a954dbd52c1;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ycsh7rNJt9blXZVpFbbdBDu5pZbGDfGIPLt5k0Ff9-fvWTX86Ndz6A==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:45:01 GMT
age: 25138
etag: "e8c98891a1ffdbb6d30cf8746e067d56fe65d964"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb930830ac86ec8ace6a232f67810ba
d084bf4331446c35236019010b2bcf82d45dad1c
bb81782bf590d601110ec8fb891f701e0f5084bda46370d30345bd81403a33ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5830
x-amzn-requestid: 0897bf26-6156-48d3-ba67-596cc326dddc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnHHG0JoAMF87w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427522d-6f380d901d9d6b737ec19d6d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: UfN2iRmDUhddBZW6qGy3q2-HCqb6Kx3iDENnirUkIoCJ6BW6zdWVtw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:44:32 GMT
etag: "d084bf4331446c35236019010b2bcf82d45dad1c"
content-type: image/jpeg
age: 21567
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0797be4-c308-47e3-9657-c929f7be021e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0797be4-c308-47e3-9657-c929f7be021e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba8077c110172a232340b8c843c21704
110ce19838f6050e0df60240211e66bb95659018
ed614253863b689b947ee48c384b0d96360730d25c6a573a8f1776c0f31b4c4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0797be4-c308-47e3-9657-c929f7be021e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10139
x-amzn-requestid: a65e17df-5f88-4840-a573-8820b3734e82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnHJE9AoAMFdwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427522d-13577a7f180985f20a340c8e;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: pCHOy35HMhXe7y4p5HZcpSVBS8BEEh0stYUpY7BpLJTD0sHa7xmEgw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:59:12 GMT
age: 24287
etag: "110ce19838f6050e0df60240211e66bb95659018"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
godpvqnszo.com/solid.gif?z=1970159&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 godpvqnszo.com/solid.gif?z=1970159&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1970159&abvar=0 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:43:59 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ff36ec2657d8ee3b0f78d0a8b2bc9c96
7ce770b27771a2417292364a24af2d65bb9085a5
7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.227200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:38:03 GMT
expires: Wed, 27 Mar 2024 10:38:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
age: 324356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ff36ec2657d8ee3b0f78d0a8b2bc9c96
7ce770b27771a2417292364a24af2d65bb9085a5
7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Apr 2023 04:43:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 83038910fcf1301c69bf9062900ce4e3
6b1a04072e6aead6aca1bfec4049dad169f10674
3c2cd94d7473eb2c3177a57dcb91eb8614993a47d7ccd4cdd2137d9471679c47
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: ad8a8079-ff62-47e9-8567-747028b3cdd7
Content-Length: 1701
Date: Sat, 01 Apr 2023 04:44:00 GMT
Connection: keep-alive
limurol.com/ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:44:00 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=230331234434d04d0401e24219b012835637; Path=/; Expires=Sun, 31 Mar 2024 04:44:00 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=876550
185.94.236.244200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=876550
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (380), with CRLF, LF line terminators
Hash eed39afdc9922835d540bbe786f16883
03d45346962ee07d7a9be06011bcf29c060e6225
725c789e372eab3130095913e09ba45a14fd61cc7e314e190804abe33213c514
GET /adshow.php?adzone=876550 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:44:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=2e72d5133986208e10e693e837eef04a; expires=Sun, 31-Mar-2024 04:43:59 GMT; Max-Age=31536000; path=/; domain=.jads.co
imps61=1; expires=Sun, 02-Apr-2023 04:44:00 GMT; Max-Age=86400; path=/; domain=.jads.co
juicy_data_1=YToxOntpOjExOTY5MzQ7aToxNjgwNTgzNDM5O30%3D; expires=Tue, 04-Apr-2023 04:43:59 GMT; Max-Age=259199; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 04-Apr-2023 04:43:59 GMT; Max-Age=259199; domain=jads.co
Content-Encoding: gzip
limurol.com/ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:44:00 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=23033123440859ea0fe49a4a0e8f6be4cdf7; Path=/; Expires=Sun, 31 Mar 2024 04:44:00 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:44:00 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://bobsvagene.club
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0e2ca5b85c0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f6c3e29cea0f3208d54cfede472bd82
c9d50a10aabaa522e8713142144614c5fbb9974e
ad785a7987a4067bd6f51583f03f2be7e42ee9a383ed2c92fe7fc290a80de6c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD785A7987A4067BD6F51583F03F2BE7E42EE9A383ED2C92FE7FC290A80DE6C2"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4329
Expires: Sat, 01 Apr 2023 05:56:09 GMT
Date: Sat, 01 Apr 2023 04:44:00 GMT
Connection: keep-alive
poweredby.jads.co/adshow.php?adzone=735814
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=735814
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1320), with CRLF, LF line terminators
Hash 56b9741f4da7eabfd120b763889a4a93
d35ebafae0cbe08730761dcde7421c22b73ec4ba
426d5614f0f2a81398dac80462ebcb772ef8c258d64c20664a8406f784ea7c07
GET /adshow.php?adzone=735814 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:44:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=2e72d5133986208e10e693e837eef04a; expires=Sun, 31-Mar-2024 04:43:59 GMT; Max-Age=31536000; path=/; domain=.jads.co
imps50289=1; expires=Sun, 02-Apr-2023 04:44:00 GMT; Max-Age=86400; path=/; domain=.jads.co
juicy_data_1=YToxOntpOjEzODkyMTI7aToxNjgwNTgzNDM5O30%3D; expires=Tue, 04-Apr-2023 04:43:59 GMT; Max-Age=259199; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 04-Apr-2023 04:43:59 GMT; Max-Age=259199; domain=jads.co
Content-Encoding: gzip
a0iv1tvvec17.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 a0iv1tvvec17.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: a0iv1tvvec17.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:44:00 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:44:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://bobsvagene.club
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
i.jads.co/network/user33/61-1480791120.gif
69.16.175.42200 OK 37 kB URL HTTP/2 i.jads.co/network/user33/61-1480791120.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 300 x 250\012- data
Hash d5ec8b444489582b2abe70b094b9ce7d
5d9789d7ad6b356f214c9745e615a30a0840a406
d442a258b5c4a8b1cdb3a8e5a7c15af9b42de3c74e33e65613a56a99a7ab057a
GET /network/user33/61-1480791120.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:44:00 GMT
etag: "1480791120"
cache-control: max-age=8417450
content-length: 37110
content-type: image/gif
last-modified: Sat, 03 Dec 2016 18:52:00 GMT
accept-ranges: bytes
x-hw: 1680324240.dop213.sk1.t,1680324240.cds230.sk1.hn,1680324240.cds204.sk1.c
X-Firefox-Spdy: h2
i.jads.co/1x1.gif
69.16.175.42200 OK 43 B IP 69.16.175.42:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:44:00 GMT
etag: "1457030838"
cache-control: max-age=6901026
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1680324240.dop213.sk1.t,1680324240.cds230.sk1.hn,1680324240.cds264.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user81419/50289-1654836989-0879826001654836989.gif
69.16.175.42200 OK 303 kB URL HTTP/2 i.jads.co/network/user81419/50289-1654836989-0879826001654836989.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 728 x 90\012- data
Size 303 kB (303073 bytes)
Hash 1e7333c98ac1853ae7edffe5cef86b0b
60db674f2790855e5656fc2ac1b1c6a563bbe25c
bcac9add80305eab437d0d85d9d16a3a4bdf5f13c2de6357f5ffb459891be681
GET /network/user81419/50289-1654836989-0879826001654836989.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:44:00 GMT
etag: "1654836989"
cache-control: max-age=6109485
content-length: 303073
content-type: image/gif
last-modified: Fri, 10 Jun 2022 04:56:29 GMT
accept-ranges: bytes
x-hw: 1680324240.dop213.sk1.t,1680324240.cds230.sk1.hn,1680324240.cds215.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df9d446a12ba5aee2f618a5ffe88b75c
f4b3672bc05684180895e70c69eb041290e9698d
cf70591750d2f4a5a6218f6564c71ad638e01e4a80705fc590301f3874ba814f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF70591750D2F4A5A6218F6564C71AD638E01E4A80705FC590301F3874BA814F"
Last-Modified: Fri, 31 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4542
Expires: Sat, 01 Apr 2023 05:59:42 GMT
Date: Sat, 01 Apr 2023 04:44:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51d3b69890b957c921d864f263a31e61
bc9017971653af059e403e373e4f337177bf16fe
bd8c7f0a0e4cf47cd051f5bee344fb221f69d27583b158e5e2ab1a93a61226f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8C7F0A0E4CF47CD051F5BEE344FB221F69D27583B158E5E2AB1A93A61226F4"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14891
Expires: Sat, 01 Apr 2023 08:52:11 GMT
Date: Sat, 01 Apr 2023 04:44:00 GMT
Connection: keep-alive
adserver.juicyads.com/js/jads.js
185.94.236.245200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/js/jads.js
IP 185.94.236.245:0
File type ASCII text, with very long lines (3769), with no line terminators
Hash 65b1efdf55163b144c5018b8772765ad
509de5f40450f3cf05e0d8d1b939fed2bbb11cbe
cf23ab637d84de0eb1c1e67764e05ca0aa140e6ee932a60700fc35661644ee48
GET /js/jads.js HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:44:00 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 20 Oct 2020 22:47:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"5f8f68ef-eb9"
Content-Encoding: gzip
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:41:10 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 694912430
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
limurol.com/ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1970159/?pb=7ae0306936c19c70183e87243873a1991680331439&psp=imHwwd-C4IzkriVisGrmlgPSnV62h0C05RCIv-DAdM0dM2i3saXuUd-oTIzgQiynhsIBi73OilkQGWRP2aseqvVc4yHknDUJVhyhHuFO4mkqdkfkp0wzDIHdpI89CSYPnob6xZoCb8c2r4-DZMTfBGyZJXwn-jRjQhdQufq2yfUHpfmLhTgwrw4I64bSubElWWPpf6cge8QiFAEbL8ooGlUL0NRhIxHxLsFvFJCumE68JtrPI_Wtfh3kXKuq5U8QgmgK_hYINGreRJoYezKWrpa0xNtEtZ8cBqvBf4uR-A46K9Yss3xYaQ4iOQcfhAUS-w5Hi6uvC_IVVRBLxAezFknqEPbsB1eFnA4c0ajLJDkF8MaWOjei4lw54eP-NKoXNnqCy1PDojfatko34Fnl5e3e3a0Lr3hOWqHYdOMdcf7fjliyPaSTBn8SXxu8-p3yhgOJh7XlQphEppA03VQErJsdSHMKcnxGgxv07tvTzSYIC1X9eHeYg47gblU393E-dJPriang0-S2fEypu4Wq_X8Y2ZNy3bNZUomnrByKmgEqdiLNt96jpxebq8N-Ks-gGp5iq5k-q_UPPaW_-D6ka5De67-rQnEpTNFBTzmG_h6zGf92ACP2bYJmfywp1etsTxTVN2O-xy-7Yq8B-SKkQ26-JiomFmmUpSo8mn6-IqTQdrR4sQvXKga83-DXTabli0XENrDF6Q359_3X9HLT-enwkjSwnIhePQXG1mkTxNfT704WtCWQvyl52HzqoOflLcozabqq9h8yPPzDsf7gRILglE2I6R42b3Pb_sFYtg1sleZrlWFjkcXg8KM7qjB7UKiEd5Fpe8g3muN0v-cxnws5KZ0YkCHrPV0Z_-fWzmIyfbhjI0Rcqdw=&cb=_cl9kzrowzunttxrqvgkyc7&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Cookie: UID=23033123440859ea0fe49a4a0e8f6be4cdf7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:44:00 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
a0iv1tvvec17.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 a0iv1tvvec17.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: a0iv1tvvec17.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:44:00 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 409 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash ec79a708850deeb20c78f3e1638927cc
9a714c8f719f014a87650265829b2295c5535b49
e803b7a447453008c8acfb403bda28ffb2269a0192761d2cfa3d0e4e19849029
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2044
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:44:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://bobsvagene.club
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4320b1e7e6b8cec07cf14167ddd9dd88
960a3379e26aafeda36d27fafb52833f27f98351
71a6120163ae9d210a832a850d969c2a6b9d5b1ddb373740e99822871634482c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71A6120163AE9D210A832A850D969C2A6B9D5B1DDB373740E99822871634482C"
Last-Modified: Fri, 31 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5074
Expires: Sat, 01 Apr 2023 06:08:35 GMT
Date: Sat, 01 Apr 2023 04:44:01 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?4210536&@f16&@g1&@h1&@i1&@j1680324239369&@k0&@l1&@mBobs%20and%20Vagene&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:50561531&@b3:1680324239&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbobsvagene.club%2F%23deletedpost&@w
149.56.240.31200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?4210536&@f16&@g1&@h1&@i1&@j1680324239369&@k0&@l1&@mBobs%20and%20Vagene&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:50561531&@b3:1680324239&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbobsvagene.club%2F%23deletedpost&@w
IP 149.56.240.31:0
File type ASCII text, with no line terminators
Hash c72bac68d39c78fcaf5d8928fc91b049
849cb0d60d231786bc1a8d7e1adbb1f7d2ec7853
494f911f34ced45d433f646b3356ab003a74f28c5225d1844a4dc763e4503df7
GET /stats/0.php?4210536&@f16&@g1&@h1&@i1&@j1680324239369&@k0&@l1&@mBobs%20and%20Vagene&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:50561531&@b3:1680324239&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbobsvagene.club%2F%23deletedpost&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:44:01 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
a0iv1tvvec17.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 a0iv1tvvec17.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: a0iv1tvvec17.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:44:01 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2ddd220a01e42b06768a15a2d873013d
6c8e480b681e5e87d46fc662486f5a4bc4e880d0
0f9749d085a35db603178645c8e1f74a5e91d6637bb1a471e6d123954002f58c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 01 Apr 2023 04:44:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Mar 2023 01:12:48 GMT
Expires: Wed, 05 Apr 2023 01:12:47 GMT
Etag: "6c8e480b681e5e87d46fc662486f5a4bc4e880d0"
Cache-Control: max-age=332325,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0e2cac9ca3b4fd-OSL
blockadsnot.com/bmxghljbrqez?_=BQFiAAAAAAAACZUAAom8ObF7MVlN-rHJrB5qrFdmJWpc0d6zamN95N8CWPrem3z07Z_v3DUU63ekRvWcHZ7nqn7Y_TZf_A8g3wg4mHYlzJczd39ouR4Uoh7P0jmL_KMOYYeHN4O2zKAfgkAqzCl9GbruUTlxmOxADC4O8ZidSHUl69cL6zrm9ulH-cwRAyM7Xl70uwIW2_DilYjDZeGWkWoGLt1lQri7MB4tuPe2Qt24mQTEjW_x0IVF3-2m2VQ8bMDKJu3Podt7flg2mp7OqzvgDO6znEkITIccsws-jZ6RdW0W_3qTgTnzkolb5CUSsD3H-BUeeZrnN3N1vnF1sxc9cmxglB4FKAKE_0rOUM9X0TKIW-GIkwVRlkcTYbMwWsbDD7Y2_vleV0fnMl5-YMTmDWl4OccHRkTczXyRYjnEnUZ_1VQZB-_24HxbyADqdoRD5ySawB7rVXPaKCaM6z9O7QWegCndMsLsQt0&v=4&VyUKSvbM=4681082&haJUwToQ=&wVvUjLoZ=0,0&LcygsXUR=&UKOWbtAS=&s=1280,1024,1,1280,1024,0
208.95.112.254200 OK 44 B URL HTTP/2 blockadsnot.com/bmxghljbrqez?_=BQFiAAAAAAAACZUAAom8ObF7MVlN-rHJrB5qrFdmJWpc0d6zamN95N8CWPrem3z07Z_v3DUU63ekRvWcHZ7nqn7Y_TZf_A8g3wg4mHYlzJczd39ouR4Uoh7P0jmL_KMOYYeHN4O2zKAfgkAqzCl9GbruUTlxmOxADC4O8ZidSHUl69cL6zrm9ulH-cwRAyM7Xl70uwIW2_DilYjDZeGWkWoGLt1lQri7MB4tuPe2Qt24mQTEjW_x0IVF3-2m2VQ8bMDKJu3Podt7flg2mp7OqzvgDO6znEkITIccsws-jZ6RdW0W_3qTgTnzkolb5CUSsD3H-BUeeZrnN3N1vnF1sxc9cmxglB4FKAKE_0rOUM9X0TKIW-GIkwVRlkcTYbMwWsbDD7Y2_vleV0fnMl5-YMTmDWl4OccHRkTczXyRYjnEnUZ_1VQZB-_24HxbyADqdoRD5ySawB7rVXPaKCaM6z9O7QWegCndMsLsQt0&v=4&VyUKSvbM=4681082&haJUwToQ=&wVvUjLoZ=0,0&LcygsXUR=&UKOWbtAS=&s=1280,1024,1,1280,1024,0
IP 208.95.112.254:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /bmxghljbrqez?_=BQFiAAAAAAAACZUAAom8ObF7MVlN-rHJrB5qrFdmJWpc0d6zamN95N8CWPrem3z07Z_v3DUU63ekRvWcHZ7nqn7Y_TZf_A8g3wg4mHYlzJczd39ouR4Uoh7P0jmL_KMOYYeHN4O2zKAfgkAqzCl9GbruUTlxmOxADC4O8ZidSHUl69cL6zrm9ulH-cwRAyM7Xl70uwIW2_DilYjDZeGWkWoGLt1lQri7MB4tuPe2Qt24mQTEjW_x0IVF3-2m2VQ8bMDKJu3Podt7flg2mp7OqzvgDO6znEkITIccsws-jZ6RdW0W_3qTgTnzkolb5CUSsD3H-BUeeZrnN3N1vnF1sxc9cmxglB4FKAKE_0rOUM9X0TKIW-GIkwVRlkcTYbMwWsbDD7Y2_vleV0fnMl5-YMTmDWl4OccHRkTczXyRYjnEnUZ_1VQZB-_24HxbyADqdoRD5ySawB7rVXPaKCaM6z9O7QWegCndMsLsQt0&v=4&VyUKSvbM=4681082&haJUwToQ=&wVvUjLoZ=0,0&LcygsXUR=&UKOWbtAS=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sat, 01 Apr 2023 04:44:01 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f235bfd1c6a28a5903f66772034cfa2c
6d6a633cea00494517dab2b1a67b085660e2d7c7
23b36c5fb8be74dbe91b0ed307f2e6f069349cd6534e39738198bebcc7ffcd18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "23B36C5FB8BE74DBE91B0ED307F2E6F069349CD6534E39738198BEBCC7FFCD18"
Last-Modified: Fri, 31 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8631
Expires: Sat, 01 Apr 2023 07:07:53 GMT
Date: Sat, 01 Apr 2023 04:44:02 GMT
Connection: keep-alive
d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499395:6,1499394:2,1187345:1,1132854:1,1499366:1&isct=1680312585&rfrr=https://bobsvagene.club/pics/milftoons-big-ass-mom/?s=Milftoons%20Big%20Ass%20Mom&iscs=ZDk2ZjFmOWEyNjcxMTQzNDEyZmUwYzAzMGM0MzFhNjc4MzE5MTViOTVhNzYxZjJiYTFhOTY4MzA3OGMwMjJkOXwwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgOC4xLjA7IENQSDE5MDkpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTEuMC4wLjAgTW9iaWxlIFNhZmFyaS81MzcuMzZ8Mjk1OTY2fDE2ODAzMTI1ODV8aWJhSFIwY0hNNkx5OWliMkp6ZG1GblpXNWxMbU5zZFdJdmNHbGpjeTl0YVd4bWRHOXZibk10WW1sbkxXRnpjeTF0YjIwdlAzTTlUV2xzWm5SdmIyNXpKVEl3UW1sbkpUSXdRWE56SlRJd1RXOXQ=&width=730&reqc=1&ver=96ab714636587cd9.1680312585455&page=aHR0cHM6Ly9ib2JzdmFnZW5lLmNsdWIvI2RlbGV0ZWRwb3N0
131.153.42.211200 OK 42 kB URL HTTP/1.1 d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499395:6,1499394:2,1187345:1,1132854:1,1499366:1&isct=1680312585&rfrr=https://bobsvagene.club/pics/milftoons-big-ass-mom/?s=Milftoons%20Big%20Ass%20Mom&iscs=ZDk2ZjFmOWEyNjcxMTQzNDEyZmUwYzAzMGM0MzFhNjc4MzE5MTViOTVhNzYxZjJiYTFhOTY4MzA3OGMwMjJkOXwwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgOC4xLjA7IENQSDE5MDkpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTEuMC4wLjAgTW9iaWxlIFNhZmFyaS81MzcuMzZ8Mjk1OTY2fDE2ODAzMTI1ODV8aWJhSFIwY0hNNkx5OWliMkp6ZG1GblpXNWxMbU5zZFdJdmNHbGpjeTl0YVd4bWRHOXZibk10WW1sbkxXRnpjeTF0YjIwdlAzTTlUV2xzWm5SdmIyNXpKVEl3UW1sbkpUSXdRWE56SlRJd1RXOXQ=&width=730&reqc=1&ver=96ab714636587cd9.1680312585455&page=aHR0cHM6Ly9ib2JzdmFnZW5lLmNsdWIvI2RlbGV0ZWRwb3N0
IP 131.153.42.211:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 790f9d6afd6cf2e51fe86bf23e25e805
e101e9b375210059c474c9f05e12a41d3bebe0e0
14f72497655c83dd28a1cadc5872d2f10fdaee1be4588b974bd66516c9473137
Analyzer Verdict Alert quad9 Sinkholed
GET /d/?resource=bundler&nada=1&widgets=1499395:6,1499394:2,1187345:1,1132854:1,1499366:1&isct=1680312585&rfrr=https://bobsvagene.club/pics/milftoons-big-ass-mom/?s=Milftoons%20Big%20Ass%20Mom&iscs=ZDk2ZjFmOWEyNjcxMTQzNDEyZmUwYzAzMGM0MzFhNjc4MzE5MTViOTVhNzYxZjJiYTFhOTY4MzA3OGMwMjJkOXwwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgOC4xLjA7IENQSDE5MDkpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTEuMC4wLjAgTW9iaWxlIFNhZmFyaS81MzcuMzZ8Mjk1OTY2fDE2ODAzMTI1ODV8aWJhSFIwY0hNNkx5OWliMkp6ZG1GblpXNWxMbU5zZFdJdmNHbGpjeTl0YVd4bWRHOXZibk10WW1sbkxXRnpjeTF0YjIwdlAzTTlUV2xzWm5SdmIyNXpKVEl3UW1sbkpUSXdRWE56SlRJd1RXOXQ=&width=730&reqc=1&ver=96ab714636587cd9.1680312585455&page=aHR0cHM6Ly9ib2JzdmFnZW5lLmNsdWIvI2RlbGV0ZWRwb3N0 HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:44:02 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"1aa30-rvF6oguq28jT+5nyNRWRMHJzYEc"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bobsvagene.club
Content-Encoding: gzip
s.pssy.xyz/prplugs/0/1243349/240x180.jpg
104.21.69.85200 OK 15 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1243349/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash 15f8f165521f0a0181dac015076234be
b15b536074c213001633e43569ec6c49cd202fc3
d05492f36a91f31ab36e4893bd5c285334e76e23f60834ce262fa2b7c9061142
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1243349/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:44:02 GMT
content-type: image/jpeg
content-length: 14851
last-modified: Thu, 30 Mar 2023 14:31:58 GMT
etag: "64259d5e-3a03"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BGtfFSQcrbcFg%2BikTMRaWMaGHbWJBaYX273vokPFudsNVD5rQDXL1k1Ffii%2BcJKMBJ1PiLhxh6U6aHdBUyL17AiRSiVej3oDRC0o%2BZnZvr52Jbxw2SKUGeQaxgq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0e2cb50941b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.pssy.xyz/prbanners/2023/02/05/kNunNgewRY4w8ZgqvVribQkoV2WSdw.gif
104.21.69.85200 OK 129 kB URL HTTP/2 s.pssy.xyz/prbanners/2023/02/05/kNunNgewRY4w8ZgqvVribQkoV2WSdw.gif
IP 104.21.69.85:0
File type GIF image data, version 89a, 728 x 90\012- data
Size 129 kB (128681 bytes)
Hash 93f30a7fa5e97a84846bed2f2a9247d7
3640549da481179e9d7f62b270d5490bb7cdea87
2db2d168b7ed703e6f12b96fd88cf133457eb1020b7ec5d666efbe6adbfd70ca
Analyzer Verdict Alert quad9 Sinkholed
GET /prbanners/2023/02/05/kNunNgewRY4w8ZgqvVribQkoV2WSdw.gif HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:44:02 GMT
content-type: image/gif
content-length: 128681
last-modified: Sun, 05 Feb 2023 21:02:24 GMT
etag: "63e01960-1f6a9"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3523
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdT4h9fxYeg9laY5d6jqhtNMIE0kXqaFzPM7pqjYUKxoDHCTNotc6mCjB7W0RVgr%2BRfxGQXSvr54e%2BlNkr%2Bn7GGJ%2FRJIzjNeP4r7PGSHPiC%2FLQfjBxTlvFufrbM1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0e2cb50943b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
192.0.77.48200 OK 314 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (314), with no line terminators
Hash 6201ff6add4821014e02cfc1bc82fc95
afd344621ef88b39f6e7013b7ce4765d67892315
5f70fb8150f0a1f184b40f86d012db040d229056b9b0d8c681f08987cb124e5f
GET /images/core/emoji/14.0.0/svg/1f514.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:44:02 GMT
content-type: image/svg+xml
content-length: 314
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
d.pssy.xyz/d/n/iframe?domain=bobsvagene.club&id=1499366
131.153.42.211200 OK 1.7 kB URL HTTP/1.1 d.pssy.xyz/d/n/iframe?domain=bobsvagene.club&id=1499366
IP 131.153.42.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 4964c3dcf09da2584c86086015ffeedc
29970d8b1913f0aa31ee57427dda6aa117b31fc1
e94a2c888a7a01a5084813e7d7bb5926bad601501729792a7cfcfb43d641c16c
Analyzer Verdict Alert quad9 Sinkholed
GET /d/n/iframe?domain=bobsvagene.club&id=1499366 HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:44:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"148b-iScGFSW8G5XgXf7iWEVmkYkgSzM"
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
d.pssy.xyz/t.php
131.153.42.211200 OK 20 B IP 131.153.42.211:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert quad9 Sinkholed
GET /t.php HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Apr 2023 04:44:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: guid=4b82a20e-fa73-4b22-8451-a9a5c7661435; expires=Sun, 31-Mar-2024 04:44:02 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
Access-Control-Allow-Origin: *
Content-Encoding: gzip
s.pssy.xyz/prbanners/2022/04/10/bWPMVxtXHicZBV8g57YtrMdWoNvSnw.jpeg
104.21.69.85200 OK 189 kB URL HTTP/2 s.pssy.xyz/prbanners/2022/04/10/bWPMVxtXHicZBV8g57YtrMdWoNvSnw.jpeg
IP 104.21.69.85:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x600, components 3\012- data
Size 189 kB (188879 bytes)
Hash a41eca62c812431b57f67c95abfe7782
8d173449030003cd1bcb4a8cacbe8430057c4ad2
6e0071ff2b1c8be10ea0d8a88d3be5088479f0fdeb055af3fbd4bc5e03ad4326
Analyzer Verdict Alert quad9 Sinkholed
GET /prbanners/2022/04/10/bWPMVxtXHicZBV8g57YtrMdWoNvSnw.jpeg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:44:03 GMT
content-type: image/jpeg
content-length: 188879
last-modified: Sun, 10 Apr 2022 06:26:12 GMT
etag: "62527884-2e1cf"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLx2CdTepCH76a%2BhnNl%2Fge%2BoIi3BArc1hYLquba4GBrQcORK%2BBJzcD%2FOwXa0safc3B%2Fe4Jq2q2FGvYHRuI9CBuQx0sl6WUDjQIXUXnDWruum3%2FKyjsmetqUYYXif"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0e2cb5093bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=446433y2r256s2o2p2b43354&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23bobsvagene
143.204.55.12200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=446433y2r256s2o2p2b43354&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23bobsvagene
IP 143.204.55.12:0
GET /jp.php?c=446433y2r256s2o2p2b43354&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23bobsvagene HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Sat, 01 Apr 2023 04:38:07 GMT
expires: Sat, 01 Apr 2023 04:53:07 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D-yo9V00HPzblUccGDiI_Or92AXoZVm7ypEPJszRL6ryeE15oFR4Rw==
age: 352
X-Firefox-Spdy: h2
godpvqnszo.com/get/1970159?zoneid=1970159&jp=_cljeh4crviwiutb07l2zes&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4332246379983419
62.122.171.6200 OK 0 B URL HTTP/2 godpvqnszo.com/get/1970159?zoneid=1970159&jp=_cljeh4crviwiutb07l2zes&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4332246379983419
IP 62.122.171.6:0
GET /get/1970159?zoneid=1970159&jp=_cljeh4crviwiutb07l2zes&nojs=0&ix=0&abvar=0&febuild=1.0.87&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4332246379983419 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:43:59 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=230331234341f8ff64f27848b9bdf36c31cc; Path=/; Expires=Sun, 31 Mar 2024 04:43:59 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
bobsvagene.club/shujuku?doing_wp_cron=1679351786.1936309337615966796875
104.21.95.112301 Moved Permanently 0 B URL HTTP/2 bobsvagene.club/shujuku?doing_wp_cron=1679351786.1936309337615966796875
IP 104.21.95.112:0
GET /shujuku?doing_wp_cron=1679351786.1936309337615966796875 HTTP/1.1
Host: bobsvagene.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 01 Apr 2023 04:43:58 GMT
content-type: text/html; charset=UTF-8
location: https://bobsvagene.club/#deletedpost
cf-edge-cache: cache,platform=wordpress
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: MISS, MISS
frontcache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxgsKlS6ARqrTLxbfuw6lk3eO7Mk9i6UWiVpDLquz5Xj0%2FnXrTbgTQbKth97IpPnH3VbW0OxOrS0nnPcZPQu07WtPYvWlZ42TVGHAA4cwNbpEqnZt6I3Dtq2CR8drssgeuI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0e2c999f9fb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald&subset=latin%2Clatin-ext&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald&subset=latin%2Clatin-ext&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Oswald&subset=latin%2Clatin-ext&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Apr 2023 04:43:59 GMT
date: Sat, 01 Apr 2023 04:43:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
godpvqnszo.com/aas/r45d/vki/1970159/eee71ac2.js
62.122.171.6200 OK 0 B URL HTTP/2 godpvqnszo.com/aas/r45d/vki/1970159/eee71ac2.js
IP 62.122.171.6:0
GET /aas/r45d/vki/1970159/eee71ac2.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 04:43:59 GMT
content-type: application/javascript
last-modified: Wed, 29 Mar 2023 13:26:16 GMT
vary: Accept-Encoding
etag: W/"64243c78-124a3"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 04:44:00 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 02 May 2023 04:44:00 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 626877
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0e2ca4ae64067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bobsvagene.club/shujuku
104.21.95.112302 Found 0 B IP 104.21.95.112:0
GET /shujuku HTTP/1.1
Host: bobsvagene.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 01 Apr 2023 04:43:58 GMT
content-type: text/html; charset=UTF-8
cf-edge-cache: cache,platform=wordpress
x-redirect-by: WordPress
location: /shujuku?doing_wp_cron=1679351786.1936309337615966796875
x-fastcgi-cache: MISS, MISS
frontcache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36Dh7vouHl28ICqjAHiI6uPax9mWF53tXulH8%2FG4O3LUTVWgX1Sn7ZSWsketOKNSicHpQHpzfym6%2Bvq4WnFvNfRE0MfBOudgb5LP3R7isIPu0ct6K%2FABjXbDGvhySvytWVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0e2c95fdcbb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2