Report - javmec.me/

Report Overview

Submitted URL
javmec.me/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-02 11:34:35
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
7
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nereserv.com	40015	2020-12-21	2020-12-21	2023-06-02	581 B	320 B	168.119.25.102
kwork.com	383396	2009-11-06	2017-07-14	2023-06-02	775 B	1.9 kB	93.171.200.41
ntvpwpush.com	unknown	2020-12-15	2020-12-15	2023-06-01	509 B	972 B	157.90.84.246
s.click.aliexpress.com	23301	2006-04-16	2013-12-16	2023-05-31	560 B	2.4 kB	104.110.21.5
vast.yomeno.xyz	44241	2019-09-18	2019-12-12	2023-06-02	4.5 kB	37 kB	109.206.175.85
static.bookmsg.com	47495	2020-09-15	2020-11-24	2023-06-02	1.1 kB	2.1 kB	78.47.181.156
betwinner1.com	92231	2018-05-22	2018-09-03	2023-06-01	868 B	3.9 kB	94.241.134.4
www.expedia.no	556982	2011-01-26	2012-07-20	2023-05-31	669 B	5.3 kB	23.38.200.193
hlmiq.com	unknown	2021-05-02	2019-11-04	2023-05-31	3.0 kB	3.6 kB	142.132.202.70
s.viiyblva.com	unknown	2023-01-13	2023-05-16	2023-06-02	1.3 kB	216 B	185.196.197.130
assets.alicdn.com	9636	2008-06-25	2014-10-08	2023-06-02	6.6 kB	454 kB	104.110.21.4
ae01.alicdn.com	7254	2008-06-25	2015-11-26	2023-06-02	926 B	29 kB	47.246.44.251
monday.com	11607	1995-07-19	2017-03-31	2023-06-01	643 B	130 kB	54.230.111.88
ae.mmstat.com	22052	2007-12-25	2021-09-17	2023-06-02	6.2 kB	4.9 kB	47.246.110.45
www.miniinthebox.com	253005	2009-11-19	2012-09-08	2023-05-31	556 B	3.0 kB	2.22.31.185
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-06-02	418 B	82 kB	142.250.74.40
js.canstrm.com	110952	2021-08-30	2021-08-30	2023-05-31	827 B	172 kB	45.133.44.53
www.instaforex.org	unknown	2007-02-03	2014-11-10	2023-05-30	396 B	429 B	195.201.188.46
www.semrush.com	87869	unknown	2012-07-29	2021-01-20	546 B	22 kB	34.120.45.191
www.tomtop.com	280114	2004-03-11	2015-04-07	2023-05-30	394 B	50 kB	35.81.13.3
cdn.1vag.com	48829	2018-03-20	2021-02-10	2023-06-02	503 B	465 B	45.133.44.24
no.bongacams.com	354530	2012-01-25	2012-10-01	2023-06-01	741 B	2.1 kB	195.85.23.95
freebitco.in	51188	2013-10-10	2013-11-30	2023-05-31	814 B	117 kB	104.22.6.169
adserver-mb.com	unknown	2020-04-19	2020-07-11	2023-05-31	890 B	675 B	176.9.60.211
js.wpushsdk.com	36947	2021-05-07	2021-05-07	2023-06-02	815 B	154 kB	45.133.44.53
remitano.com	166262	2014-11-16	2014-11-29	2023-05-30	1.2 kB	3.5 kB	104.18.28.12
ocsp.dcocsp.cn	33518	2018-05-02	2018-11-07	2023-06-01	328 B	951 B	47.246.44.225
bts.red12flyw2.site	100706	2019-09-18	2020-07-14	2023-05-31	2.2 kB	1.7 kB	109.206.163.116
accounts.google.com	81	1997-09-15	2016-03-20	2023-06-02	1.8 kB	52 kB	142.250.74.109
de-wum.aliexpress.com	116189	2006-04-16	2020-10-22	2023-06-02	1.0 kB	2.0 kB	47.246.146.63
www.litefinance.org	unknown	2018-05-18	2022-09-12	2023-05-30	420 B	8.5 kB	0.0.0.0
i.cdnkimg.com	8049	2020-08-20	2020-08-20	2023-06-02	897 B	26 kB	45.133.44.37
iplogger.com	899571	2011-11-16	2012-07-24	2023-06-02	391 B	679 B	148.251.234.93
gbx9wv.tdum.alibaba.com	unknown	1999-04-15	2023-06-02	2023-06-02	413 B	347 B	47.254.177.101
javmec.me	unknown	2021-11-26	2021-11-27	2023-04-02	8.3 kB	591 kB	188.114.96.1
img.javmec.me	unknown	unknown	No data	No data	32 kB	8.2 MB	172.67.220.40
clicks.pipaffiliates.com	153583	2010-12-15	2016-05-18	2023-05-31	414 B	1.2 kB	23.38.200.104
www.binance.com	16426	2017-04-01	2017-06-24	2023-06-01	410 B	709 B	52.84.150.65
referral.crypto.com	634000	1993-05-06	2019-03-03	2023-05-30	1.3 kB	2.4 kB	104.17.108.60
ocsp.usertrust.com	899	1997-12-05	2012-05-21	2023-06-01	332 B	1.0 kB	104.18.15.101
lite-1x69818824.top	unknown	2022-07-18	2022-07-18	2023-06-02	766 B	2.9 kB	178.253.15.88
iqbroker.com	30997	2007-04-04	2013-05-04	2023-06-02	429 B	3.5 kB	185.117.134.138
stripchat.com	10390	2006-02-13	2016-06-13	2023-05-31	463 B	4.8 kB	0.0.0.0
js.wpadmngr.com	25762	2021-06-02	2021-06-02	2023-06-02	826 B	59 kB	45.133.44.53
feneteko.com	unknown	2021-01-11	2019-11-02	2023-05-30	497 B	395 B	142.132.202.70
rtbrennab.com	unknown	2022-04-20	2022-04-20	2023-06-02	2.4 kB	887 B	162.55.139.130
bngtrak.com	unknown	2023-04-14	2023-04-17	2023-06-02	400 B	3.7 kB	31.192.112.221
www.canva.com	5710	2001-05-05	2013-10-18	2023-05-31	497 B	81 kB	104.16.226.10
monaco.app.link	unknown	2015-03-18	2017-09-01	2023-05-30	425 B	4.7 kB	54.230.111.23
cb432312b4.fb2d1abede.com	unknown	2023-05-03	2023-06-02	2023-06-02	11 kB	10 kB	159.69.163.138
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-02	990 B	2.9 kB	104.18.14.101
login.aliexpress.com	28985	2006-04-16	2015-05-08	2023-06-02	1.6 kB	16 kB	104.110.21.4
offer.alibaba.com	25391	1999-04-15	2015-08-13	2023-05-31	463 B	56 kB	47.246.44.228
g.alicdn.com	6787	2008-06-25	2014-10-06	2023-06-01	2.6 kB	136 kB	47.246.44.251
accounts.binance.com	89309	2017-04-01	2020-07-02	2023-05-31	417 B	847 B	54.230.111.67
js.natsdk.com	105692	2021-06-02	2021-06-02	2023-05-31	405 B	43 kB	45.133.44.52
cex.io	50731	2013-06-30	2015-10-28	2023-05-31	882 B	11 kB	104.22.49.167
get.mona.co	776180	2014-02-06	2017-09-01	2023-05-31	393 B	511 B	52.52.241.59
app.mona.co	51854	2014-02-06	2017-08-31	2023-05-31	524 B	1.2 kB	104.17.243.79
kinsta.com	88021	2013-04-26	2014-03-26	2023-05-31	401 B	853 B	104.18.42.131
1x-xredbet256225.top	unknown	2022-07-08	2022-07-08	2023-05-31	382 B	527 B	178.253.47.30
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23	2023-06-01	2.5 kB	14 kB	104.18.20.226
www.thelotter.net	unknown	2001-02-28	2018-12-17	2023-05-30	402 B	90 kB	107.154.132.27
js.wpshsdk.com	12130	2021-06-04	2021-06-04	2023-06-01	816 B	68 kB	45.133.44.52
rbfxdirect.com	487415	2016-12-16	2017-02-01	2023-05-30	400 B	642 B	172.67.191.237
na.nawpush.com	38563	2020-12-21	2020-12-23	2023-06-01	435 B	6.8 kB	45.133.44.24
adsexample.com	unknown	2022-01-14	2022-01-14	2023-05-30	403 B	547 B	0.0.0.0
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-02	999 B	2.1 kB	142.250.74.3
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2023-06-01	1.0 kB	772 B	157.90.84.242
fd91b5c89c.fb2d1abede.com	unknown	unknown	No data	No data	6.5 kB	26 kB	94.130.198.6
www.agoda.com	36764	2004-03-16	2012-05-24	2023-05-31	407 B	29 kB	23.38.200.217
www.exness.com	210049	2008-08-26	2012-05-22	2023-06-02	822 B	2.9 kB	45.60.78.64
www.dhgate.com	45883	2004-09-21	2015-07-18	2023-05-30	439 B	21 kB	104.110.18.132
js.cabnnr.com	37463	2021-08-30	2021-08-30	2023-06-02	413 B	54 kB	45.133.44.53
bongacams.com	16616	2012-01-25	2012-05-22	2023-06-02	1.1 kB	62 kB	195.85.23.89
healthsmd.com	unknown	2021-02-14	2017-09-14	2023-06-02	394 B	534 B	142.132.202.70
crypto.com	18658	1993-05-06	2013-05-08	2023-05-31	395 B	665 B	104.17.108.60
aeis.alicdn.com	23225	2008-06-25	2016-08-25	2023-06-02	1.3 kB	427 kB	104.110.21.4
c40b17bdc6.00280181d0.com	unknown	2023-05-03	2023-06-02	2023-06-02	2.2 kB	2.5 kB	162.55.139.130
faucetpay.io	123930	2019-11-10	2019-11-30	2023-05-30	394 B	727 B	0.0.0.0
www.exness.uk	unknown	2014-08-13	2018-08-15	2023-06-01	414 B	1.6 kB	45.60.78.64
odnaknopka.ru	352891	2007-11-02	2012-07-15	2023-05-31	781 B	1.4 kB	142.132.202.70
f7c1779ab5.bcceb2c771.com	unknown	unknown	No data	No data	1.3 kB	320 B	45.133.44.52
www.hotelscombined.com	124026	2005-10-28	2012-05-21	2023-05-31	1.6 kB	140 kB	151.101.1.29
www.xm.com	142373	1994-09-21	2012-08-10	2023-05-31	1.1 kB	4.6 kB	23.38.200.104
changelly.com	136759	2013-12-26	2017-02-01	2023-05-31	435 B	29 kB	172.67.72.173
btds.zog.link	38469	2015-01-11	2019-10-07	2023-06-02	1.0 kB	366 B	109.206.191.198
ynuf.aliapp.org	8486	2008-01-04	2017-01-30	2023-06-02	408 B	983 B	203.119.145.40
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-02	351 B	1.9 kB	104.18.21.226
www.lightinthebox.com	60440	2006-10-03	2012-10-21	2023-05-30	569 B	83 kB	2.22.31.185
instaforex.org	503073	2007-02-03	2014-11-10	2023-05-30	793 B	103 kB	195.201.188.46
fourier.taobao.com	12218	2003-04-21	2019-10-09	2023-06-02	1.4 kB	2.1 kB	203.119.169.80
my28.roboforex.org	unknown	2009-12-01	2022-07-01	2023-05-30	401 B	555 B	104.26.15.104

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-02 11:34:14	medium	109.206.175.85	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
2023-06-02 11:34:14	medium	109.206.175.85	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
2023-06-02 11:34:14	medium	Client IP	Internal IP	ETPRO POLICY External IP Lookup Domain (iplogger .com in DNS lookup)
2023-06-02 11:34:14	medium	Client IP	Internal IP	ETPRO POLICY External IP Lookup Domain (iplogger .com in DNS lookup)
2023-06-02 11:34:15	medium	Client IP	148.251.234.93	ETPRO POLICY External IP Lookup Domain (iplogger .com in TLS SNI)
2023-06-02 11:34:15	medium	Client IP	148.251.234.93	ETPRO POLICY External IP Lookup Domain (iplogger .com in TLS SNI)
2023-06-02 11:34:15	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (54)

	URL	Size	First Seen	Last Seen
	assets.alicdn.com/g/ae-fe/global/0.0.3/index.js	157 kB	2023-03-07	2024-04-26
Pretty URL assets.alicdn.com/g/ae-fe/global/0.0.3/index.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:27 Last Seen2024-04-26 21:45:17 Times Seen2470 Hash a6b921991b7460225052872598a208f1 cdd0cae91bf174fc32e10f8050d86f110cdc4e69 1e589330bfeb3738300c3c79d0bd373cd6f17cd8904927c7b99a06de2d1e647e Loading...

	assets.alicdn.com/g/ae-fe/login-ui/0.0.70/index.js	305 kB	2023-05-26	2023-06-08
Pretty URL assets.alicdn.com/g/ae-fe/login-ui/0.0.70/index.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 17:10:28 Last Seen2023-06-08 01:58:14 Times Seen17 Hash 19a99a9b671bd6561aed0297f08b9c52 1e9e7cd0acda6d65ac833c42bb20cae7b1fa25b8 cf176d4f30d26e47a32815ef73b45f38e1a127c11519270be90bb0264dbcc1cb Loading...

	assets.alicdn.com/g/secdev/sufei_data/3.9.0/index.js	17 kB	2023-03-29	2023-08-03
Pretty URL assets.alicdn.com/g/secdev/sufei_data/3.9.0/index.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:34:49 Last Seen2023-08-03 01:39:49 Times Seen102 Hash bfacb8c26526cf210b2db63b2539beda 243d88307a46e63d3cb4f65eb44a91453faedcf6 5df942f1b2d4d42480553a6f9f0500e64cc499e2ca026f0268a25e7030083162 Loading...

	g.alicdn.com/??xlly/spl/rp.js,secdev/nsv/1.0.87/ns_f_95_3_n.js?v=1	151 kB	2023-03-26	2023-08-01
Pretty URL g.alicdn.com/??xlly/spl/rp.js,secdev/nsv/1.0.87/ns_f_95_3_n.js?v=1 IP 47.246.44.251 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:43:16 Last Seen2023-08-01 14:54:32 Times Seen1637 Hash 17db7067be7673ff20a0e5330001fb57 eaf7a827b5b835e7ca438ee18089a0f67a647a69 d13527c97629c2533aace904cdb35174cb2efa89805006b1a63137348589c43d Loading...

	javmec.me/	408 B	2023-06-02	2023-06-02
Pretty URL javmec.me/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash 3df10456e89f06f7795351015dc56777 b8e38c606ce394d1b07f7c5a4002d4b0cc19d509 4ad818e1764487caf74fe1209821b552f0820b99bfc024cd50cb749f921c65c0 Loading...

	js.wpshsdk.com/npc/sdk/wp-banners.js	0 B	2023-03-07	2024-04-26
Pretty URL js.wpshsdk.com/npc/sdk/wp-banners.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 21:55:22 Times Seen37102104 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	js.canstrm.com/in-stream-ad-admanager/build.js	21 kB	2023-06-01	2023-06-11
Pretty URL js.canstrm.com/in-stream-ad-admanager/build.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 06:44:49 Last Seen2023-06-11 14:50:19 Times Seen72 Hash 06e33912403c3009e3df2cc587f4154a 8b442512b0c79c72a42461aa595787325ad79380 1451e91e2e00f6a2f3f682270ec309626ed4a4fac78ebd5792800ce37011638e Loading...

	g.alicdn.com/secdev/sufei_data/3.9.10/index.js	18 kB	2023-03-07	2024-04-26
Pretty URL g.alicdn.com/secdev/sufei_data/3.9.10/index.js IP 47.246.44.251 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:04 Last Seen2024-04-26 21:45:17 Times Seen5366 Hash 0ad4251158abb9d73a55ab7dd24fbf66 350d23bc2e5036ac20a9513d7d30a8e7391916c4 8a978233505986e37cf952a7656e6c31f4a8d13902d76c68f28de30bf9f1d57c Loading...

	de-wum.aliexpress.com/w/wu.json	156 B	2023-06-02	2023-06-02
Pretty URL de-wum.aliexpress.com/w/wu.json IP 47.246.146.63 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:06 Times Seen2 Hash 488bcfb98a756f948f779b0966ec5a5e e1b9241a6c5cd997b7bd42375f324a208de51330 22250d89c49e611d4f222eed7ee5ead1067a8d4495a540da220db44f76a09dda Loading...

	javmec.me/	488 B	2023-06-02	2023-06-02
Pretty URL javmec.me/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash 614b42d4e1c655bd242c770b41d07759 81f482ae6cae79e8d0b246e33acef0c452ee85ce 7d0935fa21b37dd9780185f9d2622d0a8f435864bae39a59189247344e49ab32 Loading...

	js.wpadmngr.com/static/adManager.m.js	158 kB	2023-05-29	2023-06-05
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-29 17:38:30 Last Seen2023-06-05 09:38:04 Times Seen125 Hash 4a20d11e8bb4133a4351ebe1888b1be9 417b36d455d0e8df89d931a25cfeb3e166ae1a78 b26215d91cf0620ab04a2401f037303408972417b85c8b867cc8adcd6477bd84 Loading...

	login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a	3.0 kB	2023-04-18	2023-08-03
Pretty URL login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 08:44:57 Last Seen2023-08-03 01:39:47 Times Seen54 Hash 0e803bb49b1bb66def45b5de184f79d6 ba8025d772a55d832ef7904806e30e1fd4799eab 613c84a68379a18fa2ddc78d57f45e7b3f6a35e035d7a517141df11287ec0348 Loading...

	aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js	178 kB	2023-03-13	2024-04-26
Pretty URL aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:52:52 Last Seen2024-04-26 21:45:17 Times Seen19175 Hash a4cff78229e56fde5f28d1999679a1d1 8d8f89aa7d26569337192dce8a12daaa1867bcd4 4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0 Loading...

	unknown	66 B	2023-04-12	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 01:32:23 Last Seen2024-04-26 21:45:16 Times Seen9384 Hash 8d46e2bc77fb0b41f87ccf9a32df5d25 c22a372d491a29e212169e6db5a44a53369b6935 457e7360a585f828fa0887299245267fd923f6036471a3250665b8b9d3c623af Loading...

	fourier.taobao.com/rp?ext=51&data=jm_null&random=030168335601643448&href=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%262321%26cn%3Doslo%26cv%3D867834%26dp%3D91.90.42.154%26aff_fcid%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26terminal_id%3D9f39fdb27b484234b0b785968f1f176a&protocol=https:	1.0 kB	2023-03-07	2023-06-19
Pretty URL fourier.taobao.com/rp?ext=51&data=jm_null&random=030168335601643448&href=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%262321%26cn%3Doslo%26cv%3D867834%26dp%3D91.90.42.154%26aff_fcid%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26terminal_id%3D9f39fdb27b484234b0b785968f1f176a&protocol=https: IP 203.119.169.80 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:04 Last Seen2023-06-19 19:16:36 Times Seen1040 Hash d25560612f7d6c983e4ea042a9120f6a 84c3ddfe2a8568f88dd8e56cbcc5a0f122d6c40d 486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758 Loading...

	javmec.me/	966 B	2023-06-02	2023-06-02
Pretty URL javmec.me/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash bad4a9ee22ae0602d28051d4a03a678c 711b4c03fda9bae8b2c2194bc2ded14a38d9579c ac586fb413621770aa2ab3d2dec96fb98215365545544f0452f6844aa6c38039 Loading...

	js.canstrm.com/video-slider-ad/build.js	164 kB	2023-05-30	2023-06-02
Pretty URL js.canstrm.com/video-slider-ad/build.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 17:01:27 Last Seen2023-06-02 16:16:11 Times Seen5 Hash d7832483e820c802ca9ee1947a87521f b6f56c7302291972ffc7292776435f1fbcd33b79 dd3880d74490b627f3d7ac4bf1a53ba50765e32e483d2e9695c3215dc9171b86 Loading...

	javmec.me/	964 B	2023-06-02	2023-06-02
Pretty URL javmec.me/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash 24c33bbef089637f793d9885628e9973 2997933fae11317d53705b19999ced2f42e30c1f d2d6d08eea6e7dcfc8dc25ecbb4fe7f3556c5db86d37e7e5aaceac63152e483a Loading...

	login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a	543 B	2023-04-18	2023-08-03
Pretty URL login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 08:44:57 Last Seen2023-08-03 01:39:47 Times Seen54 Hash 34e7085fcef67a8d65a30b0cea309f7b caf6a270b4c59a7fe4366cf8b3140f4ec38b1103 7cedec9bcb8448c06f1d1c20ee853744e2cfb200b8ce097bbd98d6a3d7644b8e Loading...

	g.alicdn.com/aes/??tracker/1.0.34/index.js,tracker-plugin-event/1.2.5/index.js,tracker-plugin-jserror/1.0.13/index.js,tracker-plugin-api/1.1.14/index.js,tracker-plugin-perf/1.1.8/index.js,tracker-plugin-eventTiming/1.0.4/index.js,tracker-plugin-pv/2.4.5/index.js,tracker-plugin-blank/1.0.0/index.js,tracker-plugin-autolog/1.0.21/index.js	77 kB	2023-04-18	2023-08-03
Pretty URL g.alicdn.com/aes/??tracker/1.0.34/index.js,tracker-plugin-event/1.2.5/index.js,tracker-plugin-jserror/1.0.13/index.js,tracker-plugin-api/1.1.14/index.js,tracker-plugin-perf/1.1.8/index.js,tracker-plugin-eventTiming/1.0.4/index.js,tracker-plugin-pv/2.4.5/index.js,tracker-plugin-blank/1.0.0/index.js,tracker-plugin-autolog/1.0.21/index.js IP 47.246.44.251 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 08:44:57 Last Seen2023-08-03 01:39:48 Times Seen95 Hash 208f3e20731aa02bc02faab1410f751f a8bbca6ad8cce4c3356f070d8b012ac476a347f7 88e90b6cee2e482fdc7b6ba16709a0cc5259f62b922c0b43dd27213fa52118b5 Loading...

	assets.alicdn.com/g/??AWSC/AWSC/awsc.js,sd/baxia-entry/baxiaCommon.js	16 kB	2023-05-17	2023-06-06
Pretty URL assets.alicdn.com/g/??AWSC/AWSC/awsc.js,sd/baxia-entry/baxiaCommon.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 13:45:14 Last Seen2023-06-06 14:37:38 Times Seen22 Hash 3f6cf4c9dbdd118075b443609bbf89d5 dd2757296b54489c6f0242e81c77a6fa28c620db 490e9d488cf632536bb3ebbec7ec43f652ee46e007ac05900754ae355b56afa7 Loading...

	aeis.alicdn.com/AWSC/uab/1.140.0/collina.js	249 kB	2023-03-07	2024-04-26
Pretty URL aeis.alicdn.com/AWSC/uab/1.140.0/collina.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:04 Last Seen2024-04-26 21:45:17 Times Seen18895 Hash 75fb6b94dcb3a9c89abb59a3ffd7546f 96101820857ef511ba83017e928aeeb88353b162 04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58 Loading...

	gbx9wv.tdum.alibaba.com/dss.js	52 B	2023-06-02	2023-06-02
Pretty URL gbx9wv.tdum.alibaba.com/dss.js IP 47.254.177.101 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash c2d001d7735f087f23b7f5f012d3917f 6e2b570e5710cf28789d22961ee6d884b3f5dd0c 44754b177df5c42995ccbe133123133dbe6ee53fc583ddf07c6bb633a40c315a Loading...

	javmec.me/assets/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js	20 kB	2023-03-07	2024-04-26
Pretty URL javmec.me/assets/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:44 Last Seen2024-04-26 09:48:32 Times Seen356 Hash c5de01ee6da003c07e3155cb56c569c8 90db4ffdce777a0d549adc7d9d9c75d238b14f12 c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c Loading...

	js.wpushsdk.com/npc/sdk/wpu/csub.m.js	90 kB	2023-03-08	2024-04-22
Pretty URL js.wpushsdk.com/npc/sdk/wpu/csub.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:49:59 Last Seen2024-04-22 00:39:01 Times Seen4685 Hash e8cc8668a6709d2fff8f8ce714b7bcca 9495fd5fc854ac6ee32fedc0038cc67f26b7e4ff 3f881ab7cc56a0d1102cd0430c6d4b03f79a10c86d71d08a6e733fce6cc2fb32 Loading...

	healthsmd.com/xad/js.php	312 B	2023-03-07	2023-07-31
Pretty URL healthsmd.com/xad/js.php IP 142.132.202.70 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:21 Last Seen2023-07-31 01:34:17 Times Seen588 Hash 16b6266a012feb7ea9f58d6cedee3087 c1c31bdc63f030c288bdf500a01d74dc309019b6 a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd Loading...

	unknown	121 kB	2023-04-18	2023-08-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 08:44:57 Last Seen2023-08-03 01:39:48 Times Seen101 Hash d444142d2711329992d2c9b2c56f8c6c acf351aed90dd052929fac84782663ddd1c9173b 89022a4fe6cf4b0f3de7456eb6ba8b2b6b3ade9a18f71dd4a7f7e8f921cfaabe Loading...

	assets.alicdn.com/g/??/sd/baxia/2.5.0/baxiaCommon.js	27 kB	2023-05-05	2023-08-03
Pretty URL assets.alicdn.com/g/??/sd/baxia/2.5.0/baxiaCommon.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 20:42:32 Last Seen2023-08-03 17:28:38 Times Seen851 Hash b3dd0e1ac2e9a5a51ce4b08dc537dfcc 324d7b125fdfc6e24383407212f5be3559a41859 25b330da2bc7a79e58107c7f720989e31f2e143d064c631a2776ad3a86bb6e31 Loading...

	js.cabnnr.com/banner-admanager/build.m.js	54 kB	2023-05-18	2023-08-04
Pretty URL js.cabnnr.com/banner-admanager/build.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 17:17:35 Last Seen2023-08-04 18:48:56 Times Seen894 Hash d4b02b60685404c20bbb776f55fdeb42 c7f5c5f771fc59504ed4e28ea6db223d071788aa 35befc0ef63ca02b1ea231331a916495812e89149ec366561ba911545f158d54 Loading...

	login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a	272 B	2023-04-18	2023-08-03
Pretty URL login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 08:44:57 Last Seen2023-08-03 01:39:48 Times Seen54 Hash f86cbf2ca97149f90b1a88358757b4f0 79f5438561afb4e3875f996d70637124ae8789ec 4df2b5e9199cf78a7906352a6361721646d5ab554f75cf66e6dc9905949f2b65 Loading...

	assets.alicdn.com/g/ae-fe/login-ui/0.0.70/zoro-gep-sdk-H4PFq.js	42 kB	2023-04-28	2023-06-08
Pretty URL assets.alicdn.com/g/ae-fe/login-ui/0.0.70/zoro-gep-sdk-H4PFq.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 17:28:24 Last Seen2023-06-08 01:58:13 Times Seen41 Hash 9bc33f8946f7a15b447c5fb542d6efcf 44f62e2461c6359f61433952cc4b43234c19bb32 7de4fcbcb257f88d2f071b48c3adef82b2160eccf958ba1a6db42a95d910c6ed Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	67 kB	2023-06-02	2023-06-02
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash 634061c18ddefba185e5da4c19200206 b4647eb1f926aa4628f289154fac33b3d1cefae1 58582d696e62bba5984082f8252f8191d83aff8b5f77918b1127df9cae5beff2 Loading...

	odnaknopka.ru/stat.js	766 B	2023-04-14	2023-07-02
Pretty URL odnaknopka.ru/stat.js IP 142.132.202.70 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-14 21:34:44 Last Seen2023-07-02 15:57:37 Times Seen39 Hash 319bbb368d8deccc9d26aeed9bcb6ff2 92036a1f0e3e11c2f2f818ca48df7269e26924de da6dd2c8f945f94480f578d5712ff076dbfc20bdeffbad51793161162211aefe Loading...

	login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a	19 kB	2023-06-02	2023-06-02
Pretty URL login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash 9156f7f22c5737018b243fa3ee68a175 2c4d889afc0f4c2e8ce51a6312183eeacff048d1 f64be7e2df85d5be5dd1a472e57c826e347b05e740041a66596a571a6ff49cd9 Loading...

	assets.alicdn.com/g/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.39/baxiaCommon.js	38 kB	2023-05-15	2023-06-07
Pretty URL assets.alicdn.com/g/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.39/baxiaCommon.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 12:50:42 Last Seen2023-06-07 08:37:11 Times Seen305 Hash 533375bd3d3e55396f5efeca784961ef 61db24ccd12351884773e50482b90b0f0de3882a 475875c4c8702f73c4cfc8199f9e2b6bdafa413a48f853920d239825532ed97c Loading...

	g.alicdn.com/secdev/entry/index.js	5.5 kB	2023-05-16	2023-07-19
Pretty URL g.alicdn.com/secdev/entry/index.js IP 47.246.44.251 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 22:36:18 Last Seen2023-07-19 07:50:30 Times Seen875 Hash d416b4b86cad7f41d7d2b452535953d8 390818349e9a71b665f6043bb6113699c7df5c82 57d4c26920cd0ad9b08926df40fe960a9249f82e17af8bb796940b87a4ce14fe Loading...

	g.alicdn.com/AWSC/et/1.62.7/et_n.js	112 kB	2023-03-08	2023-08-10
Pretty URL g.alicdn.com/AWSC/et/1.62.7/et_n.js IP 47.246.44.251 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:16:26 Last Seen2023-08-10 23:17:31 Times Seen1879 Hash 97b6c61e26db08c305205b68cdf68ac8 ae0a900042897de3cdb8a6e8317bc19686bcea6f 23efaab0233a71426cdfe8398921fae6c9d19b43db05f5e61800141dc90d449d Loading...

	javmec.me/	153 B	2023-06-02	2023-06-02
Pretty URL javmec.me/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash 3c0195c7751569c4360e1c96ab0e0722 2de796d360a1b468eb65d4c6d7dbb131ea860a00 9bf98582b0c7dd50cfc666b328c54c44ae6438bf2472f26af8e90eb2bdb30e3b Loading...

	www.googletagmanager.com/gtag/js?id=G-DWFRX28KB5	231 kB	2023-06-02	2023-06-02
Pretty URL www.googletagmanager.com/gtag/js?id=G-DWFRX28KB5 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:05 Times Seen2 Hash 7bdb5478c1869a1fc45aeb196f7f0fe7 614472bb6485b80c14633cbf4ba23310c513ffdc 732dd6403d04e610f3eaaa96b6a8eb58531843c96273641c816f23e3df444f34 Loading...

	login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a	413 B	2023-04-18	2024-02-11
Pretty URL login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 08:44:58 Last Seen2024-02-11 04:52:18 Times Seen66 Hash 2eaaf0241a988a1c030a72d741d6c30a a4681c6661d8c2b1e8f52aed4c917586c6e7f36d 253e767cb96dd3e5d3f76f691febb6ad759b490aa27bb4655e254c51fdf76970 Loading...

	ae.mmstat.com/eg.js?t=1685705657854	91 B	2023-06-02	2023-06-02
Pretty URL ae.mmstat.com/eg.js?t=1685705657854 IP 47.246.110.45 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 13:35:04 Last Seen2023-06-02 13:35:04 Times Seen1 Hash cb8ff720118a83abf04f6df5dbd54c22 3fb5e973af1b005247def53595c122fe31056056 2c63a65caa130bfcce869351ce3cbdafbba8b6f74701c30f55a676576bcc7122 Loading...

	aeis.alicdn.com/AWSC/fireyejs/1.225.0/fireyejs.js	268 kB	2023-03-12	2023-06-28
Pretty URL aeis.alicdn.com/AWSC/fireyejs/1.225.0/fireyejs.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:14:10 Last Seen2023-06-28 10:00:07 Times Seen142 Hash f88444e6ff7abd4e0ba1e79aba8dee3c 810868d307a6d5137de4e008a2abcaa4747e6883 1225fe4bd74578455837369f00b870d999d0a0f5ac0b9ca52dc0d138faa5e1fb Loading...

	js.wpadmngr.com/static/adManager.js	1.2 kB	2023-03-08	2023-09-14
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:37:08 Last Seen2023-09-14 04:40:07 Times Seen1254 Hash 51b1a71b0add99b35a138609b191ca0a 49f6306d517f897883dcadb89fb725a3cd5f017d 902269f1228994ac73ce1a3ed21d948beb250b5c3d945b459ac6a48a097968fe Loading...

	javmec.me/	0 B	2023-03-07	2024-04-26
Pretty URL javmec.me/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 21:55:22 Times Seen37102104 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	javmec.me/assets/js/vendor/bootstrap.min.js	36 kB	2023-03-07	2024-04-25
Pretty URL javmec.me/assets/js/vendor/bootstrap.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:41 Last Seen2024-04-25 23:20:18 Times Seen2179 Hash 2616d3564578d8f845813483352802a9 5ada7c103fc1deabc925cc1fdbbb6e451c21fc70 f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0 Loading...

	js.wpushsdk.com/npc/sdk/wpu/npush.m.js	516 kB	2023-06-01	2023-06-06
Pretty URL js.wpushsdk.com/npc/sdk/wpu/npush.m.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 20:49:30 Last Seen2023-06-06 08:44:41 Times Seen93 Hash 76c4e979ca4b3741ef7d54c80f95c4b8 a29fdf7a830ec88567b537a3af9a287ef97e93e7 0fdc9cfbddf99963ed81833f793502abb8b2f8da017a9accbbcb92d370621cfe Loading...

	js.natsdk.com/npc/sdk/native.m.js	43 kB	2023-05-31	2023-06-16
Pretty URL js.natsdk.com/npc/sdk/native.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 13:20:18 Last Seen2023-06-16 09:34:02 Times Seen183 Hash 1cfa2835e248b1d07d937744cc5bb534 97d9f3dc7885dc49afee52a2a27c61e7bd271a22 7a1cba3c835d01a3fa5b216181efb871f9984a7b50b1828fe6357fefa8c2b5e9 Loading...

	javmec.me/assets/js/vendor/jquery-1.11.2.min.js	96 kB	2023-03-07	2024-04-26
Pretty URL javmec.me/assets/js/vendor/jquery-1.11.2.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-26 20:42:31 Times Seen10063 Hash 5790ead7ad3ba27397aedfa3d263b867 8130544c215fe5d1ec081d83461bf4a711e74882 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Loading...

	ynuf.aliapp.org/w/wu.json	156 B	2023-06-02	2023-06-02
Pretty URL ynuf.aliapp.org/w/wu.json IP 203.119.145.40 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 13:35:05 Last Seen2023-06-02 13:35:05 Times Seen1 Hash d8f6e7ab6342e281d8c6e9fa6c9cbcd8 71bf9c024c1a88b09c2557a8cb3e1176a71a807a ca1f22e86e4a7f4e350ca379896795aa695f60b51761166518b57eaf491ff1ed Loading...

	assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js	26 kB	2023-05-30	2023-06-19
Pretty URL assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 16:04:34 Last Seen2023-06-19 13:00:44 Times Seen185 Hash 1f3c9908a1b02ee25855afd8c80ba114 721179b53195dcabf257a3ec06b1dbb5121cec9f 8b702343ff64cd45af9d6524822d30ccb997da05d1b08ce92ded3703c5012859 Loading...

	javmec.me/assets/js/main.js	3.9 kB	2023-06-02	2023-06-02
Pretty URL javmec.me/assets/js/main.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 13:35:05 Last Seen2023-06-02 13:35:05 Times Seen1 Hash 40066db22605229b931653672bc71d63 063a88539fc910632db06fe6e07af05c810b6caa dee1ace379fd084b8116aaef0388539899f484d1fc2aed6293b71c6b2bc5d961 Loading...

	login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a	919 B	2023-04-18	2024-02-11
Pretty URL login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a IP 104.110.21.4 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 08:44:58 Last Seen2024-02-11 04:52:18 Times Seen66 Hash c29c52c30b99efde8bb676d42f47178a ef7d0762be5dbd808dfdb3d1c4f421ab05a484d1 cb54415bcac1be12ba957b09fa12d504643e9c0289c21acea6dca6197e6fd190 Loading...

	odnaknopka.ru/ok9.js	143 B	2023-03-07	2023-10-25
Pretty URL odnaknopka.ru/ok9.js IP 142.132.202.70 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:17 Last Seen2023-10-25 21:25:02 Times Seen679 Hash 01d104f1d2a961f6fc241ec08ba1af54 2e9f73a9137283c94c79bff44fd10f5b1a2738b6 f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022 Loading...

		Size	First Seen	Last Seen
	#1 Write - 350f389b262b5641173af68450c8e42b	117 B	2023-06-02	2023-06-02
Pretty Observations First Seen2023-06-02 13:35:05 Last Seen2023-06-02 13:35:05 Times Seen1 Hash 350f389b262b5641173af68450c8e42b 70fbde724b435374de845de9baa9d0421c1333a2 70d7b8cee5c1a92060cc2c0da3f85490e59332bf66a3d145ad4dbee325a8c66c Loading...

HTTP Transactions (271)

	URL	IP	Response	Size
	javmec.me/assets/img/logo.png	188.114.96.1	200 OK	33 kB
URL GET HTTP/3 javmec.me/assets/img/logo.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type PNG image data, 163 x 46, 8-bit/color RGBA, non-interlaced\012- data Size 33 kB (32827 bytes) Hash b483e84274144ce7fcdd0974c6525e3e ca5b5d577191f720878981830652088fea03b01d 0100ebf16b69477cc70e278d69dfd608ea680ce600d33523b2c5f29556972456 HTTP Headers `GET /assets/img/logo.png HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/png content-length: 32827 last-modified: Fri, 30 Nov 2018 23:26:23 GMT etag: "5c01c71f-803b" expires: Sun, 02 Jul 2023 02:54:27 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29014 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlSiJvna3k82Bwyz7emoMYLx7V6%2FMyuI8ApzevdK6hHG8FWvEgt1jrlz62ubTGA91wNwfoFfUiVgkB4yntkO3JIgp%2FDChCZmKDIA4dlnHKtlFbgW2iNuk2gg4Tc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c89ea60b02-OSL alt-svc: h3=":443"; ma=86400

	javmec.me/assets/img/play.png	188.114.96.1	200 OK	2.6 kB
URL GET HTTP/3 javmec.me/assets/img/play.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data Size 2.6 kB (2634 bytes) Hash 04c5f6408237b6f25f0d0bf021f9340b 6485943a30543e5db96063211462451775ff76ec 119316ec314f88b439570f51d1a6ebff743468a8abe5a66dc7a16fbf1109fd7d HTTP Headers `GET /assets/img/play.png HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/png content-length: 2634 last-modified: Fri, 30 Nov 2018 23:09:14 GMT etag: "5c01c31a-a4a" expires: Sun, 02 Jul 2023 02:54:27 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29014 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkKYvn0yQTYC5cVVKmRWS6atDBSsAuDnYVrZe4kX0nwHB1SZc9ZXajZ3Q6%2FuqZhsqX8BcUyTq1nsY%2B9ZwUJqomRbvSo5j%2F55HWP8OWlba%2BsqBC7agm3X%2FF7nwC8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c89ea90b02-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXAY.jpg	172.67.220.40	200 OK	27 kB
URL GET HTTP/2 img.javmec.me/xQXAY.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x450, components 3\012- data Size 27 kB (27104 bytes) Hash 4eefcd9f15df1e43e046d70dbde5527e c02c7460772fd78f2b92c5fa99fe85b63310fac4 25b69a4eebe3e4e4f3e1d8ffa68b0a38112bddb2faee5c356af5c3fa7e9f64e6 HTTP Headers `GET /xQXAY.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 27104 last-modified: Thu, 01 Jun 2023 00:47:58 GMT etag: "6477eabe-69e0" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 118747 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpOwWFXE0NntSWKtOkczYv9M%2F5GVcJrDjDfdeatoH56sqSSeYrfGWkyNTRNt4os7qAxmI81u37K1VywJGCsv1ahkbw8uX164MLVNROV0NvPWu%2BJlEaan4aZCCsAc8MGt"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa56b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXLt.jpg	172.67.220.40	200 OK	96 kB
URL GET HTTP/2 img.javmec.me/xQXLt.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 800x450, components 3\012- data Size 96 kB (95661 bytes) Hash a313887d6af52cda8627c25c73f530e3 1f4b53222c5d87cd3e5ec8984e63f82ad785b447 c80abfb818055e9dc319b47244a780402d8af2026e1c36c49b3d128bd722a8bc HTTP Headers `GET /xQXLt.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 95661 last-modified: Thu, 01 Jun 2023 13:15:36 GMT etag: "647899f8-175ad" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 72664 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NY5fcsX71JLXn1SZTzKnJHvItkzATUB3Xkw0M1%2F7XewWqyKY2XbQRC3OaByrEqQFQpkm%2FXpyPfG8IgbYtbmeU1jL0uz4tFQUZGWM0SyZZRbxSupQ29RFfkpTAmShNjdD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa51b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXAV.jpg	172.67.220.40	200 OK	26 kB
URL GET HTTP/2 img.javmec.me/xQXAV.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x400, components 3\012- data Size 26 kB (26138 bytes) Hash 0d16e76e0dc9533686c9a89dfd57f182 282b5dc52bb353e4b9706ec0cb9ffd1e0c35dd5a 1da74f9e24032d6ce0ce382b695fd11c9ecb33b17d9481b86e8c76ccd2bb3bed HTTP Headers `GET /xQXAV.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 26138 last-modified: Thu, 01 Jun 2023 00:47:09 GMT etag: "6477ea8d-661a" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 118747 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1CoiCUfzviQHkeqGwNdJ%2F4jxa3JReHxIznbffQLWa6nmq45kymQ4%2BVhxVjksV9YMo55UINcYvpCFiRvPI5Ol9zZTue7hcDtXnWgtdzCbTHYt5KEWUcNgNLXk0hQwiU1"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa5bb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXAO.jpg	172.67.220.40	200 OK	84 kB
URL GET HTTP/2 img.javmec.me/xQXAO.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 960x540, components 3\012- data Size 84 kB (84299 bytes) Hash c2580156a30581b48119f00cd487a317 891e339765549b0d6759d9454d254184969e66e1 432d4b6143f4c64b7b3b198e74f4bc2e3c25005078b74398ba8a5d5f4fc93964 HTTP Headers `GET /xQXAO.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 84299 last-modified: Thu, 01 Jun 2023 00:45:42 GMT etag: "6477ea36-1494b" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 118747 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yL%2F4l4BjbFSk6bp42id1UdI%2FjRP7shgaCOZo%2F8nHPr97l03ELEnunR0gb6eNFXJgN4fbgW4YbttCnGGRtqmZxP1ZyD%2Fa2%2BJnbSNrG0snRNdXITExmKa4j4SfcCybXOT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa53b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXLs.jpg	172.67.220.40	200 OK	250 kB
URL GET HTTP/2 img.javmec.me/xQXLs.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], baseline, precision 8, 1280x720, components 3\012- data Size 250 kB (249507 bytes) Hash fb260ebfbb2ab611fb15fd14f9fe0ae2 5c8d2b9a94eb1497479c1cd3bc7f725f2cb5f21f d6d7d60f1673e9ef55bd40fb35a6a86d01eaa49986c4f256f4d5fcf78debb44f HTTP Headers `GET /xQXLs.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 249507 last-modified: Thu, 01 Jun 2023 13:15:20 GMT etag: "647899e8-3cea3" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 72664 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEdYNDVOLP9egvZ9UhWumZJDQsSH8uwCyq%2FqIv6xCLvvZP9Ke8ik2wl3%2FkCjBJkd4EH1E8RwnM1EhTl9Lb5oZldQKfzBQQ0YuQZdvRK%2FkJlUqdquBXsX5rtrK1gQ2l4l"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa4fb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXAQ.jpg	172.67.220.40	200 OK	194 kB
URL GET HTTP/2 img.javmec.me/xQXAQ.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 960x540, components 3\012- data Size 194 kB (194267 bytes) Hash 162106ced0030f3e6b8160666062a72c 74323573f905073ae84d85e33dfdb2d078c888d1 5730a885ef3c5fba2d9c1130b6b373d3a9c7f57c7f00ff64cdacd4adbbfc5424 HTTP Headers `GET /xQXAQ.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 194267 last-modified: Thu, 01 Jun 2023 00:46:05 GMT etag: "6477ea4d-2f6db" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 118747 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXU9Cy4byC5rjjZgVIxd%2B6%2BbUIyrkLSV5xL1jS76pPJA8FRsSDv%2Bw%2BTCBYK4f%2F2X4Pq7uChBAtCyipA5ikfZ4tvbRJEc4e%2BxTJimDfhCyjw%2B7EVtQtF%2B6m%2BHdJ9x5%2Bgg"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa55b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXB2.jpg	172.67.220.40	200 OK	584 kB
URL GET HTTP/2 img.javmec.me/xQXB2.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 1707x960, components 3\012- data Size 584 kB (584070 bytes) Hash db441d3f026eff894a5e26f01556b88e c3a9beedf42940e35c2cbe39d1c72013c87f6be4 a892dd6ac350b5984097004b9fd9525a3c856604b8536658ce779842e1be6e14 HTTP Headers `GET /xQXB2.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 584070 last-modified: Thu, 01 Jun 2023 00:49:08 GMT etag: "6477eb04-8e986" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 118747 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGWLMzJ9T6drg%2B7PRiKzsp41F%2BTKeXAI%2BRT%2FYWBgNJikeEyyvRYXBKsSKYRNq0nddbt64LVxkHWgC2ed03snUXPavRcVFCiE1ISovyVMzo%2BlmcvDCvo9d5fCcxdIPtyq"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa59b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXAZ.jpg	172.67.220.40	200 OK	973 kB
URL GET HTTP/2 img.javmec.me/xQXAZ.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, progressive, precision 8, 1920x1080, components 3\012- data Size 973 kB (973365 bytes) Hash 335e69696bb0d0e14aecc73e2d1b4168 7680275765e831c53b8c584e4b1fbd108a71cc1a e6d59e1be90430ba7e3316960c650207b213e524167a6dda84105bfecca11858 HTTP Headers `GET /xQXAZ.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 973365 last-modified: Thu, 01 Jun 2023 00:48:15 GMT etag: "6477eacf-eda35" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 118747 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOXJodIJ8qC5MWIUezU3V4NvipIjsBXrsfwN7AU2XP6QupUEfdtp4S3vNN3yWf4e8M%2BlgoZ6DPtdqzh1Ev55Uf94qLOC67C%2FQM%2FtvRYQ%2BTB8GtLX9ErYvvvNtRMd4yi%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa5fb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXB1.jpg	172.67.220.40	200 OK	1.6 MB
URL GET HTTP/2 img.javmec.me/xQXB1.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2575x1450, components 3\012- data Size 1.6 MB (1564447 bytes) Hash bd0757dfd13c0b5607992b0ad53e841e dc91e0d57de95f506914e6d9f863c92e179d9275 9fa436ab51df4e0705b63d407be5eaf8ca3c006dab6c2fccd3cc63d8f9067091 HTTP Headers `GET /xQXB1.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 1564447 last-modified: Thu, 01 Jun 2023 00:48:51 GMT etag: "6477eaf3-17df1f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 118747 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UNkHB3zKGQQ1TZVuoXPXlwqZN7gOn%2F0N7i7cNsomIcyK5K0eQ3cG2PyZqz7OTjAR3lk4S6qXPBi%2FYvzmyY%2BhBhVwveZ4Q1pVjIRiEgivvnvGRcXGSJvuqsX6MBTLdcp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa5db4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXU.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXU.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6966 bytes) Hash 6a9431e998954dcf68c4531a4b2d1354 6b44cb65406960c0f60b08ef32da965ba24c8e80 ab0131caa4e0cd3671effea8bb09f57dcc0af8d9f8e3b37d7c239e5e5bbd421c HTTP Headers `GET /xQXXU.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6966 last-modified: Fri, 02 Jun 2023 03:56:18 GMT etag: "64796862-1b36" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bD8UIkSbmm5qSSMaPJT45NZ7Xe8Q21QJvpu4kM%2F28TIt6xq8zsF5QtsatFV2vkHj9AyR2qXe%2FzEjlRzHt%2FuFT%2F9BRz9H1lPazFn4GY0l53xUrvYKrHwlnTvgvmnhR%2BmK"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea24b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXR.jpg	172.67.220.40	200 OK	6.9 kB
URL GET HTTP/2 img.javmec.me/xQXXR.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2445) Size 6.9 kB (6947 bytes) Hash 26b255917278d1ec8575836b6e90828c 1977c6e4a601eca52244dbe8383709073187f295 9735708c7f3cc31f2f4cdc916261450f8fcc4c4cd01d634755966cd05a6657dd HTTP Headers `GET /xQXXR.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6947 last-modified: Fri, 02 Jun 2023 03:55:50 GMT etag: "64796846-1b23" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7grjhAWw982ogN4r5XE5RrfmFrvJUrW4K8G9Zp9mjYj6j3Pitm%2FI1BhZhTWhi6TLhtA0eUjpEMiFSxF1aLhmciMrbIZE4fjIwdc59FeoRIC1sBn%2F%2Bhv2EX4FRKaBNFo"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea35b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXY0.jpg	172.67.220.40	200 OK	6.9 kB
URL GET HTTP/2 img.javmec.me/xQXY0.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2445) Size 6.9 kB (6947 bytes) Hash 5d53ecea3513fad94edd399cd6317059 e079e640ff15f1e6cfe0e1e43e1e77db93d194b2 c8e55867882e7f0e556b6c6d352a7be09e487ef80e594173fd3777f4c1d36399 HTTP Headers `GET /xQXY0.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6947 last-modified: Fri, 02 Jun 2023 03:57:11 GMT etag: "64796897-1b23" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Marg6z8W914rXr1dhMgL5bHSiiRdmnDTkSpaC0XV%2FqnHPpp%2Bc40OB7oVWn4Jgj2X4g21W6Guxn5IwPWQWxbeSuz8DomPrDeBJO5SySbE%2B2Hjhgz3a4120d44p1ZiG%2FBL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea32b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXw.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXw.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash dd9a5d5cf3c17973e866fc5872c2fdc7 dcabede8550be39e6482bbf9185005cb79c36aaa e94c0813c865e3845d1b96d049c8d81d623030e3df012eb46523cacbc2d80a4b HTTP Headers `GET /xQXXw.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:46:29 GMT etag: "64796615-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8UL1k9dI73pIJozo2KxmwwR40huYr14tZEcbAS7ow9Z1yAYQaEr0YSPQvdQaOcBsC5N4T2bvPenWaayjdKw%2FdwRq2EK0HY7OS%2Bg1kRFg8YMlJkz9EHUE6nwx5q5KoKw"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea3ab4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXY.jpg	172.67.220.40	200 OK	6.9 kB
URL GET HTTP/2 img.javmec.me/xQXXY.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2445) Size 6.9 kB (6947 bytes) Hash bcce271fcd56cfa00a80446583c0861f 524dd84a07f1927071b28022ca2143fb1ca7f2c8 b662464140eabcced5548105b5194efd9139f275de1d410eef08190fa690d0f4 HTTP Headers `GET /xQXXY.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6947 last-modified: Fri, 02 Jun 2023 03:56:53 GMT etag: "64796885-1b23" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5rEZzZrbusmFofCSdEgyBsVLJs%2Fd8u86rAhufpAFZVGNGOQ7VBFGeVnubOic7fpRdI7hEDgTgRy1OBUWRQo9miwaKiQimgu6JPGg%2FlI%2B0J6VeIqRc9N7El4DoMcUiW%2F"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea2eb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXY1.jpg	172.67.220.40	200 OK	6.9 kB
URL GET HTTP/2 img.javmec.me/xQXY1.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2445) Size 6.9 kB (6947 bytes) Hash b2b72a819fc2889d2a5b28455fdc1260 da12a98f4a5cffa5bc3420efb366084f9f95ebca bc4526fda185674bb63aeb246753aecfad2a11672fd6f4114e1f2a333d7d7f8a HTTP Headers `GET /xQXY1.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6947 last-modified: Fri, 02 Jun 2023 03:57:20 GMT etag: "647968a0-1b23" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lz%2FukNfOZ62PAU%2FZQfKdusm%2F2DIrRo0D7sYGEx7AVcbQ8FZ7fCqeFbNYWC04K2ZL367D3VY6dxVVw%2FarGCiScfO1974txBojmTVTo%2Bp91zqR4xVED%2BWvzbEmkQDRl%2Fb"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea37b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYi.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYi.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (7002 bytes) Hash 02d7f6f19abaf174c1682db522d9889a 134c70513b70184e6c41f5de947dc3e2ba132059 111e12d42259d89a5853e457c03202afeb368b5a3b75038699e7f02f44c1e716 HTTP Headers `GET /xQXYi.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7002 last-modified: Fri, 02 Jun 2023 04:16:20 GMT etag: "64796d14-1b5a" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sw%2BEYO8gXUkVQJOvUhMRle2eVuhVORdNtMCmN4XKqnkcH4EI29xgMkiOuKZhm%2FvzJo9fr1KCPjZNo%2BJ6zr7Q9ZSilU5l8%2FokypOReSGeFgZ4n6O30SvXEefgbdhphF%2Ft"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa6db4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXW.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXW.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash 4a0eed04b7847a69454f269eab79f6bd 5c0e2764f40a9eeefb809885c19e564c0cef3804 e84f9ff9bd8d6f917accbc1c9ff14c9a4f4246baa8869b7ee07433f067aa554e HTTP Headers `GET /xQXXW.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:56:36 GMT etag: "64796874-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckx1a5Hl8aNJaP5FAXVeVqfdhb6GvPG%2B%2FSBuP4lU%2BRykBRPVMAZImD8tGcvBfV0Oj1RtQbTx0FLTTFX2kcYH8Xtb7ZYpMm28ZtE7Vh1o1TJy8LBna%2BAriC9l%2BcWtzok9"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea3eb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 9c320af7047f9368e0536de66d6d2658 2cdb5bfd4bb4ddf85559ff29d06ed964e04119ab 64bb80bd8947d7d658ce8f20fc2bebab85d391bf2baa953c67201ebd194cd1b9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Jun 2023 11:34:12 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	img.javmec.me/xQXXV.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXV.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6968 bytes) Hash 92cdd1cbe9796b4c6259c6da82a16436 e889b2216a1fce23ee312af6f8298166cd003fd4 3fd46718af1d30858095427053f0c2a965d40fbbd38b965e0399361fc791317a HTTP Headers `GET /xQXXV.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6968 last-modified: Fri, 02 Jun 2023 03:56:27 GMT etag: "6479686b-1b38" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHLh9H3sb7Z9q2EwXUHDwcraDWIhuo6d1qseOXzhIKiwXSbj0tcOJFwSqqE%2FzMiZUSZoRkbYNEqPCdceN4%2B%2FqGHUrpXsNsCKuzfObU4gaOOeZkSpqDYMl0hqABhc3YIk"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea38b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYt.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYt.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6995 bytes) Hash a90ff993be204d42d6625728d6b76c80 216fef83e6e467a7fb89df3281092e6ec58d8973 6068abe4e118daac5f6ba7e730e51639d081916b8190656ac26a86527f509fa2 HTTP Headers `GET /xQXYt.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6995 last-modified: Fri, 02 Jun 2023 04:18:03 GMT etag: "64796d7b-1b53" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGVHnGWGEZSMqhitqRqUW4mxOPBn8Wed1IzNQL6KnqIbg2%2BQRNs2lncwBf5gkDTXItWd3WMOi1mSRvElVJ1vxF4Z8%2Bc88Bo2TKgJh0eSuk4BGE80mI6VICMvXUoj9UQ6"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa74b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXT.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXT.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6966 bytes) Hash c1833b2e58621a5882db34d9e09e11a6 86c799a4339906c9e38fd803e7f7c8745aa566c2 3a52b2ea48083e6bc56f01b40e3a102bd6a00e976c4454aea514056e664a6dd7 HTTP Headers `GET /xQXXT.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6966 last-modified: Fri, 02 Jun 2023 03:56:09 GMT etag: "64796859-1b36" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpYFdFADToewrgauTbIhyZEq0%2Brx60YOGjt9RfquQCxMxYoGjrSI%2BYrepX9wEV0h1TJL08yiB7DnKKo4kvN%2FTw90J3XDGJUewcbGtPN2eBvaHy0Sd2hiG35E5a7YnbIK"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea3cb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	javmec.me/assets/css/bootstrap-notifications.css	188.114.96.1	200 OK	8.6 kB
URL GET HTTP/3 javmec.me/assets/css/bootstrap-notifications.css IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type Unicode text, UTF-8 text Size 8.6 kB (8573 bytes) Hash b1c9eac7b57d4fe20cd2d15ef81c3501 761704e9d6116fb2f8d87657798030da50b5ea0a cc9044993ca14472f54c6200fbbbc02467c163ad52392acc090c7e9e806d87dd HTTP Headers `GET /assets/css/bootstrap-notifications.css HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: text/css vary: Accept-Encoding, Accept-Encoding last-modified: Fri, 30 Nov 2018 23:09:08 GMT etag: W/"5c01c314-1820" expires: Sun, 02 Jul 2023 02:54:26 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29015 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGeQbBaT1sXtoZiO%2B%2BSXe34CP8cYdgBVeskV4gz1J6HtlYnPEpI1NY56EGALGaAuDB7QcVh1koHr9%2Fzv%2B31yb1VzHqGGp%2F90pmhdSY9I879i4fXNzxkOJGVPrVY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c88e930b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYc.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYc.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7016 bytes) Hash 5074c917deba253c6c03f4acf38c208d 39c5b25d3981e4b03e4ff5c1d1295e191c0c006d 160d7404d6c7ed200743966cc72c7ebe36963fd50600de1664e2133b50c1bf61 HTTP Headers `GET /xQXYc.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7016 last-modified: Fri, 02 Jun 2023 04:15:26 GMT etag: "64796cde-1b68" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6iBailIJHYru1w8AHxRm20zvaqNJ1ciEvGKffj%2F%2BmXop5lTTYHTleI2BVGBHdGJkA%2B5d6WHGmhUvpifuxXS1lNjT7ftvQDIPll7PYEPAMLgMgikDNq86sr%2BBR91V20g"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa85b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYd.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYd.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (7002 bytes) Hash 211242c1141d12544e86cece1fad3974 640b6a249c6f06d5934ab33c40f4a1d3c35fcda3 4cf61f460e4d0fc0dff49a5fd855a1051356a9a20d3cbe31efa5ef4ab6da54cf HTTP Headers `GET /xQXYd.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7002 last-modified: Fri, 02 Jun 2023 04:15:36 GMT etag: "64796ce8-1b5a" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch1041Twq6oVr%2F5X0FSSjnGt4Ay0cYIXmH5Dw%2FzK0ZbTF7rTAlC7ZVLTsbkLTW8OSCT%2BCGgBVOzhB9153f3Todzcap%2BeU2UbXh1tDY0h4vSYfAxNnrRIYuWuXtMtDKYS"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa7cb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYh.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYh.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 573524b3c71c30f8da553cffb51e3da4 ee30b08a7a63c36e3d15d07b7b50bfd57721d99d d48d7dee5a0361c26c66e76dfd861147470f7936bc7a724b6f0563f63cfb5d0e HTTP Headers `GET /xQXYh.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:16:11 GMT etag: "64796d0b-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0luSbZR8f75Ft0ezayPjbN%2FvgzzUcSf7ZbCXpt8k2lnYQSMgZFWJqYbeP6vVuRWBW0DtCqgmIahuiXGBCi%2FMZJ2md68VZoA8uaRyJ1RzdRfztqmzkTpXsVgeB85Agcw"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa65b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYf.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYf.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 75bd9f0a3d2df4902f849ebfbe2b1c83 07d65327f64bdaf19663a422444d278054ec4ed3 fc53f28e546de8041b19274aaa4d4e670fb0a9611c82945aacc19e0b7d6dea28 HTTP Headers `GET /xQXYf.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:15:55 GMT etag: "64796cfb-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtSVYsZOVztrKkZSPJaH11rpcr3hemAcvENL4PqoA5jQKtdQKiVNvzYaogny8ENuKclwVgCHzgPIOoEKzQjVf%2Bfax8peFfjAfOES9wcvUFn%2BYN%2FYx5TWUxckvWGW17YO"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa75b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYj.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYj.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (7008 bytes) Hash ddfdc96ff4f91f814579a21f26b1dccd 8a6c08e82edf9ec8066837b4178ab4151e0dac20 cd34c48bd882094e8811721c3576e8e541baaf6088769d8353cbc054f7b33d73 HTTP Headers `GET /xQXYj.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7008 last-modified: Fri, 02 Jun 2023 04:16:29 GMT etag: "64796d1d-1b60" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKbnWVBsv0GPBhtfpiqhSuBiJB2BiQ3pDh9OHG%2BzCkDvR64qy8X%2BrLTSjCIXAN1Z40kXtq4Jrxfh%2BpoTCdl%2BJkHqfwfPmyO569ofIPXZjakgq5ApOUVSLbhMCy7Ujoi%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa72b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYu.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYu.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6995 bytes) Hash 6820f14bdcea8eecd722f90f4528c72b dcd06ca2845711d2ca00e5a3577b54238d677ff8 ab7eb51382a0172f5b93942a813c81ac46dc1ff002267f79f24128a4f9bea06f HTTP Headers `GET /xQXYu.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6995 last-modified: Fri, 02 Jun 2023 04:18:12 GMT etag: "64796d84-1b53" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fp66E7x10cxJvg9HoRrXin8hBendzqpH8yh3cdjTYOeFkNHD8R6VbNdUSdmcu2%2FCSYq8UxVDlFLXvBp%2By8VM7%2F1g1UzjevyJ4oBMczoZ0X%2BqRdrZY%2F29OnAR1E2O6Ik8"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa69b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYk.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYk.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7016 bytes) Hash 40f8f82c394367a52dac5b5d9088dbf6 c667e09942a7537bbb868d772b57178532e75430 b466cb23561a997e058b0eb07eaf435d6c91406d2587a189fe97ef7938b28c45 HTTP Headers `GET /xQXYk.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7016 last-modified: Fri, 02 Jun 2023 04:16:38 GMT etag: "64796d26-1b68" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Okil4csVip%2FnSzdCxlZF3lvvkhWVxl6O5wwmdrTa4HGsXbeuSGvYkkPbbD2IpbxpGEiHeS2UsYA8IZF%2FfTSqWrAY5HwOd2FyV8aQxYsH86oGjxF2Bsv7IwQ%2BLXQFRhRn"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa71b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYm.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYm.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 697ca954b6943b6b2b7c3672f0224f45 b65eeaf779a4abf8a7a9aa665c9bf278655ed687 dde1077a0ab7348e81336bc9a983155a42dc0098bc1968fe2772b623d1300e58 HTTP Headers `GET /xQXYm.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:16:57 GMT etag: "64796d39-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BI5NjqPU6iPSpseA1pF%2FK6sGzomkzXZ8vP%2FS3GobCHoW%2BOrr2qv6pTKRxctgTEXOKer%2F97SpPZFvq07z3E%2FiE6BjR9Bj%2FEOWK74owZUG7L2XVBzLZyInFEf9PhbFW37"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa6bb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXF.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXF.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash 7079dad26d2c45d466829a9b04a2c416 ce4206b1c2ceaf50232087abe2042073dc30394e 5c97f09e806c82fcf2aedfe0bc8928ef7290bf6f8ae73f784b382a9319514f24 HTTP Headers `GET /xQXXF.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:47:47 GMT etag: "64796663-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpRF0bZCXmxwqfa5AcBeZq5qHfrfGJGtaVHpCo78NgdniAKiPYpCLPXfU5fieP84qP3qPWxuvBac6B3qiLaizJyniop55RFHoOK12mbEtbk%2BgpsoTYndBkodF3rm9Oe6"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa8bb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXY5.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXY5.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash 3daa9f4cd32316891997a6234112f0d9 30b281b1897cbb8c13873bae206d54bd654d1a55 f4b4b50eadd38967f849240b8d9ac85ba46645f5803db992126c1a4f534cde48 HTTP Headers `GET /xQXY5.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:57:56 GMT etag: "647968c4-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoHALPVnLiO8xlolPGY%2F%2FE56sbrRjq%2F96sc1Ss5xQqCSmpgmzePT%2BTDIv%2FBFcirdR%2BNGP6R2eStqbfAxW8VQKdeqW4njb00T5MYFWkCHU3VODOeTw1Caizj13nsQJIEf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa89b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXY4.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXY4.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash 91314e3ecc7ab8474cc2bd4c44f5303f 6843e38d5783873abdb51ed5e6f8893152d636c8 1762c6a3fceca4ef9aca6abf04c7ee7c3d111335cdaa560b40066f4bfadcf40d HTTP Headers `GET /xQXY4.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:57:47 GMT etag: "647968bb-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHd2r%2Ftpue6wv3RNBljntI5YiggCqyxgFIy87HOqTe1qLdwoEazT4uRIs4GaUySr%2FFisxEM2yb6803uWARCIia0ozfCEsII%2FI2TYYK1YyhHtqTo6bAVw3rSHaQ0OHh%2Ff"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea36b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYq.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYq.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7026 bytes) Hash c9719ce16df4a11edd1a6c80f4a5b233 ba1232671e70cc6f621f8e184a178d91ee8f834f 74e723cc913447c5241e414be01d2fd0dca273911d6cfbdc0674d8e67ef95c11 HTTP Headers `GET /xQXYq.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7026 last-modified: Fri, 02 Jun 2023 04:17:35 GMT etag: "64796d5f-1b72" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npGldvdJomfI1BVMOGY5UBy6wxNZbmBaRcLFC2jkbeMTdRCFKkcreXd8Kd9gNeyRM0JF1Udt0np%2FLWiaGfFEhr5jKIKzWAhe88aySwQeoe8pmMUjPuzDUpcQdSesoOs3"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa77b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXQ.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXQ.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash f003d9fac13dc826e0361e0a62511684 c65b28fb68c95379bda1cc839492fd94e35752d6 d08c607ea5dc02a8f7fef1579a5dfab09861e8d5375c2b211b2f9a09eccfde8b HTTP Headers `GET /xQXXQ.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:55:42 GMT etag: "6479683e-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzaSHht4UEH28fRDXtkpNrNGgjpMIIE%2B9LDqXnjxbXi2P1r%2BZ%2BGC1Ds%2Ba%2FKPljigXa9mlLvC4oFF8quAXUsonGxMaEsKVwtpnMKq%2FOsk5FbteD7ND2VYFHazg9JFhvWB"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea33b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXY2.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXY2.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash 2d319196e68a937b197ec70a455acad0 3d90bcfea5f6ecefd7c32ca7aeed11bc00157e66 360e75c64876e0f5bd9ea34e7f7c570583a7012eee5d7cdc4c09b695eaa77f72 HTTP Headers `GET /xQXY2.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:57:29 GMT etag: "647968a9-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwliBaZHOPILXLBM5rFmKqjwW%2FS9oVYRR6UAMYtWNRhzaGvtK%2Fy2yVN9pgqy6DPqeTNSbSFG9eWNkAbTStULMRI93IYGQHgZ5J%2BPoIj9MJFhYjWf7blMsSrINfLxlikJ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea3db4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-DWFRX28KB5	142.250.74.40	200 OK	81 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-DWFRX28KB5 IP 142.250.74.40:443 ASN #15169 GOOGLE Requested by https://javmec.me/ Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51 ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type ASCII text, with very long lines (3288) Size 81 kB (81110 bytes) Hash 7bdb5478c1869a1fc45aeb196f7f0fe7 614472bb6485b80c14633cbf4ba23310c513ffdc 732dd6403d04e610f3eaaa96b6a8eb58531843c96273641c816f23e3df444f34 HTTP Headers `GET /gtag/js?id=G-DWFRX28KB5 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 02 Jun 2023 11:34:13 GMT expires: Fri, 02 Jun 2023 11:34:13 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 81110 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img.javmec.me/xQXY7.jpg	172.67.220.40	200 OK	6.9 kB
URL GET HTTP/2 img.javmec.me/xQXY7.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2445) Size 6.9 kB (6947 bytes) Hash 3d431e91f76883f38365feefa437fb0f da18ad6e6dc493be537aa765d3967ddfdcbf07f5 c54c4283c97eaa6faa643fa99e34eff1aea4c579234f69a1b733d65d9db40f05 HTTP Headers `GET /xQXY7.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6947 last-modified: Fri, 02 Jun 2023 03:58:12 GMT etag: "647968d4-1b23" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cobdcBTc%2FQznZEQkBGlAQZqWBfZVjkeXLFxdjtbg3ZjYxGpEXSlBchgFJLFwqEAvOMRZlwATTL4vF%2F1Y0zDzstI47JN7zN78U4bwsQItKhqv%2Bz30XCy3PmEh3kx0PpUy"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea2cb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	javmec.me/assets/css/custom.css?v=1685697450	188.114.96.1	200 OK	1.0 kB
URL GET HTTP/3 javmec.me/assets/css/custom.css?v=1685697450 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type ASCII text Size 1.0 kB (1049 bytes) Hash 1b86a5b767168dbc545f0a4d43e0e0d5 8792448e7ef5cec540701082ccd9dfa389779f48 e1d61a11cca4be5a3e34720ae8ae7e0bbe7af830a7ae194500e4d9c1b1b56ca7 HTTP Headers `GET /assets/css/custom.css?v=1685697450 HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: text/css vary: Accept-Encoding, Accept-Encoding last-modified: Sat, 06 Jul 2019 13:25:04 GMT etag: W/"5d20a130-10dd" expires: Sun, 02 Jul 2023 10:58:02 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V60mQZFYtovkUJscDyB%2FtJfReojA0R%2FDA%2Bcboy8ttIeqcsq8tiXbNfmBI76XXKfWCsDmV6aFOPzIcd%2Fauyd9kPHzO4LYMdHSuXEbxbA43j3JO8lsOZAaUS6ZAZ8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c88e960b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXXZ.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXZ.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash b6ba6fce4d0f576c2151b71d9698a076 898ddd292961008db7d2c64aab2dc21b634ccf47 89de4fc58446fbadf5e0f198098ef2d42a3f61193505310a614e26893b1885ed HTTP Headers `GET /xQXXZ.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:57:02 GMT etag: "6479688e-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ywv8DUD8LfC2rW9lCXUCONHcM3Qs4uIWU4QKqdatZVrzGAyJeVoN7ysH37MZiDz2nduX99K%2BlXTQwTOttWvJKzVaO7cqJA%2F7hOBYLKwp3LWrXWnj0dH5rrmCDEXKUdov"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea34b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXt.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXt.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash c5522042585feb9ae76e694601b826d2 eb8dea65c0f8b58b63bee515c2c3965ca135eeac b18c1ea79c95fb038d48a94b2a57cf2e76151bcbc497d5316a4b8804ac464a9e HTTP Headers `GET /xQXXt.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:46:03 GMT etag: "647965fb-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mhht2dXtQtZEqNNmot0unmXfCwJVyf4BDp%2BuBk0pmeVejTOJRkSkeuLHwAl4AFS89fQCsPLWQoiWEPGH%2FOzwCZ513eNxqIg4TXZ7eXg%2FtSVgnzn01VrnIHF7Dp%2BFmfNZ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea30b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYs.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYs.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2445) Size 7.0 kB (6973 bytes) Hash de22727f63928c300ff9270c1a22615d 8e1e378e5ad362f4e2c28715b806510385230e26 97bcdc6792eb437ba7107794cf96d20900a2c844caabceaacdb284fbc0a4e308 HTTP Headers `GET /xQXYs.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6973 last-modified: Fri, 02 Jun 2023 04:17:54 GMT etag: "64796d72-1b3d" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ltw%2FHJvLPTYC42vDpYmnQxdLR7YvkGHKmtFATIHHSbDmiTjmNdXksRrmD2B7MmppJpDv680jf8JlKRfxmxoWMXeURlzGab5TEx1A0HNh5JXfkBNQn829tCOuQ44dnREh"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa64b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYl.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYl.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 27a19b93d2a57975d3ca2446b100c017 68d04fc5e1189283d3f29ec200b8f5703b81b03d 2a13261dd6209dd026581111330c2a662026cb8db64d39136abd2d417cddbe44 HTTP Headers `GET /xQXYl.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:16:48 GMT etag: "64796d30-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZcjO45fxGXItsfHmhcE6%2B5iIhVbq6fQlwZaKe9k8%2BWFQMx4OVXQhQ61Pljz3yCUYMXdRqw60TKcpa%2FByEvAX6fZ1LAOHPaj5wQiXl6vos3NUg3yTrGjJ9zLZHofJApD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa67b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	javmec.me/assets/css/font-awesome.min.css	188.114.96.1	200 OK	13 kB
URL GET HTTP/3 javmec.me/assets/css/font-awesome.min.css IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type ASCII text, with very long lines (26548) Size 13 kB (13030 bytes) Hash 0831cba6a670e405168b84aa20798347 05ea25bc9b3ac48993e1fee322d3bc94b49a6e22 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829 HTTP Headers `GET /assets/css/font-awesome.min.css HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: text/css vary: Accept-Encoding, Accept-Encoding last-modified: Fri, 30 Nov 2018 23:09:08 GMT etag: W/"5c01c314-6857" expires: Sun, 02 Jul 2023 02:54:26 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29015 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b%2BcXCwOyI%2B3KRu3NURzGBbJ5A703utUKn4ScosFjtfY0MqrCjEqjNsY9rvoxw3XDSjcSz8dWi0bdMrrCq%2BLJPgteCCvJBiGOWJdYGwzKAtsq1igohQS%2FcbHqa4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c88e910b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYe.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYe.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2509) Size 7.0 kB (7046 bytes) Hash 873d1d3513245e6edff1d4d6dc5642c5 043b5888bb7898e868e6550e78c325f63334a9ad 789703a0a46c97a28499833432a03750f638ca12c50802cb35341b5250ab0fe2 HTTP Headers `GET /xQXYe.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7046 last-modified: Fri, 02 Jun 2023 04:15:45 GMT etag: "64796cf1-1b86" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5HEMQ6U4VLov0nF%2B4c7LKnNH3DGnQEvPdpzCjknJgY5jQGYoXN7iUgsrLeXBHKSye6BiX7QY6qz5FQNlNtWleXllnLWS6URwk%2BlgTItnGw%2B2lbZAXm2ZUMI%2FsUPoOBI"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa70b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXS.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXS.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6963 bytes) Hash e4051d761f29f869eb97c99be1b9691e cd7bbcbaf171c0f6cfedde6f54c2832758fa53fe 3e1e40d4212463dcf1f4f080ace21426f62e4316d96f1a6ea7970793bb3698b7 HTTP Headers `GET /xQXXS.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6963 last-modified: Fri, 02 Jun 2023 03:56:00 GMT etag: "64796850-1b33" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwxWtZ7QxCbb8jX2qn56GbGLhkz6UL1g%2F1MGB%2BdPmjiJ%2F9taJFXqxWe4InRsH2ehVkc6BwQbIfbXT2uC9R27Vm9k7tCgZlYIkvk5vzzHL8vt4SgsHda%2B1pEpJxGDJd5M"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa87b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXXK.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXXK.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6966 bytes) Hash 8171bc240b804d8cb8130d911d1766d7 d467019508b9ce5df528279c8358bf2aba5c88a2 b26dcb6711d485570ab0c1366827c31453a69e978e2b99239560b364cd2382a0 HTTP Headers `GET /xQXXK.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6966 last-modified: Fri, 02 Jun 2023 03:54:47 GMT etag: "64796807-1b36" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fD%2BGYtzo84HQI25Ol7fe2p7jVuxNJtDqyHFpjAAFoXqEgIqpi1yohaW8mJFfVujg28Sw4jrnIOeiUCbSYNe7ewxuZVJ9V412fVXQlauXaMwnBT6kO7TaZizHOy%2FLMA8S"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa8ab4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXY6.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXY6.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6969 bytes) Hash 0bb155412a5b0e328abb47824ca5668e 799bde5761ed99539197a7092b497afa7ebf6776 d5388cc9b8b88f66c12c5e8d942f3b677d2b99840099d4b6a7c4d2e45fe5e5ff HTTP Headers `GET /xQXY6.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6969 last-modified: Fri, 02 Jun 2023 03:58:04 GMT etag: "647968cc-1b39" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ybg%2BHev8C6lc89lBirF1GcrkfGDubD7S6Nz2XU2l66RnRB1fF0ax2Qt5EuGU9OKNeEQpsxa5yOLGImqMurb31Ku6UWYKu6jZgA3pdPTuyyLyByTqQVMeqWTPlzcTiDnS"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa86b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYr.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYr.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6995 bytes) Hash b374de6bdcd3e3254379a07b80553de9 3f88507e31405342aef373cc063347c17e794030 05bb000fdf9f614a0dbd80dade2d4af6eb35e41bc35150f456b6073b90e411d0 HTTP Headers `GET /xQXYr.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6995 last-modified: Fri, 02 Jun 2023 04:17:45 GMT etag: "64796d69-1b53" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrI4S6OA1%2Bv6ki8T52NDF%2FdHZGoNKlDO1DPnGWyrGcS0clOfjFSBFHLX95VB0OUpzuoK54%2F6%2FBfaPX8QZJTcetGHPmeMe7m8nOgNNCy%2BNPVBzTAh%2BsyIXM9VnTUAz6AJ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa6eb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYn.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYn.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6995 bytes) Hash 60a734b8aa2b3105676bad48652bacc5 5f56138f3ad38412adadc68c4b50bbbd686e2eec ef3b76210042f727a9ad1f0da8092fe56b8f073c39a9f1f888f93ebd6e363ed8 HTTP Headers `GET /xQXYn.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 6995 last-modified: Fri, 02 Jun 2023 04:17:07 GMT etag: "64796d43-1b53" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfwgiGp5LdKA89o%2BMzx4RzWOz6%2B3oIZgorMH52L3o3FQZ9k9%2FW5Y74nt4UFeMYmgAv5aku6M93RM5kWA6NCX5fDD%2FH9jtXzlOXjngh9nrxFPMTUhpPLI3TcLJQ724uLT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa83b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYg.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYg.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 1deb5cde265903ef33eb184aec53c686 f0af279a6eb698b9bed55a1c5bfc825d583166b4 ab5b62e43c9812e6d604beebeb888b1e4f0e5f3224ed03d71013c7bef9867f1f HTTP Headers `GET /xQXYg.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:16:03 GMT etag: "64796d03-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyq0AradLtIvuLt7gBQN7%2BDVqQyrp40lIahSNgjBbJVKizPnkiiD0v2AHu%2B%2FBQyVU1hQq4Uz0UG01iryPPxmou9hVT9Zx4GZvU63ukjJ8CSmKGpDp%2BwAkleN3IMdKL4V"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa79b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXVs.jpg	172.67.220.40	200 OK	53 kB
URL GET HTTP/2 img.javmec.me/xQXVs.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x400, components 3\012- data Size 53 kB (52944 bytes) Hash a8647e32f59422f00b7f3818b1a71172 e5de9d20fcb441c10a227490ac16d517983b6953 6fca5f6da351e5fab8e18beaf1e6fe113fb8aba046d582e43c67cb44a787c2d6 HTTP Headers `GET /xQXVs.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 52944 last-modified: Fri, 02 Jun 2023 00:56:05 GMT etag: "64793e25-ced0" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5luH9SfPTuMatt1HI7Bk3Gf7Aq9gC%2BDIctvGrinYvjKhovm2Lw%2FM8AVtAZ6TgEh%2B1fIQ0KE9GKGCsL7sN12BFURmBfVUiFeGskj%2FApxOSLpxCGeXOLNZtTJwQxr7XuBV"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea41b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXZd.jpg	172.67.220.40	200 OK	51 kB
URL GET HTTP/2 img.javmec.me/xQXZd.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 485x404, components 3\012- data Size 51 kB (51035 bytes) Hash d1195fa36f63379f641a2e7984538854 483037c1603f75b307b44e5cf50880a37ef54a23 ba937d60c4fd67ec5cc14762e6c1e21d32e2a680c1c7333054684932c85719d4 HTTP Headers `GET /xQXZd.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 51035 last-modified: Fri, 02 Jun 2023 07:35:29 GMT etag: "64799bc1-c75b" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0CDcS18vp5xlE5GnoyjDD3YQscsWoNbw%2FvfRPEyrIQzqALH7w1S7P4hhlWbHruka0Rb42qEtVWo0pOuFJqwJnclq4VU32s1CwD%2FZXGOFz%2F0izPcN%2Fz1jNgyYpSuUxIr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa63b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	javmec.me/assets/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js	188.114.96.1	200 OK	70 kB
URL GET HTTP/3 javmec.me/assets/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document, ASCII text, with very long lines (14856) Size 70 kB (70074 bytes) Hash c5de01ee6da003c07e3155cb56c569c8 90db4ffdce777a0d549adc7d9d9c75d238b14f12 c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c HTTP Headers `GET /assets/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: application/javascript vary: Accept-Encoding, Accept-Encoding last-modified: Fri, 30 Nov 2018 23:09:16 GMT etag: W/"5c01c31c-4e8a" expires: Sun, 02 Jul 2023 02:54:26 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29015 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A72HeDfUi3ZdklkDhrvYYV71D90p9T3bIrHYLZKB6Utee7NTOQqEEOnKUaDO0HxYOJvTL8NGRVrj%2FUZi4wEaXd1AVvl7EwgnG8q10IKAGz0tSCVpYwNsdLSlQEk%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c88e9c0b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXVt.jpg	172.67.220.40	200 OK	74 kB
URL GET HTTP/2 img.javmec.me/xQXVt.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 960x540, components 3\012- data Size 74 kB (73710 bytes) Hash 054be71906e186b373ad2c367e03f0ad db636784af406af82854c24448690366d77652d4 ae2d881a36afb51ecb7dc27931c6754e7330a7f0050ecf43a63980470b9f7d26 HTTP Headers `GET /xQXVt.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 73710 last-modified: Fri, 02 Jun 2023 00:56:21 GMT etag: "64793e35-11fee" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2v7p2zOan4vOr0axb9roiQhOaFJn7ZgtfhX0jFIL%2BNOXDaRmG16X5sx37pplNx5hw63IBfdWhtejRgox2%2BrqDXp6IUNO2a4limVy5sD1mdtPfSXEdYFNWD0CHs5Uu6DT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea43b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXV6.jpg	172.67.220.40	200 OK	63 kB
URL GET HTTP/2 img.javmec.me/xQXV6.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 800x450, components 3\012- data Size 63 kB (63438 bytes) Hash 169e29127615010d46be286438acbb6d c673b232bb3dfff671819ea81ca4f1929be48eb8 960ff189eb2390734291fc7f5b03cc7b340e85e1bf15eb9d0c0c8dbb4c23af0a HTTP Headers `GET /xQXV6.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 63438 last-modified: Fri, 02 Jun 2023 00:45:59 GMT etag: "64793bc7-f7ce" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbDWWw%2BZo%2Beb6RfrMKLnJKvxSzoF4pjNaJy2%2Fdr7XQJfVwn9Vvw8Gb2mFgJhEB%2F0lyqQMJt%2Beg%2BZrdvSEcYvy8d2OBhPGWHfzH0OkqBDTR0Nqa8movPufvbV0Gt0oIeH"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa4eb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXV5.jpg	172.67.220.40	200 OK	79 kB
URL GET HTTP/2 img.javmec.me/xQXV5.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 960x540, components 3\012- data Size 79 kB (79020 bytes) Hash d1124f7fe0e385852521b6f3070da32e 3fd00a1200308bf30707aaf873a3965f4c6e11ba bccbb0ef9d7a6439e158ed20876d339bc4050099eb857e8538489477053ab989 HTTP Headers `GET /xQXV5.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 79020 last-modified: Fri, 02 Jun 2023 00:45:48 GMT etag: "64793bbc-134ac" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4dDJafBr%2Bur3o%2FhPreBycP59kb9%2FTbfPaFf3UXFMmQcy1OKzOUDgpthYNda4MnodvoBvbORsVoD9UpwnIwAegQJ%2FAtPWIqDD1iWacj3cGr2PJttcbPC1fM0jdlCYB6i"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa4cb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXV7.jpg	172.67.220.40	200 OK	108 kB
URL GET HTTP/2 img.javmec.me/xQXV7.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 960x540, components 3\012- data Size 108 kB (108086 bytes) Hash 5f78e94691c5ff102a742ddd8146cf51 3daa5719c90d238d9f631f92d180950b6e8023ef 250f556f1ea9b6ab7129d854468c5f24bf8f9c63907476246b8433266480893a HTTP Headers `GET /xQXV7.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 108086 last-modified: Fri, 02 Jun 2023 00:46:10 GMT etag: "64793bd2-1a636" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bm89u%2B6j14X6ITSQ%2F30UJrEC6118%2FkMI3K%2BxUlCEzsHGKWL6h%2FOgHpzk9AK8p1TIL5Un3uwPWs9kHA6OfTx3SIp4trHdXD0TYN%2FTsQ8%2FGPqcf79sw8cZSBBd51cyWib3"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9fa4bb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXVp.jpg	172.67.220.40	200 OK	122 kB
URL GET HTTP/2 img.javmec.me/xQXVp.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 960x540, components 3\012- data Size 122 kB (122082 bytes) Hash 3982b96cc7cbfb5280502e714f391cfd 69174d5c63e61e734b15e444e5ac2f797f988060 3b98c3d6078fd7e77d6d249112cca6956339d5279d6b03ce5880a8c456af3321 HTTP Headers `GET /xQXVp.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 122082 last-modified: Fri, 02 Jun 2023 00:55:14 GMT etag: "64793df2-1dce2" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0MuR4aMfOsJtELFX3yzD6pXgDS0HpAdrQxPztSPDbcqZoMrQlABMYe54zn%2BT1lnVGkmQqvH8Bv5TVmhZxOPkQqF8HiWeFr6rmkHUANXOIenJdnYbmFHDy4Pov43U%2FNY"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea49b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXV3.jpg	172.67.220.40	200 OK	148 kB
URL GET HTTP/2 img.javmec.me/xQXV3.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 960x540, components 3\012- data Size 148 kB (148362 bytes) Hash 8a8fdb853cb290158ff0ea958530ee80 3d41f3a7d4ad8614c7558053bf18e121eced96c0 f19f6824aa0e539ea45cd4c447fe14855cee71bee3f5107e07a4f75a932621a9 HTTP Headers `GET /xQXV3.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 148362 last-modified: Fri, 02 Jun 2023 00:45:26 GMT etag: "64793ba6-2438a" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhGuXNRigDbX6vU%2BRqAG7h8LIg7%2F86UOetkf1qt7pNEY738cRkJZ6%2B1Qgolv9DilkA6iVSbibaM5DYc3bvEbSJqAXt%2FDiCngLfJKA%2FX2A%2B02izc4C4clULSI%2BG9s2EiB"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea48b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXV2.jpg	172.67.220.40	200 OK	126 kB
URL GET HTTP/2 img.javmec.me/xQXV2.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 960x540, components 3\012- data Size 126 kB (125801 bytes) Hash f95cea4aec49657f13f2d5dd0b98a749 2e4dcc3015de2b1e40408ff2f3eb6eadbf10d323 693f17ca3311f7c7ed68a307c0ed8e11abcacccbc7b82276ee837e5c44116ec9 HTTP Headers `GET /xQXV2.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 125801 last-modified: Fri, 02 Jun 2023 00:45:14 GMT etag: "64793b9a-1eb69" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFQ1a8q97iPOqmiuOqsIPL%2Bpc5V0hMJcOQ00%2B0232Hrd3j%2BsoQAQ8wjMjcYoyfmebauMeeuTds8dTWUOljPVEsGLQq8DCFYvcWBk%2FClYDjb4Cs42T%2FYFmnhTPG4izste"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea46b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXV4.jpg	172.67.220.40	200 OK	150 kB
URL GET HTTP/2 img.javmec.me/xQXV4.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 960x540, components 3\012- data Size 150 kB (149587 bytes) Hash 5ffce5c2d5c3e7283712775bb13227f6 0909658cab9c228385e3b69808e9de1744b607a4 ab895d45ec65a38fe850accd49418482f25f157b2175d70f56d92b50cca48af8 HTTP Headers `GET /xQXV4.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 149587 last-modified: Fri, 02 Jun 2023 00:45:37 GMT etag: "64793bb1-24853" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DgPpwFBB%2BoeloBZqOAPCmoEJerZCASET7dACdEECRxgsf8%2BQN2HJ1I9iSgJk3PgJeTu7Hyrxg1tg5z5a7AnL8gvzeqP%2B2FxWW8tXniRtNBlxYjaXbHhlmgYWjoszpwZ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea47b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXVq.jpg	172.67.220.40	200 OK	310 kB
URL GET HTTP/2 img.javmec.me/xQXVq.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=2160, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=3840], baseline, precision 8, 720x405, components 3\012- data Size 310 kB (309861 bytes) Hash 61423294314bc18eb7900c31c54afb87 e9ab602a8b01b9cfb01f7b660c093fcb74df58f3 9473c88f8aabd6ddb080690dfdf1385c2239a098538f92fadc8a0aa73ab39545 HTTP Headers `GET /xQXVq.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 309861 last-modified: Fri, 02 Jun 2023 00:55:31 GMT etag: "64793e03-4ba65" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGGkM6L3CnpkXsDU3BOLaKQnmtl7I7ZrsT9d%2BJq2V4Am6mkwGUz0iME0yGLZ5HZovkEctSdB06yyLn64le6vnPPD8%2BHKmK0O72TsfwviHeDuUXX63iYdIfF2AHeVW4vx"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea44b4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	healthsmd.com/xad/js.php	142.132.202.70	200 OK	312 B
URL GET HTTP/1.1 healthsmd.com/xad/js.php IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjecthealthsmd.com Fingerprint1A:F6:B5:53:9D:8E:40:9E:67:6B:B9:1A:11:4A:16:39:71:79:31:CB ValidityWed, 31 May 2023 19:32:42 GMT - Tue, 29 Aug 2023 19:32:41 GMT File type ASCII text, with CRLF, LF line terminators Size 312 B (312 bytes) Hash 16b6266a012feb7ea9f58d6cedee3087 c1c31bdc63f030c288bdf500a01d74dc309019b6 a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd HTTP Headers `GET /xad/js.php HTTP/1.1 Host: healthsmd.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:13 GMT Content-Type: application/javascript; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: *`

	javmec.me/assets/fonts/fontawesome-webfont.woff2?v=4.4.0	188.114.96.1	200 OK	64 kB
URL GET HTTP/3 javmec.me/assets/fonts/fontawesome-webfont.woff2?v=4.4.0 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data Size 64 kB (64464 bytes) Hash 4b5a84aaf1c9485e060c503a0ff8cadb 574ea2698c03ae9477db2ea3baf460ee32f1a7ea 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019 HTTP Headers GET /assets/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://javmec.me/assets/css/font-awesome.min.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: application/octet-stream content-length: 64464 last-modified: Fri, 30 Nov 2018 23:09:09 GMT etag: "5c01c315-fbd0" cache-control: max-age=86400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyHQA%2BIQ7Gbbq8FvfWlAhNBfuzCJHVxswxKfbJ%2F1gih8tnJfC4Q1m65DJls45oVf%2BsUOc6E113hvFse96ZCzf7Y8cmMl4pB1JS3cf7OiOAOeMDsmsfar1M1pOVA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cc39de0b02-OSL alt-svc: h3=":443"; ma=86400

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 9c320af7047f9368e0536de66d6d2658 2cdb5bfd4bb4ddf85559ff29d06ed964e04119ab 64bb80bd8947d7d658ce8f20fc2bebab85d391bf2baa953c67201ebd194cd1b9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Jun 2023 11:34:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	img.javmec.me/xQXYh.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYh.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 573524b3c71c30f8da553cffb51e3da4 ee30b08a7a63c36e3d15d07b7b50bfd57721d99d d48d7dee5a0361c26c66e76dfd861147470f7936bc7a724b6f0563f63cfb5d0e HTTP Headers `GET /xQXYh.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:16:11 GMT etag: "64796d0b-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQhf1OEAj3m8hHj2IJSTAVLBHIBUmJ8EBIKi6UKtt8wjLoCIq0voiMw89LjyNuOC9ws9nqeLL2OmoAwvh9zwxwH2eyrpqtN0O%2BenBAeVFXzeSALdNgz%2BeTMyGSbqXLYI"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cefa1cb4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYs.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYs.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2445) Size 7.0 kB (6973 bytes) Hash de22727f63928c300ff9270c1a22615d 8e1e378e5ad362f4e2c28715b806510385230e26 97bcdc6792eb437ba7107794cf96d20900a2c844caabceaacdb284fbc0a4e308 HTTP Headers `GET /xQXYs.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 6973 last-modified: Fri, 02 Jun 2023 04:17:54 GMT etag: "64796d72-1b3d" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHGAQnfFlvEAnoxAhgUB13dZkLdyMQqMC0ak3R4wNby7liPxVgPyBFFZ6ZvHx2xMUuHuBgDOU4kZ4R5Vn3ZyCaiuVb%2B6cBzLTnZJettivaCXP%2BTFhJQaD0pBgLsF4d0f"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cefa18b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYu.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYu.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6995 bytes) Hash 6820f14bdcea8eecd722f90f4528c72b dcd06ca2845711d2ca00e5a3577b54238d677ff8 ab7eb51382a0172f5b93942a813c81ac46dc1ff002267f79f24128a4f9bea06f HTTP Headers `GET /xQXYu.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 6995 last-modified: Fri, 02 Jun 2023 04:18:12 GMT etag: "64796d84-1b53" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djp6iscIjYogmM%2FggQkgiyAvRvas%2FXoNbbgFCY%2FQm%2FMcV7UgkrNU2CcGX65K5PjXlhT%2F1BdAHtwNT7E47PS2T5Ezhzzt47xYnKzA7fcGYhaRX%2FmDRTZkpnwCIdGG8zGq"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf0a33b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYl.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYl.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 27a19b93d2a57975d3ca2446b100c017 68d04fc5e1189283d3f29ec200b8f5703b81b03d 2a13261dd6209dd026581111330c2a662026cb8db64d39136abd2d417cddbe44 HTTP Headers `GET /xQXYl.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:16:48 GMT etag: "64796d30-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0eSWgaKIgImuQPm2ZFPjvUnD%2BVRDagkO1ZjIWrM2f1LUGBLVfh%2Bat4GGIo4Wodz%2FRA9Ba8iKdCtMG9eOtWhUSVj90mgOI%2Bbc2F2xvKUAsnByJ5dnLbAS%2Fr1WA9izsRN"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf0a34b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYi.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYi.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (7002 bytes) Hash 02d7f6f19abaf174c1682db522d9889a 134c70513b70184e6c41f5de947dc3e2ba132059 111e12d42259d89a5853e457c03202afeb368b5a3b75038699e7f02f44c1e716 HTTP Headers `GET /xQXYi.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7002 last-modified: Fri, 02 Jun 2023 04:16:20 GMT etag: "64796d14-1b5a" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VdeNkebMdwAB%2FqM0CKFRg0DUe6b%2FU43co79MH7c%2Fp%2FHVlmbRL04FSNthU8SQ49CEtP2j5%2BhwpkMgmen2hfsYfqb1Xl3PuvHiy2oAnmouxJEiAlxekYxJd8uBDfHlTCR"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf0a36b4ed-OSL alt-svc: h3=":443"; ma=86400

	javmec.me/assets/css/main.css?v=1685697450	188.114.96.1	200 OK	16 kB
URL GET HTTP/3 javmec.me/assets/css/main.css?v=1685697450 IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type ASCII text Size 16 kB (15479 bytes) Hash 914f9a007023c6866877cc6644a9c854 1f9ded452c262b32e8429bb35dd6ec1857c6394b f64e504f1622b6b054abb861c297599785defa3a6c2a8aea4d0667fa3ac55325 HTTP Headers `GET /assets/css/main.css?v=1685697450 HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: text/css vary: Accept-Encoding, Accept-Encoding last-modified: Sat, 06 Jul 2019 20:15:36 GMT etag: W/"5d210168-a7e7" expires: Sun, 02 Jul 2023 10:58:02 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g6dH0utsPBD%2F7PozD99hNUWQx8fBzPA3k6uUIZYte2vVFNVYyYM1t%2FUbDqZeeN%2BULkSbz8T3RE8m%2FgRNbpNHVALzlQ9VS9EJWHX0M%2FF8WsPeNoJVXZweOE9aFE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c88e950b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	javmec.me/assets/js/vendor/jquery-1.11.2.min.js	188.114.96.1	200 OK	41 kB
URL GET HTTP/3 javmec.me/assets/js/vendor/jquery-1.11.2.min.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type ASCII text, with very long lines (32047) Size 41 kB (41373 bytes) Hash 5790ead7ad3ba27397aedfa3d263b867 8130544c215fe5d1ec081d83461bf4a711e74882 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 HTTP Headers `GET /assets/js/vendor/jquery-1.11.2.min.js HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: application/javascript vary: Accept-Encoding, Accept-Encoding last-modified: Fri, 30 Nov 2018 23:09:16 GMT etag: W/"5c01c31c-176bb" expires: Sun, 02 Jul 2023 02:54:26 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29015 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKDNuq5nW%2BUW7DOL6K4Uvs7ddWIahWIYrlH2d%2BZdzf3UjeIxHp7OnXamEK5Lwzs906L1A%2BNdSPT%2BW%2BTN41XxqbgwGuqexXjYmn%2B2eiRX7BbnDHrQGWAK%2BpbET9w%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c89ea40b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYe.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYe.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2509) Size 7.0 kB (7046 bytes) Hash 873d1d3513245e6edff1d4d6dc5642c5 043b5888bb7898e868e6550e78c325f63334a9ad 789703a0a46c97a28499833432a03750f638ca12c50802cb35341b5250ab0fe2 HTTP Headers `GET /xQXYe.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7046 last-modified: Fri, 02 Jun 2023 04:15:45 GMT etag: "64796cf1-1b86" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNEMS%2F5sEwJjfzLgkPdnEzpZdq568CnUYBPci8vavELnOWGP7CV57E4IaSr34ESa%2F2bNtf1E4vm8Pzrm7zXHryKLskjWtYizulTzujtqeVqbgSIZwCGnLA%2FGWqZkM6AB"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf1a3db4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYk.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYk.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7016 bytes) Hash 40f8f82c394367a52dac5b5d9088dbf6 c667e09942a7537bbb868d772b57178532e75430 b466cb23561a997e058b0eb07eaf435d6c91406d2587a189fe97ef7938b28c45 HTTP Headers `GET /xQXYk.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7016 last-modified: Fri, 02 Jun 2023 04:16:38 GMT etag: "64796d26-1b68" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzA7paLxrwHkHzOIGTEwrCOggZHU9y%2FTGbUxBIuagC7A4CZFENpcpJnf%2Bm0M%2BpMYxtywjkNYVN0b%2BuU3aGSg1gPrX2HpJZ3w7zBWO%2FMrjq9r40o8DgDs%2FDNEsAeSAH13"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf1a40b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXVr.png	172.67.220.40	200 OK	2.7 MB
URL GET HTTP/2 img.javmec.me/xQXVr.png IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data Size 2.7 MB (2701949 bytes) Hash edab9d16d35e6a596ffee3d7ab4542df ea0af9d71245f04af6dbc2c50fe82f785d14e77f 097be994f9f1fb511b51c8447d4149b5034450b8035a98f55b42af121736041d HTTP Headers `GET /xQXVr.png HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/png content-length: 2701949 last-modified: Fri, 02 Jun 2023 00:55:49 GMT etag: "64793e15-293a7d" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FP52%2F%2BfBOczwmT6qCWDBy75ohGOuHhWplZsssviPo%2FYpmd6xAU8yFNld8EkwJ7PHjiJ56N2UH7INUyPhHrtnRraUZNCDxUyj0ovC%2FBRuDwMuMe6ekz17vWvegMQxrJYV"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62c9ea3fb4ee-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	img.javmec.me/xQXYj.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYj.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (7008 bytes) Hash ddfdc96ff4f91f814579a21f26b1dccd 8a6c08e82edf9ec8066837b4178ab4151e0dac20 cd34c48bd882094e8811721c3576e8e541baaf6088769d8353cbc054f7b33d73 HTTP Headers `GET /xQXYj.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7008 last-modified: Fri, 02 Jun 2023 04:16:29 GMT etag: "64796d1d-1b60" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FdOAmVM789XbrSr%2FUkqbkj0V%2BlRkgqsTsycgwtrOv2Iv906x2m58tMe0egxFVli%2FxSkZj0xyRuNmNMb5nfI8TJTq1H%2FnGpAyyu80zxw5I2TqIxTFolEBdxigwNkyNWS"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf1a48b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYf.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYf.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 75bd9f0a3d2df4902f849ebfbe2b1c83 07d65327f64bdaf19663a422444d278054ec4ed3 fc53f28e546de8041b19274aaa4d4e670fb0a9611c82945aacc19e0b7d6dea28 HTTP Headers `GET /xQXYf.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:15:55 GMT etag: "64796cfb-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Jy50CelJzdf7MY%2BNGdMq1r2aE9fm%2BdSPnXIxhuw3SQ1eWeG5c%2FiuyjM3Ykr9VZsE5UVXYu40bj6f5YJNiHiWzWPW9KUyluLIOEh6EIZhodgYTnFmBp9fKdx2u%2BfMruU"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf1a58b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYt.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYt.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6995 bytes) Hash a90ff993be204d42d6625728d6b76c80 216fef83e6e467a7fb89df3281092e6ec58d8973 6068abe4e118daac5f6ba7e730e51639d081916b8190656ac26a86527f509fa2 HTTP Headers `GET /xQXYt.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 6995 last-modified: Fri, 02 Jun 2023 04:18:03 GMT etag: "64796d7b-1b53" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOeQd%2B3imm9MKv6DxvwggZugqFtBqQpucigYOEKn7ijvunhhj6gzc4MKpe6EqVwM3unSsP18YYNtOKjj40HRIL8YxYy2%2B6VQQGBmGs8NubuEsVRJKWqEsnC5FjOr5ei8"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf1a5bb4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYq.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYq.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7026 bytes) Hash c9719ce16df4a11edd1a6c80f4a5b233 ba1232671e70cc6f621f8e184a178d91ee8f834f 74e723cc913447c5241e414be01d2fd0dca273911d6cfbdc0674d8e67ef95c11 HTTP Headers `GET /xQXYq.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7026 last-modified: Fri, 02 Jun 2023 04:17:35 GMT etag: "64796d5f-1b72" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDpe0CLyEqDBtxWMYqSnwnrJM88cM2AtpghsyTu38ROy5nxnYa10PYx1eTN1%2Fb7SPgUvHQNIx6Fdauz4fK0vZz7BNrVl%2FDq4Qm%2BAP5OmueO4G9UeCcN2wk6QGvMy5cq4"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cf6aafb4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYg.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYg.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7023 bytes) Hash 1deb5cde265903ef33eb184aec53c686 f0af279a6eb698b9bed55a1c5bfc825d583166b4 ab5b62e43c9812e6d604beebeb888b1e4f0e5f3224ed03d71013c7bef9867f1f HTTP Headers `GET /xQXYg.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7023 last-modified: Fri, 02 Jun 2023 04:16:03 GMT etag: "64796d03-1b6f" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exjZTLD4L0PHpp02Cr7N8xQ7l4qwSQYP1eBVLXBFX0Yrzc%2BYRbqcDJQup8lAEwZz2b%2Bq%2BtdtQZ2D%2BY6KwzBZJrA4SbF0dRiCGDhzEObKBu79StwjY4zuHGJxuMriaOrI"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62d02bd6b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYo.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYo.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7016 bytes) Hash 57fd9e5e9a7570cf748e05dec963ded7 ad48f00c3708bea0ac105c3324c49202ac5a0612 2c091d1f47c156d4f61f49acb91c605af285e07babe622b546ee13df627eb08d HTTP Headers `GET /xQXYo.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7016 last-modified: Fri, 02 Jun 2023 04:17:16 GMT etag: "64796d4c-1b68" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCCsbAP%2BPsolbgJGNrwSF%2BL4Ob2QUj%2BYm3il3ljSFCqGUwtK1EEKvv%2FVp%2Ffx7J10Ta65F7OO9H5HsaEQl5SH0kYQzT16fB%2FG2lw6IrSFbAUC6ElyRDJ4ch4hXPxWVBuf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62d02bd7b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYp.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYp.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7013 bytes) Hash 31743613fc240e0cbb399c026619df25 636ed042791824aae2f732def992b3ce7823b3a4 536971b105b87874f432c6e8621575b395305fd83ddc91c0e138555128e34981 HTTP Headers `GET /xQXYp.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7013 last-modified: Fri, 02 Jun 2023 04:17:26 GMT etag: "64796d56-1b65" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk%2BgGoVQ0Dku26r9DaNUK7%2FQwXYtJQCYRlDLBEscUblq%2FEKDbJH9mmaH31yJXs3jIVYTOXEZ4vdq88Cw4KWuLJeMZjkcJqvEmkpV1A%2BxzpYJ3aB8xUBjnEVnSK5nhquo"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62d02bd5b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYc.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYc.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488) Size 7.0 kB (7016 bytes) Hash 5074c917deba253c6c03f4acf38c208d 39c5b25d3981e4b03e4ff5c1d1295e191c0c006d 160d7404d6c7ed200743966cc72c7ebe36963fd50600de1664e2133b50c1bf61 HTTP Headers `GET /xQXYc.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7016 last-modified: Fri, 02 Jun 2023 04:15:26 GMT etag: "64796cde-1b68" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8yfxgqZ7BivmlYEdxjutihpxYMN%2BQdotHFcWs2CVCbtjB%2B%2Bl5KoCVJQHQYr8EWCuYIBTY0YGfTKbPtYLM6fp0KDy6FnI1vC%2Fp2jLFED7o8LW4VzNRfyULymwEhgVnH2"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62d02bd9b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYd.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/2 img.javmec.me/xQXYd.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (7002 bytes) Hash 211242c1141d12544e86cece1fad3974 640b6a249c6f06d5934ab33c40f4a1d3c35fcda3 4cf61f460e4d0fc0dff49a5fd855a1051356a9a20d3cbe31efa5ef4ab6da54cf HTTP Headers `GET /xQXYd.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 7002 last-modified: Fri, 02 Jun 2023 04:15:36 GMT etag: "64796ce8-1b5a" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMSf%2Bdv2dVsCu2SDvmVQs7P06Pb2ai9%2BHByKtCPfpeO6O8F6%2BPQ9nKtQcRSjc83TgtOHa%2FvuUd56oD%2FDyVNUiA3uXqVcMcqT8Z4T2UDFjjtNUxw0DO13R8HZYPVL3w%2FZ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62d02bd8b4ed-OSL alt-svc: h3=":443"; ma=86400

	img.javmec.me/xQXYn.jpg	172.67.220.40	200 OK	7.0 kB
URL GET HTTP/3 img.javmec.me/xQXYn.jpg IP 172.67.220.40:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2467) Size 7.0 kB (6995 bytes) Hash 60a734b8aa2b3105676bad48652bacc5 5f56138f3ad38412adadc68c4b50bbbd686e2eec ef3b76210042f727a9ad1f0da8092fe56b8f073c39a9f1f888f93ebd6e363ed8 HTTP Headers `GET /xQXYn.jpg HTTP/1.1 Host: img.javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/jpeg content-length: 6995 last-modified: Fri, 02 Jun 2023 04:17:07 GMT etag: "64796d43-1b53" access-control-allow-origin: * cache-control: max-age=31536000 cf-cache-status: HIT age: 1 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5SCQ%2FOci4oXF76H8qlwFhgZ7Y9xXsT0zV6BzYeBrRroBp%2B0xajwEPxDquHh7XxtAjNISAwE3e836Mo13Qp4Q3am7dyxgLYr05lt7sIZ%2BX8lriWm77BavMWJTiGFEnH9"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62d02bd3b4ed-OSL alt-svc: h3=":443"; ma=86400

	odnaknopka.ru/ok9.js	142.132.202.70	200 OK	143 B
URL GET HTTP/1.1 odnaknopka.ru/ok9.js IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectodnaknopka.ru FingerprintFA:17:BB:0D:DA:8F:FE:83:37:DB:68:C6:BF:23:C3:54:21:7D:B6:48 ValidityThu, 13 Apr 2023 03:53:33 GMT - Wed, 12 Jul 2023 03:53:32 GMT File type ASCII text, with CRLF line terminators Size 143 B (143 bytes) Hash 01d104f1d2a961f6fc241ec08ba1af54 2e9f73a9137283c94c79bff44fd10f5b1a2738b6 f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022 HTTP Headers `GET /ok9.js HTTP/1.1 Host: odnaknopka.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:14 GMT Content-Type: text/javascript; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * ETag: a5a5330fd91066ebe7ce0ec3e2084c4a`

	odnaknopka.ru/stat.js	142.132.202.70	200 OK	766 B
URL GET HTTP/1.1 odnaknopka.ru/stat.js IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectodnaknopka.ru FingerprintFA:17:BB:0D:DA:8F:FE:83:37:DB:68:C6:BF:23:C3:54:21:7D:B6:48 ValidityThu, 13 Apr 2023 03:53:33 GMT - Wed, 12 Jul 2023 03:53:32 GMT File type ASCII text, with CRLF, LF line terminators Size 766 B (766 bytes) Hash 319bbb368d8deccc9d26aeed9bcb6ff2 92036a1f0e3e11c2f2f818ca48df7269e26924de da6dd2c8f945f94480f578d5712ff076dbfc20bdeffbad51793161162211aefe HTTP Headers `GET /stat.js HTTP/1.1 Host: odnaknopka.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:14 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: *`

	js.wpadmngr.com/static/adManager.m.js	45.133.44.53	200 OK	57 kB
URL GET HTTP/2 js.wpadmngr.com/static/adManager.m.js IP 45.133.44.53:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.wpadmngr.com FingerprintA9:7C:F8:A4:B8:B3:E3:98:76:72:9E:0B:4A:FB:FB:39:D4:F4:54:3D ValidityTue, 16 May 2023 02:02:19 GMT - Mon, 14 Aug 2023 02:02:18 GMT File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Size 57 kB (57104 bytes) Hash 4a20d11e8bb4133a4351ebe1888b1be9 417b36d455d0e8df89d931a25cfeb3e166ae1a78 b26215d91cf0620ab04a2401f037303408972417b85c8b867cc8adcd6477bd84 HTTP Headers `GET /static/adManager.m.js HTTP/1.1 Host: js.wpadmngr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Mon, 29 May 2023 10:14:41 GMT etag: W/"64747b11-2697d" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:14 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	javmec.me/favicon-16x16.png	188.114.96.1	200 OK	1.5 kB
URL GET HTTP/3 javmec.me/favicon-16x16.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Size 1.5 kB (1491 bytes) Hash 60fe24c80eb5e324fdc19ccf021ba3ec 3da0ccb3fc27501fa4ef6b181fea115a75fef440 ca1e852b5a02dea3014830e84a15720428fbd2472f138be8e97375bbc5a20361 HTTP Headers GET /favicon-16x16.png HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Cookie: _ga_DWFRX28KB5=GS1.1.1685705653.1.0.1685705653.0.0.0; _ga=GA1.1.558492202.1685705654 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: image/png content-length: 1491 last-modified: Thu, 27 Dec 2018 12:44:20 GMT etag: "5c24c924-5d3" expires: Sun, 02 Jul 2023 10:34:57 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 1386 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZ2lO4wjiOZrZIcsdUdXwVXx4v%2Bmktuvq9qw91kgJmkS9XbPSdQBPGfabEiTBWdqtwVL8Z%2Fucnw7H%2F4C88fbR7asjJ%2FH%2FFq%2Bxd5zhz5SPNBMSQ2DvgoAcueshUE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62d469160b02-OSL alt-svc: h3=":443"; ma=86400

	feneteko.com/a	142.132.202.70	302 Found	0 B
URL GET HTTP/1.1 feneteko.com/a IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfeneteko.com Fingerprint63:38:20:F2:B3:A4:B4:37:BD:05:4A:F4:86:A3:DE:FC:A2:86:86:98 ValidityWed, 10 May 2023 20:54:23 GMT - Tue, 08 Aug 2023 20:54:22 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /a HTTP/1.1 Host: feneteko.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Set-Cookie: qwerty_a=0; expires=Sat, 03-Jun-2023 11:34:14 GMT; Max-Age=86400; path=/ Location: https://s.click.aliexpress.com/e/_DEQI9az?af=a;2321&cn=oslo&cv=867834&dp=91.90.42.154`

	javmec.me/download/undefined	188.114.96.1	200 OK	29 kB
URL GET HTTP/3 javmec.me/download/undefined IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type data Size 29 kB (28603 bytes) Hash 5d831f9ab9f380a26b96e21d390e0b30 685113ae03886505652b24efad84361ef5d27567 ec950f81a2f4290edfc74c3266167ccc1e3775bf7c6c59d32b05d0c65a5198fe HTTP Headers `GET /download/undefined HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding, Accept-Encoding cache-control: max-age=86400 cf-cache-status: HIT age: 29016 last-modified: Fri, 02 Jun 2023 03:30:38 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGBF1ToQLUa5yt9O8MS5oyldRNFJe5qZPch38kxJmLBuNMwYpcF1U7ZIzI9tZDfocpFTWZWaEBYGM9nDQ8IcZX%2FJLD%2FO6ih%2B2zCPidx5cd8klszqP%2B5MvaOTv3g%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62d1de6d0b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	adserver-mb.com/stat	176.9.60.211	302 Moved Temporarily	0 B
URL GET HTTP/1.1 adserver-mb.com/stat IP 176.9.60.211:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectadserver-mb.com Fingerprint6C:15:32:1D:2F:54:41:CC:30:06:12:BF:8F:B9:AD:7E:5B:81:0C:FA ValidityWed, 05 Apr 2023 08:26:27 GMT - Tue, 04 Jul 2023 08:26:26 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /stat HTTP/1.1 Host: adserver-mb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Moved Temporarily Server: nginx/1.12.2 Date: Fri, 02 Jun 2023 11:34:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Set-Cookie: qwerty_stat=0; expires=Fri, 02-Jun-2023 12:34:14 GMT; Max-Age=3600; path=/ Location: https://hlmiq.com/vu/a/`

	js.wpadmngr.com/static/adManager.js	45.133.44.53	200 OK	1.1 kB
URL GET HTTP/2 js.wpadmngr.com/static/adManager.js IP 45.133.44.53:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.wpadmngr.com FingerprintA9:7C:F8:A4:B8:B3:E3:98:76:72:9E:0B:4A:FB:FB:39:D4:F4:54:3D ValidityTue, 16 May 2023 02:02:19 GMT - Mon, 14 Aug 2023 02:02:18 GMT File type gzip compressed data, from Unix\012- data Size 1.1 kB (1116 bytes) Hash 27aa7fdb4a3bdd4f15f71c800463e137 58aec7358c80eb5d7bc4476a520b8275106a05f6 981f78a967c345986d2f62e2824a5f9ceb308fa3bd0af4f43f967f3f14bb34c7 HTTP Headers `GET /static/adManager.js HTTP/1.1 Host: js.wpadmngr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Mon, 05 Dec 2022 13:37:26 GMT etag: W/"638df416-4dd" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:13 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	f7c1779ab5.bcceb2c771.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTI5NzY2MDU2ODE5OTAzNzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjUxLjAiLCJ0YWdfaWQiOjI3MjE5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkphdiUyQ1NleCUyQ1N0cmVhbWluZyUyQ09ubGluZSUyQ0hEJTJDQmVzdCUyQ0phcGFuZXNlJTJDUG9ybiUyQ0ZyZWUlMkMxMDgwcCUyQ0phdk1lYy5NZSUyQ1dhdGNoJTJDSkFWJTJDRlJFRSUyQ2NvbGxlY3Rpb24lMkNTZXglMkNWaWRlb3MlMkNIRCUyQ2Z1bGwlMkNTdHJlYW1pbmclMkNPbmxpbmUlMkMlRTIlOUMlODVDZW5zb3JlZCUyQ1VuY2Vuc29yZWQlMkMlRTIlOUMlODUlMkNKQVZNRUMlMkN3aXRoJTJDZnVsbCUyQ3RvcCUyQzElMkNyYXRlZCUyQ2FuZCUyQzUlMkNzdGFycyUyQ0phcGFuZXNlJTJDUG9ybiUyQ21vdmllcyUyQ2ZvciUyQ0ZyZWUlMkNmb3JldmVyLiJ9	45.133.44.52	200 OK	0 B
URL GET HTTP/2 f7c1779ab5.bcceb2c771.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTI5NzY2MDU2ODE5OTAzNzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjUxLjAiLCJ0YWdfaWQiOjI3MjE5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkphdiUyQ1NleCUyQ1N0cmVhbWluZyUyQ09ubGluZSUyQ0hEJTJDQmVzdCUyQ0phcGFuZXNlJTJDUG9ybiUyQ0ZyZWUlMkMxMDgwcCUyQ0phdk1lYy5NZSUyQ1dhdGNoJTJDSkFWJTJDRlJFRSUyQ2NvbGxlY3Rpb24lMkNTZXglMkNWaWRlb3MlMkNIRCUyQ2Z1bGwlMkNTdHJlYW1pbmclMkNPbmxpbmUlMkMlRTIlOUMlODVDZW5zb3JlZCUyQ1VuY2Vuc29yZWQlMkMlRTIlOUMlODUlMkNKQVZNRUMlMkN3aXRoJTJDZnVsbCUyQ3RvcCUyQzElMkNyYXRlZCUyQ2FuZCUyQzUlMkNzdGFycyUyQ0phcGFuZXNlJTJDUG9ybiUyQ21vdmllcyUyQ2ZvciUyQ0ZyZWUlMkNmb3JldmVyLiJ9 IP 45.133.44.52:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectf7c1779ab5.bcceb2c771.com Fingerprint7B:C3:1A:42:BD:45:3E:BB:BC:A0:7A:06:89:41:E0:AA:E3:D1:FF:FA ValidityTue, 30 May 2023 02:50:33 GMT - Mon, 28 Aug 2023 02:50:32 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMTI5NzY2MDU2ODE5OTAzNzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjUxLjAiLCJ0YWdfaWQiOjI3MjE5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuNDIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkphdiUyQ1NleCUyQ1N0cmVhbWluZyUyQ09ubGluZSUyQ0hEJTJDQmVzdCUyQ0phcGFuZXNlJTJDUG9ybiUyQ0ZyZWUlMkMxMDgwcCUyQ0phdk1lYy5NZSUyQ1dhdGNoJTJDSkFWJTJDRlJFRSUyQ2NvbGxlY3Rpb24lMkNTZXglMkNWaWRlb3MlMkNIRCUyQ2Z1bGwlMkNTdHJlYW1pbmclMkNPbmxpbmUlMkMlRTIlOUMlODVDZW5zb3JlZCUyQ1VuY2Vuc29yZWQlMkMlRTIlOUMlODUlMkNKQVZNRUMlMkN3aXRoJTJDZnVsbCUyQ3RvcCUyQzElMkNyYXRlZCUyQ2FuZCUyQzUlMkNzdGFycyUyQ0phcGFuZXNlJTJDUG9ybiUyQ21vdmllcyUyQ2ZvciUyQ0ZyZWUlMkNmb3JldmVyLiJ9 HTTP/1.1 Host: f7c1779ab5.bcceb2c771.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://javmec.me DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-length: 0 server: nginx/1.18.0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	js.wpushsdk.com/npc/sdk/wpu/npush.m.js	45.133.44.53	200 OK	126 kB
URL GET HTTP/2 js.wpushsdk.com/npc/sdk/wpu/npush.m.js IP 45.133.44.53:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.wpushsdk.com Fingerprint7D:10:0A:C8:15:7A:C4:BB:44:8D:ED:0C:96:43:07:7E:2E:CC:00:A1 ValidityFri, 19 May 2023 00:01:23 GMT - Thu, 17 Aug 2023 00:01:22 GMT File type gzip compressed data, from Unix\012- data Size 126 kB (126528 bytes) Hash 2fd2ad8a80cdc58118131727f544c37b 46a9ddd643842fdc4ad16017d6383ad9de53f4a9 9169f3bf5fbc44f7d1aef084c45ef752fcabe2b4b5b4269c353b6c789d106368 HTTP Headers `GET /npc/sdk/wpu/npush.m.js HTTP/1.1 Host: js.wpushsdk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Thu, 01 Jun 2023 13:26:31 GMT etag: W/"64789c87-7ddec" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:14 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	js.canstrm.com/in-stream-ad-admanager/build.js	45.133.44.53	200 OK	7.2 kB
URL GET HTTP/2 js.canstrm.com/in-stream-ad-admanager/build.js IP 45.133.44.53:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.canstrm.com FingerprintCA:5E:79:01:84:B8:D9:CA:57:15:95:D3:A4:19:83:73:17:71:DE:52 ValidityWed, 24 May 2023 07:02:49 GMT - Tue, 22 Aug 2023 07:02:48 GMT File type ASCII text, with very long lines (21376) Size 7.2 kB (7166 bytes) Hash 4528ae46f271ba6a3cd1053e05f35f55 e01a70eafdf4d28b66cf63908f9f32ab51c52c79 d4075d665d62865680b27a5b81f6109731858c21c4aad45616fe962fd6d40b49 HTTP Headers `GET /in-stream-ad-admanager/build.js HTTP/1.1 Host: js.canstrm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Wed, 31 May 2023 15:08:46 GMT etag: W/"647762fe-53b3" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:14 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	s.click.aliexpress.com/e/_DEQI9az?af=a;2321&cn=oslo&cv=867834&dp=91.90.42.154	104.110.21.5	302 Found	0 B
URL GET HTTP/2 s.click.aliexpress.com/e/_DEQI9az?af=a;2321&cn=oslo&cv=867834&dp=91.90.42.154 IP 104.110.21.5:443 ASN #16625 AKAMAI-AS Requested by https://javmec.me/ Certificate IssuerDigiCert Inc Subjectae01.alicdn.com Fingerprint5E:59:28:2A:15:42:16:1C:16:93:AC:8D:F1:FB:F6:ED:D6:EE:64:EA ValidityTue, 13 Dec 2022 00:00:00 GMT - Wed, 13 Dec 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /e/_DEQI9az?af=a;2321&cn=oslo&cv=867834&dp=91.90.42.154 HTTP/1.1 Host: s.click.aliexpress.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found content-length: 0 server: Tengine x-application-context: global-traffic-holmes-f:7001 access-control-allow-methods: GET, POST, OPTION access-control-allow-credentials: true p3p: CP="CAO PSA OUR" x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: 0 strict-transport-security: max-age=31536000 ; includeSubDomains location: https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a content-language: en-US eagleeye-traceid: 2101df8a16857056550712008e7b7a timing-allow-origin: * date: Fri, 02 Jun 2023 11:34:15 GMT set-cookie: xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%2205311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%22%2C%22af%22%3A%22a%22%2C%22affiliateKey%22%3A%22_DEQI9az%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22716815331%22%2C%22tagtime%22%3A1685705655077%7D&acs_rt=9f39fdb27b484234b0b785968f1f176a; Domain=.aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:22 GMT; Path=/ acs_usuc_t=x_csrf=txeh7pnxms9w&acs_rt=9f39fdb27b484234b0b785968f1f176a; Domain=.aliexpress.com; Path=/ aeu_cid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az; Domain=.aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:22 GMT; Path=/ xman_t=ItgJzSljTnVHngTcmjOaHRALOphq2Xv66Zw0uXabXHnntamQ8Cm4DVPGIjZYUc2I; Domain=.aliexpress.com; Expires=Thu, 31-Aug-2023 11:34:15 GMT; Path=/; HttpOnly xman_f=a3CUNTvN919MbiQriDxuepDXOSyyGey6fYSh7aqqiXGiuFZqQUW0tjaUB/R/NTgaG33yT5b4tPypKSfhMRyU0SY835PES/wa8FOhnE9jS4Npkm+9yN0qFQ==; Domain=.aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:22 GMT; Path=/; HttpOnly traffic_se_co=%7B%7D; Domain=aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:22 GMT; Path=/ af_ss_a=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; Secure; SameSite=None af_ss_b=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; SameSite=Lax server-timing: ak_p; desc="468251_388255172_2188567_12248_815_1_0";dur=1 X-Firefox-Spdy: h2

	fp.metricswpsh.com/fp?tag_id=27219	157.90.84.242	200 OK	0 B
URL POST HTTP/1.1 fp.metricswpsh.com/fp?tag_id=27219 IP 157.90.84.242:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectnotification.tubecup.net FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53 ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /fp?tag_id=27219 HTTP/1.1 Host: fp.metricswpsh.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://javmec.me/ Origin: https://javmec.me DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 204 No Content Server: nginx/1.20.1 Date: Fri, 02 Jun 2023 11:34:15 GMT Connection: keep-alive Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: content-type Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin: https://javmec.me Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers`

	vast.yomeno.xyz/vast	109.206.175.85	204 No Content	0 B
URL OPTIONS HTTP/2 vast.yomeno.xyz/vast IP 109.206.175.85:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectvast.yomeno.xyz Fingerprint13:5C:08:D5:3E:F3:37:AC:41:C6:11:A5:10:49:63:DF:DB:41:C5:5E ValiditySun, 28 May 2023 03:08:58 GMT - Sat, 26 Aug 2023 03:08:57 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /vast HTTP/1.1 Host: vast.yomeno.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://javmec.me/ Origin: https://javmec.me DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 204 No Content server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:15 GMT access-control-allow-credentials: true access-control-allow-origin: https://javmec.me access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-type: text/plain; charset=utf-8 content-length: 0 X-Firefox-Spdy: h2`

	nereserv.com/in/dip?site=native-push&wl=1&event_id=f53b54df-df1e-40aa-9c9f-f68c7c18b818&subid=764022017&sid=2034687550&spot_id=18793&created_at=2023-06-02&timezone=0&ver=8.66.0&is_native=1	168.119.25.102	200 OK	0 B
URL GET HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=f53b54df-df1e-40aa-9c9f-f68c7c18b818&subid=764022017&sid=2034687550&spot_id=18793&created_at=2023-06-02&timezone=0&ver=8.66.0&is_native=1 IP 168.119.25.102:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectnotification.tubecup.net FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53 ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/dip?site=native-push&wl=1&event_id=f53b54df-df1e-40aa-9c9f-f68c7c18b818&subid=764022017&sid=2034687550&spot_id=18793&created_at=2023-06-02&timezone=0&ver=8.66.0&is_native=1 HTTP/1.1 Host: nereserv.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://javmec.me DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx/1.18.0 date: Fri, 02 Jun 2023 11:34:15 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	hlmiq.com/vu/a/?	142.132.202.70	200 OK	1.0 kB
URL GET HTTP/1.1 hlmiq.com/vu/a/? IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/ Certificate IssuerLet's Encrypt Subjecthlmiq.com Fingerprint76:F7:2B:47:FA:82:52:97:1D:77:80:F9:6D:9F:88:93:BD:70:EB:A4 ValidityTue, 04 Apr 2023 03:48:54 GMT - Mon, 03 Jul 2023 03:48:53 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size 1.0 kB (1029 bytes) Hash b11aca8592b72eb4ff43d4c10842b0d2 d6fef25148df4f0fc2450a5520cbc72f989a2e09 e8a24e8e4fe5eaca5f4cd00957f84f7858f5197a1c897d2d069329acf391bc17 HTTP Headers `GET /vu/a/? HTTP/1.1 Host: hlmiq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/vu/a/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip`

	cb432312b4.fb2d1abede.com/in/multy?spot_size=4&spot_id=18525&subid=1079458676&label=1&session_id=397e1e99-44b1-4879-8769-27f33cebe044&cpa=fb790e73-7576-4ab6-ad61-777d4a7aed55&ver=6.23.0&adblock=0&ad_type=native&iw=210&ih=140&iframe=0&mm=0&pr=&user_keywords=&tag_ab=c&user_fp=0&v2=0&page=https%3A//javmec.me/&device_theme=light&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign=	159.69.163.138	200 OK	0 B
URL OPTIONS HTTP/2 cb432312b4.fb2d1abede.com/in/multy?spot_size=4&spot_id=18525&subid=1079458676&label=1&session_id=397e1e99-44b1-4879-8769-27f33cebe044&cpa=fb790e73-7576-4ab6-ad61-777d4a7aed55&ver=6.23.0&adblock=0&ad_type=native&iw=210&ih=140&iframe=0&mm=0&pr=&user_keywords=&tag_ab=c&user_fp=0&v2=0&page=https%3A//javmec.me/&device_theme=light&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign= IP 159.69.163.138:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /in/multy?spot_size=4&spot_id=18525&subid=1079458676&label=1&session_id=397e1e99-44b1-4879-8769-27f33cebe044&cpa=fb790e73-7576-4ab6-ad61-777d4a7aed55&ver=6.23.0&adblock=0&ad_type=native&iw=210&ih=140&iframe=0&mm=0&pr=&user_keywords=&tag_ab=c&user_fp=0&v2=0&page=https%3A//javmec.me/&device_theme=light&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign= HTTP/1.1 Host: cb432312b4.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://javmec.me/ Origin: https://javmec.me DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:31:41 GMT content-type: application/json; charset=utf-8 content-length: 0 vary: Origin cache-control: no-cache, no-store, must-revalidate, no-transform pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	fp.metricswpsh.com/fp?tag_id=27219	157.90.84.242	200 OK	27 B
URL POST HTTP/1.1 fp.metricswpsh.com/fp?tag_id=27219 IP 157.90.84.242:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectnotification.tubecup.net FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53 ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT File type JSON data\012- , ASCII text Size 27 B (27 bytes) Hash c4bea7951aaa542768f63f72d171ff83 7f57b3ce5d3a9bb0a15c32b34745b0214710e185 d4fbb24457a99cbf28127e8a416979ca0f2ab97c64a59b8d38760c40d4934756 HTTP Headers `POST /fp?tag_id=27219 HTTP/1.1 Host: fp.metricswpsh.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 23166 Origin: https://javmec.me DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: application/json; charset=UTF-8 Content-Length: 27 Connection: keep-alive Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://javmec.me Set-Cookie: id=528038954189083773; Expires=Sat, 01 Jun 2024 11:34:15 GMT; Secure; SameSite=None Vary: Origin`

	hlmiq.com/to2/1xbet/	142.132.202.70		0 B
URL GET hlmiq.com/to2/1xbet/ IP 142.132.202.70:0 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjecthlmiq.com Fingerprint76:F7:2B:47:FA:82:52:97:1D:77:80:F9:6D:9F:88:93:BD:70:EB:A4 ValidityTue, 04 Apr 2023 03:48:54 GMT - Mon, 03 Jul 2023 03:48:53 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /to2/1xbet/ HTTP/1.1 Host: hlmiq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/vu/a/? Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 307 Temporary Redirect Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Referrer-Policy: no-referrer Location: https://1x-xredbet256225.top:443/?tag=s_137887m_355c_`

	hlmiq.com/to2/dhgate/	142.132.202.70		0 B
URL GET hlmiq.com/to2/dhgate/ IP 142.132.202.70:0 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjecthlmiq.com Fingerprint76:F7:2B:47:FA:82:52:97:1D:77:80:F9:6D:9F:88:93:BD:70:EB:A4 ValidityTue, 04 Apr 2023 03:48:54 GMT - Mon, 03 Jul 2023 03:48:53 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /to2/dhgate/ HTTP/1.1 Host: hlmiq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/vu/a/? Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 307 Temporary Redirect Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Referrer-Policy: no-referrer Location: https://www.dhgate.com/?f=bm%7Caff%7Cimpact%7C2334778%7CV-4zKb0wKxyPR7TQ1CxahX8JUkAS6kTOXUjWwE0%7C&irgwc=1`

	fd91b5c89c.fb2d1abede.com/in/multy	94.130.198.6	204 No Content	0 B
URL OPTIONS HTTP/2 fd91b5c89c.fb2d1abede.com/in/multy IP 94.130.198.6:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /in/multy HTTP/1.1 Host: fd91b5c89c.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://javmec.me/ Origin: https://javmec.me DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 204 No Content server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:15 GMT vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	hlmiq.com/to2/semrush.com/	142.132.202.70	307 Temporary Redirect	0 B
URL GET HTTP/1.1 hlmiq.com/to2/semrush.com/ IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjecthlmiq.com Fingerprint76:F7:2B:47:FA:82:52:97:1D:77:80:F9:6D:9F:88:93:BD:70:EB:A4 ValidityTue, 04 Apr 2023 03:48:54 GMT - Mon, 03 Jul 2023 03:48:53 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /to2/semrush.com/ HTTP/1.1 Host: hlmiq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/vu/a/? Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 307 Temporary Redirect Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Referrer-Policy: no-referrer Location: https://www.semrush.com/partner/semrushpro/?irclickid=wYyQQM0wfxyPR7TQ1CxahX8JUkAS6DUWXUjWwE0&utm_source=affiliate&utm_Medium=impact&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact&utm_term=`

	cb432312b4.fb2d1abede.com/in/multy?spot_size=4&spot_id=18525&subid=1079458676&label=1&session_id=397e1e99-44b1-4879-8769-27f33cebe044&cpa=fb790e73-7576-4ab6-ad61-777d4a7aed55&ver=6.23.0&adblock=0&ad_type=native&iw=210&ih=140&iframe=0&mm=0&pr=&user_keywords=&tag_ab=c&user_fp=0&v2=0&page=https%3A//javmec.me/&device_theme=light&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign=	159.69.163.138	200 OK	8.1 kB
URL OPTIONS HTTP/2 cb432312b4.fb2d1abede.com/in/multy?spot_size=4&spot_id=18525&subid=1079458676&label=1&session_id=397e1e99-44b1-4879-8769-27f33cebe044&cpa=fb790e73-7576-4ab6-ad61-777d4a7aed55&ver=6.23.0&adblock=0&ad_type=native&iw=210&ih=140&iframe=0&mm=0&pr=&user_keywords=&tag_ab=c&user_fp=0&v2=0&page=https%3A//javmec.me/&device_theme=light&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign= IP 159.69.163.138:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type JSON data\012- , ASCII text, with very long lines (8131) Size 8.1 kB (8132 bytes) Hash 9be09606479a798a81d6a36ca25ef09d 66cf167e598939551bdb96b276b82d468ab7e3be eb3791fe1afcfa5001cbef44882b0231cdcf8fe72d56a2f437bc37b4b780cdf2 HTTP Headers POST /in/multy?spot_size=4&spot_id=18525&subid=1079458676&label=1&session_id=397e1e99-44b1-4879-8769-27f33cebe044&cpa=fb790e73-7576-4ab6-ad61-777d4a7aed55&ver=6.23.0&adblock=0&ad_type=native&iw=210&ih=140&iframe=0&mm=0&pr=&user_keywords=&tag_ab=c&user_fp=0&v2=0&page=https%3A//javmec.me/&device_theme=light&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign= HTTP/1.1 Host: cb432312b4.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 827 Origin: https://javmec.me DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:31:41 GMT content-type: application/json; charset=utf-8 content-length: 8132 vary: Origin cache-control: no-cache, no-store, must-revalidate, no-transform pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	hlmiq.com/to2/betwinner.com/	142.132.202.70	307 Temporary Redirect	0 B
URL GET HTTP/1.1 hlmiq.com/to2/betwinner.com/ IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjecthlmiq.com Fingerprint76:F7:2B:47:FA:82:52:97:1D:77:80:F9:6D:9F:88:93:BD:70:EB:A4 ValidityTue, 04 Apr 2023 03:48:54 GMT - Mon, 03 Jul 2023 03:48:53 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /to2/betwinner.com/ HTTP/1.1 Host: hlmiq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/vu/a/? Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 307 Temporary Redirect Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Referrer-Policy: no-referrer Location: https://betwinner1.com/pwapp/registration/?btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS`

	crypto.com/app/8mk2bghn8f	104.17.108.60	301 Moved Permanently	0 B
URL GET HTTP/2 crypto.com/app/8mk2bghn8f IP 104.17.108.60:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectcrypto.com FingerprintFE:C9:EF:7F:D2:E4:56:EB:6E:D4:D8:D2:DC:CC:D6:F8:87:6C:3E:3F ValidityMon, 05 Dec 2022 00:00:00 GMT - Tue, 05 Dec 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /app/8mk2bghn8f HTTP/1.1 Host: crypto.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Fri, 02 Jun 2023 11:34:15 GMT content-length: 0 location: https://referral.crypto.com/r/8mk2bghn8f vary: Accept-Encoding set-cookie: __cf_bm=eDZbMbRE19DnHADidWMUACW1uL_uBMLR9rvRjQODFCs-1685705655-0-AT79spgTD4z84TSJyDVofBQEwA9tgT5UAKJYbt2VG+W1IBebeNguuT79xDzeFys8apHKe0RTEwcN2ccxIesZkrc=; path=/; expires=Fri, 02-Jun-23 12:04:15 GMT; domain=.crypto.com; HttpOnly; Secure; SameSite=None _cfuvid=uF5vqU5OMlu9ZSqKmfCgJR1WmsrraDLlkAEK_Vp.G8o-1685705655610-0-604800000; path=/; domain=.crypto.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 7d0f62db7cd0b4fd-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.agoda.com/deals?pcs=1&cid=1818886	23.38.200.217	200 OK	26 kB
URL GET HTTP/2 www.agoda.com/deals?pcs=1&cid=1818886 IP 23.38.200.217:443 ASN #16625 AKAMAI-AS Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subject.agoda.com FingerprintFA:AD:F2:E2:89:B9:3B:E3:66:8C:35:96:9A:52:28:5E:34:82:AD:93 ValiditySat, 08 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33854), with CRLF, LF line terminators Size 26 kB (26387 bytes) Hash c3d73b33e7a7a40f9dfc207886e9a90b a9ea464e7d14f58a6a894857dcdfff2ec33c67fa 56ffe7c00998cde1a6f0eaf46bcb0e16359b09c19855f6eb6369c184ad32dfee HTTP Headers `GET /deals?pcs=1&cid=1818886 HTTP/1.1 Host: www.agoda.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: text/html; charset=utf-8 vary: User-Agent, Accept-Encoding access-control-allow-credentials: true access-control-allow-headers: Content-Type access-control-allow-methods: GET,POST access-control-expose-headers: ag-correlation-id cache-control: no-store, no-cache pragma: no-cache request-context: appId= ag-correlation-id: 48f558a1-936a-400d-8df3-e72598fa5e07 x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us strict-transport-security: max-age=2592000 x-content-type-options: nosniff x-ua-compatible: IE=edge x-frame-options: SAMEORIGIN content-encoding: gzip content-length: 26387 date: Fri, 02 Jun 2023 11:34:15 GMT set-cookie: ASP.NET_SessionId=nb5jjhz1bbhvxoyuce0d1w51; domain=www.agoda.com; path=/; SameSite=Lax; secure; HttpOnly agoda.version.03=CookieId=31e7a2b3-ee34-45b2-8628-7e504efba9e7&TItems=2$1818886$06-02-2023 18:34$06-03-2023 18:34$&DLang=en-us&CurLabel=NOK; domain=.agoda.com; path=/; expires=Sat, 01-Jun-2024 00:00:00 GMT; secure agoda.firstclicks=1818886\|\|\|\|2023-06-02T18:34:15\|\|nb5jjhz1bbhvxoyuce0d1w51\|\|{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Sun, 02-Jun-2024 00:00:00 GMT; secure; HttpOnly agoda.lastclicks=1818886\|\|\|\|2023-06-02T18:34:15\|\|nb5jjhz1bbhvxoyuce0d1w51\|\|{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Sun, 02-Jun-2024 00:00:00 GMT; secure; HttpOnly agoda.landings=1818886\|\|\|nb5jjhz1bbhvxoyuce0d1w51\|2023-06-02T18:34:15\|True\|19----1818886\|\|\|nb5jjhz1bbhvxoyuce0d1w51\|2023-06-02T18:34:15\|True\|20----1818886\|\|\|nb5jjhz1bbhvxoyuce0d1w51\|2023-06-02T18:34:15\|True\|99; domain=.agoda.com; path=/; expires=Sun, 02-Jun-2024 00:00:00 GMT; secure; HttpOnly agoda.attr.03=ATItems=1818886$06-02-2023 18:34$; domain=.agoda.com; path=/; expires=Sun, 02-Jun-2024 00:00:00 GMT; secure; HttpOnly xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYyRDCGHzGB6YY2ivqZVfmBuCFtetpZFHqqVTwzx9BUlJC8P3AAbKP38xzDN9ksMBhQorKMuWDD46xNT714H3kBDYIuL56HVz31-r39oHXhYq_EfhrfbIrmI2gJF48KtE14; path=/; secure; samesite=strict; httponly agoda.analytics=Id=-9142942228448634510&Signature=8646955901427731079&Expiry=1685709255816; domain=.agoda.com; path=/; expires=Fri, 02-Jun-2023 12:34:15 GMT; secure agoda.user.03=UserId=21210c3e-231c-4f8b-ba18-3edb560c4b72; domain=.agoda.com; path=/; expires=Sun, 02-Jun-2024 11:34:15 GMT; secure; SameSite=None agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=.agoda.com; path=/; expires=Sun, 02-Jun-2024 11:34:15 GMT X-Firefox-Spdy: h2

	clicks.pipaffiliates.com/c?c=567219&l=ru&p=0	23.38.200.104		0 B
URL GET clicks.pipaffiliates.com/c?c=567219&l=ru&p=0 IP 23.38.200.104:0 ASN #16625 AKAMAI-AS Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subjecttrading-point.com FingerprintA9:94:C6:37:A4:48:46:89:4E:72:EA:A3:FE:6B:28:31:92:44:6E:A2 ValidityTue, 30 Aug 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /c?c=567219&l=ru&p=0 HTTP/1.1 Host: clicks.pipaffiliates.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 307 Temporary Redirect cache-control: no-cache, no-store, must-revalidate location: https://www.xm.com/affiliate_tracking?affid=1104887&clickid=c73340e7-f59d-490a-a715-6a7fc9fc17fb&oldid=&campaigntype=1&url=https%3A%2F%2Fwww.xm.com%2Fru%2F%3Futm_source%3Dhlmiq.com%26utm_content%3D1104887%26utm_medium%3Daffiliate content-security-policy: default-src 'self' .xm.com data: 'unsafe-inline' 'unsafe-eval' .akamaihd.net .hotjar.com .google-analytics.com .hotjar.io wss://.hotjar.com bam.nr-data.net bam.eu01.nr-data.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .akamaihd.net .googletagmanager.com .google-analytics.com .hotjar.com .newrelic.com bam.nr-data.net bam.eu01.nr-data.net; img-src data:; media-src * data:; frame-src youtube.com www.youtube.com videos.sproutvideo.com; x-content-type-options: nosniff content-length: 0 date: Fri, 02 Jun 2023 11:34:15 GMT set-cookie: JSESSIONID=yePYsni6wmgg76r_BW_uYV7Zrv2QdrhYjebzXt_l.794706-affsrv1; path=/Tracking server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=15, ak_p; desc="468251_388255508_1434145335_9654_9803_13_0";dur=1 strict-transport-security: max-age=15768000 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.14.101		472 B
URL ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash c63c9b8c4b6c3402fd876b1d625bfae7 d766e5a0f398043b8ee9f9e217628bc8dbde5141 f2522dabebab0f1f4fd58d821f5407d4e6870a536b8233474007501f17430fab HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 30 May 2023 23:29:08 GMT Expires: Tue, 06 Jun 2023 23:29:07 GMT Etag: "d766e5a0f398043b8ee9f9e217628bc8dbde5141" Cache-Control: max-age=388522,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d0f62dd5a12b4ff-OSL`

	www.hotelscombined.com/?a_aid=172493	151.101.1.29	302 Found	0 B
URL GET HTTP/2 www.hotelscombined.com/?a_aid=172493 IP 151.101.1.29:443 ASN #54113 FASTLY Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectwww.hotelscombined.com FingerprintFB:61:D9:B6:8A:F1:04:88:73:94:65:D2:00:57:E4:95:74:D4:0B:5E ValidityThu, 18 May 2023 11:08:43 GMT - Wed, 16 Aug 2023 11:08:42 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?a_aid=172493 HTTP/1.1 Host: www.hotelscombined.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found set-cookie: p1.med.token=""; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/ Apache=W1oqmg-AAABiHvjBjU-57-JakRGw; Max-Age=86400000; Expires=Thu, 26 Feb 2026 11:34:15 GMT; Path=/; Secure; HTTPOnly; SameSite=None cluster=4; Max-Age=2700; Expires=Fri, 02 Jun 2023 12:19:15 GMT; Path=/; Secure; HTTPOnly; SameSite=None kayak=HNeZMkRlqHCNqXrlNNic; Max-Age=94608000; Expires=Mon, 01 Jun 2026 11:34:15 GMT; Path=/; Secure; HTTPOnly; SameSite=None p1.med.sid=R-4L6xyrwhwypnJo1IPus3A-6HCbcvFqy3c8mxIdDq2WAiZ5DqW0j9TpHxNKv2bHy; Path=/; Secure; HTTPOnly; SameSite=None kanid=; Path=/; Secure; HTTPOnly; SameSite=None kanlabel=; Path=/; Secure; HTTPOnly; SameSite=None a_aid=; Path=/; Secure; HTTPOnly; SameSite=None brandId=; Path=/; Secure; HTTPOnly; SameSite=None label=; Path=/; Secure; HTTPOnly; SameSite=None kanid=; Path=/; Secure; HTTPOnly; SameSite=None kanlabel=; Path=/; Secure; HTTPOnly; SameSite=None a_aid=; Path=/; Secure; HTTPOnly; SameSite=None brandId=; Path=/; Secure; HTTPOnly; SameSite=None label=; Path=/; Secure; HTTPOnly; SameSite=None languageCode=EN; Max-Age=946080000; Expires=Sun, 25 May 2053 11:34:15 GMT; Path=/; Secure; HTTPOnly; SameSite=None currencyCode=USD; Max-Age=946080000; Expires=Sun, 25 May 2053 11:34:15 GMT; Path=/; Secure; HTTPOnly; SameSite=None kmkid=AgizDM_Ao4QfI4qXykS6mYU; Max-Age=94608000; Expires=Mon, 01 Jun 2026 11:34:15 GMT; Path=/; Secure; HTTPOnly; SameSite=None a_aid=172493; Expires=Sun, 2 Jul 2023 11:34:15 GMT; Path=/; Secure; HttpOnly; SameSite=None brandId=; Expires=1970-01-01T00:00Z; Path=/; Secure; HttpOnly; SameSite=None label=; Expires=1970-01-01T00:00Z; Path=/; Secure; HttpOnly; SameSite=None Mobile=0; Expires=Sun, 2 Jul 2023 11:34:15 GMT; Path=/; Secure; HttpOnly; SameSite=None visitor=id=42975dc5-e66c-47bb-9c40-964deb4b9ad5&tracked=false; Expires=Sun, 2 Jul 2023 11:34:15 GMT; Path=/; Secure; HttpOnly; SameSite=None visit=date=2023-06-02T21:34:15.885858741+10:00&id=b12c9ab2-ce86-4613-98ab-9080ecfdbbe3; Expires=Fri, 2 Jun 2023 15:34:15 GMT; Path=/; Secure; HttpOnly; SameSite=None QueryBasedAffiliate=11; Path=/; Secure; HttpOnly; SameSite=None kayak.mc=ATDiw4_9R-qFAvXKRbjyjh4K2syqZN95ac1H4LOEN0mQ09cHIdElHhiiCNLl5rY7Yg9ecmS-ChrdEWCMZplw5ggtJyl2jdF_KhMBvOolcRfekt8kgw2717_x6rr8ITPgCaRQq5TQB-IbRrIoryjG_7em9ZOPay3t5GgD8J3sTjx5dTtZdwZOY34y6GBnuT3pXLI98eAhvODYdmQcwHfG6lA1AV5_iGJ2H9FFTH1S5ZVzIf7w55DWgluH6XnC12H1fosXjWwM3JgKlLrPeqGVCqW2NSks3qCrUMJvdiExqr2eqnTszawYrQvL_9uwbetQ4g; Max-Age=94608000; Expires=Mon, 01 Jun 2026 11:34:15 GMT; Path=/; Secure; HTTPOnly; SameSite=None mst_iBfK2g=TLll5K01QRIIeZv4_1qHZe297g0oQk94_9P3DVUizV46rnf91s9VQQ76gr_4l_FH9Wyk0Yk5Ej6I4tKVJNA0Fw; Expires=Fri, 02 Jun 2023 11:49:15 GMT; Path=/; HttpOnly content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: origin-when-cross-origin content-security-policy-report-only: default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https: data:; worker-src blob:; report-uri /s/run/cspreport/reportHttp dnt: 1 feature-policy: camera 'none'; microphone 'none'; midi 'none'; usb 'none'; geolocation 'self' location: / server: KAYAK/1.0 x-sn-waf-code: accept-ranges: bytes date: Fri, 02 Jun 2023 11:34:15 GMT content-length: 0 X-Firefox-Spdy: h2

	cb432312b4.fb2d1abede.com/in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoxLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU4MzI5NiwiaWNvbiI6IiIsImlmcmFtZSI6dHJ1ZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6Imh0dHBzOi8vYnRzLnJlZDEyZmx5dzIuc2l0ZS9pbi8yNjQzLz9zcG90X2lkPTE4NTI1XHUwMDI2c291cmNlPTEwNzk0NTg2NzYiLCJpaCI6MTQwLCJpcCI6IjkxLjkwLjQyLjE1NCIsImlwdjYiOiIiLCJpc19jcG0iOjAsImlzX2RlZmF1bHQiOjEsIml3IjoyMTAsImxhYmVsIjoxLCJtbSI6MCwib3NfZmFtaWx5IjoibGludXgiLCJvc190eXBlIjoiY29tcHV0ZXIiLCJwYWdlIjoiaHR0cHM6Ly9qYXZtZWMubWUvIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiMzk3ZTFlOTktNDRiMS00ODc5LTg3NjktMjdmMzNjZWJlMDQ0Iiwic2l0ZSI6Imphdm1lYy5tZSIsInNvdXJjZV9pZCI6MTA3OTQ1ODY3Niwic3BvdF9pZCI6MTg1MjUsInNwb3Rfc2l6ZSI6NCwic3ViIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidGFnX2FiIjoiYyIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidXJsIjoiIiwidXNhZ2VfdHlwZSI6IkRDSCIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MTI2NzI4ODM3MSwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInYyIjowLCJ2ZXIiOiI2LjIzLjAiLCJ2ZXJ0aWNhbF9pZCI6MH0.7CnEwgxI2CWA5vzCaSP8pljayVX_3pKxqp8jePEakEE	159.69.163.138	302 Found	0 B
URL GET HTTP/2 cb432312b4.fb2d1abede.com/in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoxLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU4MzI5NiwiaWNvbiI6IiIsImlmcmFtZSI6dHJ1ZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6Imh0dHBzOi8vYnRzLnJlZDEyZmx5dzIuc2l0ZS9pbi8yNjQzLz9zcG90X2lkPTE4NTI1XHUwMDI2c291cmNlPTEwNzk0NTg2NzYiLCJpaCI6MTQwLCJpcCI6IjkxLjkwLjQyLjE1NCIsImlwdjYiOiIiLCJpc19jcG0iOjAsImlzX2RlZmF1bHQiOjEsIml3IjoyMTAsImxhYmVsIjoxLCJtbSI6MCwib3NfZmFtaWx5IjoibGludXgiLCJvc190eXBlIjoiY29tcHV0ZXIiLCJwYWdlIjoiaHR0cHM6Ly9qYXZtZWMubWUvIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiMzk3ZTFlOTktNDRiMS00ODc5LTg3NjktMjdmMzNjZWJlMDQ0Iiwic2l0ZSI6Imphdm1lYy5tZSIsInNvdXJjZV9pZCI6MTA3OTQ1ODY3Niwic3BvdF9pZCI6MTg1MjUsInNwb3Rfc2l6ZSI6NCwic3ViIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidGFnX2FiIjoiYyIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidXJsIjoiIiwidXNhZ2VfdHlwZSI6IkRDSCIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MTI2NzI4ODM3MSwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInYyIjowLCJ2ZXIiOiI2LjIzLjAiLCJ2ZXJ0aWNhbF9pZCI6MH0.7CnEwgxI2CWA5vzCaSP8pljayVX_3pKxqp8jePEakEE IP 159.69.163.138:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoxLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU4MzI5NiwiaWNvbiI6IiIsImlmcmFtZSI6dHJ1ZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6Imh0dHBzOi8vYnRzLnJlZDEyZmx5dzIuc2l0ZS9pbi8yNjQzLz9zcG90X2lkPTE4NTI1XHUwMDI2c291cmNlPTEwNzk0NTg2NzYiLCJpaCI6MTQwLCJpcCI6IjkxLjkwLjQyLjE1NCIsImlwdjYiOiIiLCJpc19jcG0iOjAsImlzX2RlZmF1bHQiOjEsIml3IjoyMTAsImxhYmVsIjoxLCJtbSI6MCwib3NfZmFtaWx5IjoibGludXgiLCJvc190eXBlIjoiY29tcHV0ZXIiLCJwYWdlIjoiaHR0cHM6Ly9qYXZtZWMubWUvIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiMzk3ZTFlOTktNDRiMS00ODc5LTg3NjktMjdmMzNjZWJlMDQ0Iiwic2l0ZSI6Imphdm1lYy5tZSIsInNvdXJjZV9pZCI6MTA3OTQ1ODY3Niwic3BvdF9pZCI6MTg1MjUsInNwb3Rfc2l6ZSI6NCwic3ViIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidGFnX2FiIjoiYyIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidXJsIjoiIiwidXNhZ2VfdHlwZSI6IkRDSCIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MTI2NzI4ODM3MSwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInYyIjowLCJ2ZXIiOiI2LjIzLjAiLCJ2ZXJ0aWNhbF9pZCI6MH0.7CnEwgxI2CWA5vzCaSP8pljayVX_3pKxqp8jePEakEE HTTP/1.1 Host: cb432312b4.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:31:41 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * location: https://bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676 X-Firefox-Spdy: h2`

	www.binance.com/ru/register?ref=KZTDOPQP	52.84.150.65	301 Moved Permanently	239 B
URL GET HTTP/2 www.binance.com/ru/register?ref=KZTDOPQP IP 52.84.150.65:443 ASN #16509 AMAZON-02 Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subject.binance.com Fingerprint87:DB:96:18:E5:97:9F:DF:5C:02:21:42:BF:53:F3:D6:28:80:19:DA ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 16 Feb 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators Size 239 B (239 bytes) Hash 67194376ec810b1466000b45b043ab94 b5b0840425f5602244750801336e7e8b9efd022f 39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164 HTTP Headers `GET /ru/register?ref=KZTDOPQP HTTP/1.1 Host: www.binance.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently content-type: text/html content-length: 239 location: https://accounts.binance.com/ru/register?ref=KZTDOPQP date: Fri, 02 Jun 2023 11:34:09 GMT server: Tengine cache-control: no-store,max-age=0,must-revalidate x-cache: Hit from cloudfront via: 1.1 dd9044f778a0203632be1c1b84d73ba8.cloudfront.net (CloudFront) x-amz-cf-pop: LHR62-C2 x-amz-cf-id: JFaua3oa48uhSCf9A8pdQDP50mRaVSTvMf1HmBOtoJDeaAzSjBdtVA== age: 6 X-Firefox-Spdy: h2`

	cb432312b4.fb2d1abede.com/in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoyLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU4NzUyOCwiaWNvbiI6IiIsImlmcmFtZSI6dHJ1ZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6Imh0dHBzOi8vYnRzLnJlZDEyZmx5dzIuc2l0ZS9pbi8yNjQzLz9zcG90X2lkPTE4NTI1XHUwMDI2c291cmNlPTEwNzk0NTg2NzYiLCJpaCI6MTQwLCJpcCI6IjkxLjkwLjQyLjE1NCIsImlwdjYiOiIiLCJpc19jcG0iOjAsImlzX2RlZmF1bHQiOjEsIml3IjoyMTAsImxhYmVsIjoxLCJtbSI6MCwib3NfZmFtaWx5IjoibGludXgiLCJvc190eXBlIjoiY29tcHV0ZXIiLCJwYWdlIjoiaHR0cHM6Ly9qYXZtZWMubWUvIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiMzk3ZTFlOTktNDRiMS00ODc5LTg3NjktMjdmMzNjZWJlMDQ0Iiwic2l0ZSI6Imphdm1lYy5tZSIsInNvdXJjZV9pZCI6MTA3OTQ1ODY3Niwic3BvdF9pZCI6MTg1MjUsInNwb3Rfc2l6ZSI6NCwic3ViIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidGFnX2FiIjoiYyIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidXJsIjoiIiwidXNhZ2VfdHlwZSI6IkRDSCIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MTI2NzI4ODM3MSwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInYyIjowLCJ2ZXIiOiI2LjIzLjAiLCJ2ZXJ0aWNhbF9pZCI6MH0.gtSeTlfgK815e5IYZ67nInfrYAHpgVBDOiqk2N6-Bx8	159.69.163.138	302 Found	0 B
URL GET HTTP/2 cb432312b4.fb2d1abede.com/in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoyLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU4NzUyOCwiaWNvbiI6IiIsImlmcmFtZSI6dHJ1ZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6Imh0dHBzOi8vYnRzLnJlZDEyZmx5dzIuc2l0ZS9pbi8yNjQzLz9zcG90X2lkPTE4NTI1XHUwMDI2c291cmNlPTEwNzk0NTg2NzYiLCJpaCI6MTQwLCJpcCI6IjkxLjkwLjQyLjE1NCIsImlwdjYiOiIiLCJpc19jcG0iOjAsImlzX2RlZmF1bHQiOjEsIml3IjoyMTAsImxhYmVsIjoxLCJtbSI6MCwib3NfZmFtaWx5IjoibGludXgiLCJvc190eXBlIjoiY29tcHV0ZXIiLCJwYWdlIjoiaHR0cHM6Ly9qYXZtZWMubWUvIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiMzk3ZTFlOTktNDRiMS00ODc5LTg3NjktMjdmMzNjZWJlMDQ0Iiwic2l0ZSI6Imphdm1lYy5tZSIsInNvdXJjZV9pZCI6MTA3OTQ1ODY3Niwic3BvdF9pZCI6MTg1MjUsInNwb3Rfc2l6ZSI6NCwic3ViIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidGFnX2FiIjoiYyIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidXJsIjoiIiwidXNhZ2VfdHlwZSI6IkRDSCIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MTI2NzI4ODM3MSwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInYyIjowLCJ2ZXIiOiI2LjIzLjAiLCJ2ZXJ0aWNhbF9pZCI6MH0.gtSeTlfgK815e5IYZ67nInfrYAHpgVBDOiqk2N6-Bx8 IP 159.69.163.138:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjoyLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU4NzUyOCwiaWNvbiI6IiIsImlmcmFtZSI6dHJ1ZSwiaWZyYW1lX3JlZGlyZWN0X3VybCI6Imh0dHBzOi8vYnRzLnJlZDEyZmx5dzIuc2l0ZS9pbi8yNjQzLz9zcG90X2lkPTE4NTI1XHUwMDI2c291cmNlPTEwNzk0NTg2NzYiLCJpaCI6MTQwLCJpcCI6IjkxLjkwLjQyLjE1NCIsImlwdjYiOiIiLCJpc19jcG0iOjAsImlzX2RlZmF1bHQiOjEsIml3IjoyMTAsImxhYmVsIjoxLCJtbSI6MCwib3NfZmFtaWx5IjoibGludXgiLCJvc190eXBlIjoiY29tcHV0ZXIiLCJwYWdlIjoiaHR0cHM6Ly9qYXZtZWMubWUvIiwicHJpbWFyeV9yZWZlcnJlciI6IiIsInJlZnJlc2giOjAsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiMzk3ZTFlOTktNDRiMS00ODc5LTg3NjktMjdmMzNjZWJlMDQ0Iiwic2l0ZSI6Imphdm1lYy5tZSIsInNvdXJjZV9pZCI6MTA3OTQ1ODY3Niwic3BvdF9pZCI6MTg1MjUsInNwb3Rfc2l6ZSI6NCwic3ViIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidGFnX2FiIjoiYyIsInRyYWNrX2lkIjoiYXVjdGlvbi1uYXRpdmUtcHJvZC0xIiwidXJsIjoiIiwidXNhZ2VfdHlwZSI6IkRDSCIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwidXNlcl9mcCI6MCwidXNlcl9pZCI6MTI2NzI4ODM3MSwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX3NvdXJjZSI6IiIsInYyIjowLCJ2ZXIiOiI2LjIzLjAiLCJ2ZXJ0aWNhbF9pZCI6MH0.gtSeTlfgK815e5IYZ67nInfrYAHpgVBDOiqk2N6-Bx8 HTTP/1.1 Host: cb432312b4.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:31:41 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * location: https://bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676 X-Firefox-Spdy: h2`

	cb432312b4.fb2d1abede.com/in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjozLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU5MTc2LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9MTg1MjVcdTAwMjZzb3VyY2U9MTA3OTQ1ODY3NiIsImloIjoxNDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIxMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJsaW51eCIsIm9zX3R5cGUiOiJjb21wdXRlciIsInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8iLCJwcmltYXJ5X3JlZmVycmVyIjoiIiwicmVmcmVzaCI6MCwicmVzcG9uc2Vfc2l6ZSI6MCwicm4iOjAsInNlc3Npb25faWQiOiIzOTdlMWU5OS00NGIxLTQ4NzktODc2OS0yN2YzM2NlYmUwNDQiLCJzaXRlIjoiamF2bWVjLm1lIiwic291cmNlX2lkIjoxMDc5NDU4Njc2LCJzcG90X2lkIjoxODUyNSwic3BvdF9zaXplIjo0LCJzdWIiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ0YWdfYWIiOiJjIiwidHJhY2tfaWQiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6MTA5LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTExLjAiLCJ1c2VyX2ZwIjowLCJ1c2VyX2lkIjoxMjY3Mjg4MzcxLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fc291cmNlIjoiIiwidjIiOjAsInZlciI6IjYuMjMuMCIsInZlcnRpY2FsX2lkIjowfQ.fH65pXwKvD4-TldepT_EtpjEwCEc-nmxD1m3kiOMw7E	159.69.163.138	302 Found	0 B
URL GET HTTP/2 cb432312b4.fb2d1abede.com/in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjozLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU5MTc2LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9MTg1MjVcdTAwMjZzb3VyY2U9MTA3OTQ1ODY3NiIsImloIjoxNDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIxMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJsaW51eCIsIm9zX3R5cGUiOiJjb21wdXRlciIsInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8iLCJwcmltYXJ5X3JlZmVycmVyIjoiIiwicmVmcmVzaCI6MCwicmVzcG9uc2Vfc2l6ZSI6MCwicm4iOjAsInNlc3Npb25faWQiOiIzOTdlMWU5OS00NGIxLTQ4NzktODc2OS0yN2YzM2NlYmUwNDQiLCJzaXRlIjoiamF2bWVjLm1lIiwic291cmNlX2lkIjoxMDc5NDU4Njc2LCJzcG90X2lkIjoxODUyNSwic3BvdF9zaXplIjo0LCJzdWIiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ0YWdfYWIiOiJjIiwidHJhY2tfaWQiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6MTA5LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTExLjAiLCJ1c2VyX2ZwIjowLCJ1c2VyX2lkIjoxMjY3Mjg4MzcxLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fc291cmNlIjoiIiwidjIiOjAsInZlciI6IjYuMjMuMCIsInZlcnRpY2FsX2lkIjowfQ.fH65pXwKvD4-TldepT_EtpjEwCEc-nmxD1m3kiOMw7E IP 159.69.163.138:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjozLCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU5MTc2LCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9MTg1MjVcdTAwMjZzb3VyY2U9MTA3OTQ1ODY3NiIsImloIjoxNDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIxMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJsaW51eCIsIm9zX3R5cGUiOiJjb21wdXRlciIsInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8iLCJwcmltYXJ5X3JlZmVycmVyIjoiIiwicmVmcmVzaCI6MCwicmVzcG9uc2Vfc2l6ZSI6MCwicm4iOjAsInNlc3Npb25faWQiOiIzOTdlMWU5OS00NGIxLTQ4NzktODc2OS0yN2YzM2NlYmUwNDQiLCJzaXRlIjoiamF2bWVjLm1lIiwic291cmNlX2lkIjoxMDc5NDU4Njc2LCJzcG90X2lkIjoxODUyNSwic3BvdF9zaXplIjo0LCJzdWIiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ0YWdfYWIiOiJjIiwidHJhY2tfaWQiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6MTA5LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTExLjAiLCJ1c2VyX2ZwIjowLCJ1c2VyX2lkIjoxMjY3Mjg4MzcxLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fc291cmNlIjoiIiwidjIiOjAsInZlciI6IjYuMjMuMCIsInZlcnRpY2FsX2lkIjowfQ.fH65pXwKvD4-TldepT_EtpjEwCEc-nmxD1m3kiOMw7E HTTP/1.1 Host: cb432312b4.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:31:41 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * location: https://bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676 X-Firefox-Spdy: h2`

	login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a	104.110.21.4	200 OK	12 kB
URL GET HTTP/2 login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://javmec.me/ Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11691), with CRLF, LF line terminators Size 12 kB (11956 bytes) Hash 6ec6c049e557a375eed228132c1e9534 75e9f051ea243bdead97dd8f554fa5c2775e34d4 0512e54a5161ef05092bacc0bd7d52d36f4a62e91b3a6e26c36cc873afe4fd68 HTTP Headers GET /?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a HTTP/1.1 Host: login.aliexpress.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Cookie: af_ss_a=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html;charset=UTF-8 vary: Accept-Encoding server: Apache-Coyote/1.1 p3p: CP="CAO PSA OUR" hvn_host: 536633615936324a48737a6a53587557796964666653464d4d565257774d36546d38786b7634413d, 536633615936324a48737a6a53587557796964666653464d4d56553743394e39565378425546593d content-language: en-US content-encoding: gzip eagleeye-traceid: 211b88f116857050002836663e2619 strict-transport-security: max-age=31536000 timing-allow-origin: * content-length: 11956 date: Fri, 02 Jun 2023 11:34:15 GMT set-cookie: aep_usuc_f=site=glo&b_locale=en_US; Expires=Mon, 30 May 2033 11:34:15 GMT; Path=/; Domain=.aliexpress.com e_id=pt100; Expires=Mon, 30 May 2033 11:34:15 GMT; Path=/; Domain=.aliexpress.com server-timing: ak_p; desc="468251_388255175_167398374_35_1250_34_0";dur=1 X-Firefox-Spdy: h2

	ocsp.globalsign.com/alphasslcasha256g4	104.18.21.226		1.4 kB
URL ocsp.globalsign.com/alphasslcasha256g4 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1437 bytes) Hash 0830a61aa295aa00871fd4957d255779 b4371838915f22a53fa7f81b820ef727dd6f1e0b 8946951f8b346971351b093ad2af03fa5363da59026a4eee7d09cbd666910b97 HTTP Headers `POST /alphasslcasha256g4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: application/ocsp-response Content-Length: 1437 Connection: keep-alive Expires: Tue, 06 Jun 2023 09:01:32 GMT ETag: "b4371838915f22a53fa7f81b820ef727dd6f1e0b" Last-Modified: Fri, 02 Jun 2023 09:01:33 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f62dddb590b55-OSL`

	adserver-mb.com/w	176.9.60.211	302 Moved Temporarily	0 B
URL GET HTTP/1.1 adserver-mb.com/w IP 176.9.60.211:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectadserver-mb.com Fingerprint6C:15:32:1D:2F:54:41:CC:30:06:12:BF:8F:B9:AD:7E:5B:81:0C:FA ValidityWed, 05 Apr 2023 08:26:27 GMT - Tue, 04 Jul 2023 08:26:26 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /w HTTP/1.1 Host: adserver-mb.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Moved Temporarily Server: nginx/1.12.2 Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Set-Cookie: qwerty_w=0; expires=Sun, 04-Jun-2023 13:34:15 GMT; Max-Age=180000; path=/ Location: https://hlmiq.com/to2/expedia.no/`

	cb432312b4.fb2d1abede.com/in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo0LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU5NTkxLCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9MTg1MjVcdTAwMjZzb3VyY2U9MTA3OTQ1ODY3NiIsImloIjoxNDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIxMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJsaW51eCIsIm9zX3R5cGUiOiJjb21wdXRlciIsInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8iLCJwcmltYXJ5X3JlZmVycmVyIjoiIiwicmVmcmVzaCI6MCwicmVzcG9uc2Vfc2l6ZSI6MCwicm4iOjAsInNlc3Npb25faWQiOiIzOTdlMWU5OS00NGIxLTQ4NzktODc2OS0yN2YzM2NlYmUwNDQiLCJzaXRlIjoiamF2bWVjLm1lIiwic291cmNlX2lkIjoxMDc5NDU4Njc2LCJzcG90X2lkIjoxODUyNSwic3BvdF9zaXplIjo0LCJzdWIiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ0YWdfYWIiOiJjIiwidHJhY2tfaWQiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6MTA5LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTExLjAiLCJ1c2VyX2ZwIjowLCJ1c2VyX2lkIjoxMjY3Mjg4MzcxLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fc291cmNlIjoiIiwidjIiOjAsInZlciI6IjYuMjMuMCIsInZlcnRpY2FsX2lkIjowfQ.S28Q_IcQhGLEExA_jKItIbR7IRw1yVhguB0SLrFIvlI	159.69.163.138	302 Found	0 B
URL GET HTTP/2 cb432312b4.fb2d1abede.com/in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo0LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU5NTkxLCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9MTg1MjVcdTAwMjZzb3VyY2U9MTA3OTQ1ODY3NiIsImloIjoxNDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIxMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJsaW51eCIsIm9zX3R5cGUiOiJjb21wdXRlciIsInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8iLCJwcmltYXJ5X3JlZmVycmVyIjoiIiwicmVmcmVzaCI6MCwicmVzcG9uc2Vfc2l6ZSI6MCwicm4iOjAsInNlc3Npb25faWQiOiIzOTdlMWU5OS00NGIxLTQ4NzktODc2OS0yN2YzM2NlYmUwNDQiLCJzaXRlIjoiamF2bWVjLm1lIiwic291cmNlX2lkIjoxMDc5NDU4Njc2LCJzcG90X2lkIjoxODUyNSwic3BvdF9zaXplIjo0LCJzdWIiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ0YWdfYWIiOiJjIiwidHJhY2tfaWQiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6MTA5LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTExLjAiLCJ1c2VyX2ZwIjowLCJ1c2VyX2lkIjoxMjY3Mjg4MzcxLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fc291cmNlIjoiIiwidjIiOjAsInZlciI6IjYuMjMuMCIsInZlcnRpY2FsX2lkIjowfQ.S28Q_IcQhGLEExA_jKItIbR7IRw1yVhguB0SLrFIvlI IP 159.69.163.138:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/show/?&cid=14402&session_id=397e1e99-44b1-4879-8769-27f33cebe044&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuNSIsImFkX3Bvc2l0aW9uIjo0LCJhZF90eXBlIjoibmF0aXZlIiwiYWRibG9jayI6MCwiYXVjdGlvbl9pZCI6MzM1NTIzOTA4NCwiYnJvd3Nlcl9mYW1pbHkiOiJGaXJlZm94IiwiYnJvd3Nlcl9uYW1lIjoiRmlyZWZveCAxMTEiLCJjYW1wYWlnbl9pZCI6MTQ0MDIsImNhcnJpZXIiOiItIiwiY2xpY2thZGlsbGFfaWQiOjAsImNsaWNrYWRpbGxhX3NwYWNlX2lkIjowLCJjb3VudHJ5IjoiTk8iLCJjcGMiOjAsImNwbSI6MCwiY3JlYXRpdmVfaWQiOiJkMTIzNDVjcmVhdGl2ZWlmcmFtZSIsImNyZWF0aXZlX3RpdGxlIjoiIiwiZWNwbSI6MC4wMDA5Njk4ODgsImV4dF9jYW1wYWlnbl9pZCI6MCwiZXh0X2NyZWF0aXZlX2lkIjoiIiwiZnJvbV9zdG9yYWdlIjowLCJpYXQiOjE2ODU3MDU2NTUuNTU5NTkxLCJpY29uIjoiIiwiaWZyYW1lIjp0cnVlLCJpZnJhbWVfcmVkaXJlY3RfdXJsIjoiaHR0cHM6Ly9idHMucmVkMTJmbHl3Mi5zaXRlL2luLzI2NDMvP3Nwb3RfaWQ9MTg1MjVcdTAwMjZzb3VyY2U9MTA3OTQ1ODY3NiIsImloIjoxNDAsImlwIjoiOTEuOTAuNDIuMTU0IiwiaXB2NiI6IiIsImlzX2NwbSI6MCwiaXNfZGVmYXVsdCI6MSwiaXciOjIxMCwibGFiZWwiOjEsIm1tIjowLCJvc19mYW1pbHkiOiJsaW51eCIsIm9zX3R5cGUiOiJjb21wdXRlciIsInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8iLCJwcmltYXJ5X3JlZmVycmVyIjoiIiwicmVmcmVzaCI6MCwicmVzcG9uc2Vfc2l6ZSI6MCwicm4iOjAsInNlc3Npb25faWQiOiIzOTdlMWU5OS00NGIxLTQ4NzktODc2OS0yN2YzM2NlYmUwNDQiLCJzaXRlIjoiamF2bWVjLm1lIiwic291cmNlX2lkIjoxMDc5NDU4Njc2LCJzcG90X2lkIjoxODUyNSwic3BvdF9zaXplIjo0LCJzdWIiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ0YWdfYWIiOiJjIiwidHJhY2tfaWQiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kLTEiLCJ1cmwiOiIiLCJ1c2FnZV90eXBlIjoiRENIIiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6MTA5LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTExLjAiLCJ1c2VyX2ZwIjowLCJ1c2VyX2lkIjoxMjY3Mjg4MzcxLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fc291cmNlIjoiIiwidjIiOjAsInZlciI6IjYuMjMuMCIsInZlcnRpY2FsX2lkIjowfQ.S28Q_IcQhGLEExA_jKItIbR7IRw1yVhguB0SLrFIvlI HTTP/1.1 Host: cb432312b4.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:31:41 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * location: https://bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676 X-Firefox-Spdy: h2`

	javmec.me/assets/css/bootstrap.min.css	188.114.96.1	200 OK	19 kB
URL GET HTTP/3 javmec.me/assets/css/bootstrap.min.css IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type ASCII text, with very long lines (65371) Size 19 kB (19265 bytes) Hash 3ab3438f85ad9f9e27e1af1facf0a9c4 8bec1bba3e23ecba22cffb197a2d440af410b15d d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9 HTTP Headers `GET /assets/css/bootstrap.min.css HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: text/css vary: Accept-Encoding, Accept-Encoding last-modified: Fri, 30 Nov 2018 23:09:08 GMT etag: W/"5c01c314-1bb5a" expires: Sun, 02 Jul 2023 02:54:26 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29015 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Kwxflsg7oHWa6h%2BTow3GNifPKcm1buABkBK72IhNtendweQ2yl6Ew6mMO1DEynpgP7MwbC5hqxYXLMg6OX2eHcmZcSI56BUeHXcO557DdPGHLsn4xunxphxg54%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c88e8f0b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	www.exness.com/a/vps0b6j3	45.60.78.64	301 Moved Permanently	0 B
URL GET HTTP/2 www.exness.com/a/vps0b6j3 IP 45.60.78.64:443 ASN #19551 INCAPSULA Requested by https://hlmiq.com/vu/a/? Certificate IssuerSectigo Limited Subjectwww.exness.com FingerprintFB:2D:29:6E:CF:0C:28:BB:4B:73:07:BA:67:BD:82:31:84:95:7E:FF ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /a/vps0b6j3 HTTP/1.1 Host: www.exness.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=utf-8 content-length: 0 location: https://www.exness.com/?utm_source=partners&_8f4x=1 expires: Fri, 02 Jun 2023 11:34:16 GMT cache-control: max-age=0, no-cache, no-store, must-revalidate, private set-cookie: track_uid=5947166a-e06d-493e-bdbe-a4cedce335b6; Domain=.exness.com; expires=Mon, 30 May 2033 11:34:16 GMT; Max-Age=315360000; Path=/; SameSite=Lax track_uid=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ agent=vps0b6j3; Domain=.exness.com; expires=Thu, 31 Aug 2023 11:34:16 GMT; Max-Age=7776000; Path=/; SameSite=Lax agent=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ agent_timestamp=1685705656011; Domain=.exness.com; expires=Thu, 31 Aug 2023 11:34:16 GMT; Max-Age=7776000; Path=/; SameSite=Lax agent_timestamp=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ agent_platform=mt4; Domain=.exness.com; expires=Thu, 31 Aug 2023 11:34:16 GMT; Max-Age=7776000; Path=/; SameSite=Lax agent_platform=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ agent_link="/a/vps0b6j3"; Domain=.exness.com; expires=Thu, 31 Aug 2023 11:34:16 GMT; Max-Age=7776000; Path=/; SameSite=Lax agent_link=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ agent_full_path="/a/vps0b6j3"; Domain=.exness.com; expires=Thu, 31 Aug 2023 11:34:16 GMT; Max-Age=7776000; Path=/; SameSite=Lax agent_full_path=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ partnercode_enabled=true; Domain=.exness.com; expires=Thu, 31 Aug 2023 11:34:16 GMT; Max-Age=7776000; Path=/; SameSite=Lax partnercode_enabled=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/ nlbi_961876=WEFZWYCyo0nq5dr0zTYrKwAAAACDoL62WJKMxBXuWDFmhkGZ; path=/; Domain=.exness.com visid_incap_961876=UkxTvLsWQE6IQUu9cuJts7fTeWQAAAAAQUIPAAAAAADeKuym2GG4W6DdKXNuc7Mt; expires=Fri, 31 May 2024 22:36:05 GMT; HttpOnly; path=/; Domain=.exness.com incap_ses_633_961876=fEVVeDVLilYe/Rhuwd7ICLfTeWQAAAAAjPdR+wGdyXJ/katJdvNzhQ==; path=/; Domain=.exness.com strict-transport-security: max-age=15724800; includeSubDomains x-content-type-options: nosniff x-cdn: Imperva x-iinfo: 4-2410165-2409664 pNNN RT(1685705655064 408) q(0 0 0 0) r(1 1) U11 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.14.101		472 B
URL ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 16904e2a252f35d362d1ef6386c43b43 370b8bc73cdc73a243e019e3f658d3a40df09e16 32adb79931a77edcc923ed54e94cf0046bdc9642a48cba13904e2db11c99104d HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:16 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Thu, 01 Jun 2023 21:51:30 GMT Expires: Thu, 08 Jun 2023 21:51:29 GMT Etag: "370b8bc73cdc73a243e019e3f658d3a40df09e16" Cache-Control: max-age=556580,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d0f62de0adcb4ff-OSL`

	remitano.com/join/2716653	104.18.28.12	302 Found	33 B
URL GET HTTP/2 remitano.com/join/2716653 IP 104.18.28.12:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoogle Trust Services LLC Subjectremitano.com Fingerprint92:63:B3:48:F0:BF:85:DE:3B:8C:DA:9A:20:10:FB:66:A6:B0:6A:4F ValiditySat, 06 May 2023 12:21:11 GMT - Fri, 04 Aug 2023 12:21:10 GMT File type ASCII text, with no line terminators Size 33 B (33 bytes) Hash a5e266c7e391c087ec1d4de4f2ca48bb 4693e7df695e535f6b48b67a1044cb7a06bf20e3 c08cf3004a2dc13329819608ace988d3af52cc092f27bc4e7f7d9f8e43a1c69c HTTP Headers `GET /join/2716653 HTTP/1.1 Host: remitano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/plain; charset=utf-8 content-length: 33 x-powered-by: Remitano referrer-policy: strict-origin-when-cross-origin content-security-policy: default-src * 'self' https: wss: data: blob: 'unsafe-inline' 'unsafe-eval' permissions-policy: camera=(*) location: /home/login vary: Accept cf-cache-status: DYNAMIC set-cookie: AWSALB=mVhjGb/RoXBMmo7pn2/tGrhKOaoWfY2l/UMiaXOnBYPRPLC1tc8mZ6kQun12kF6VRSQe56zcbhX9Us+3I3UmvIf3FPLnJWTaLEiAiNqSL2uFFzSRM5qjwlLfKt85; Expires=Fri, 09 Jun 2023 11:34:15 GMT; Path=/ AWSALBCORS=mVhjGb/RoXBMmo7pn2/tGrhKOaoWfY2l/UMiaXOnBYPRPLC1tc8mZ6kQun12kF6VRSQe56zcbhX9Us+3I3UmvIf3FPLnJWTaLEiAiNqSL2uFFzSRM5qjwlLfKt85; Expires=Fri, 09 Jun 2023 11:34:15 GMT; Path=/; SameSite=None; Secure AWSALB=r5QM2lnPJjmiEj+I6h/qstsYqqvpjpNZC6iSzO9oOyp4aGMUoLwzqufVJ2YzacuE+XJemb8dxKt35qNB3lT/iFxG5Bs6zCU2LKS+RUd/uuuvhWrjc4GNERRHfTmQ; Expires=Fri, 09 Jun 2023 11:34:15 GMT; Path=/ AWSALBCORS=r5QM2lnPJjmiEj+I6h/qstsYqqvpjpNZC6iSzO9oOyp4aGMUoLwzqufVJ2YzacuE+XJemb8dxKt35qNB3lT/iFxG5Bs6zCU2LKS+RUd/uuuvhWrjc4GNERRHfTmQ; Expires=Fri, 09 Jun 2023 11:34:15 GMT; Path=/; SameSite=None; Secure connect.sid=s%3AtzrG0GzBaQ47_ACPUu1_h-pcTpqvEwPQ.MlXdchaX0TCcHS3wZJ1BdZOCA8nG5j5Rlz6Ci7ZRWc8; Path=/; Expires=Sat, 03 Jun 2023 11:34:15 GMT; HttpOnly __cf_bm=KTwdBdJvFBgx0Yw4zBYmQJ1pXoHqQN7hDu56McDazds-1685705656-0-AUyIp6IDNTjABf9Oc7HY53wVFP6CARN4Fy4Zby3CRASaaYpJwOU1PZBleMAvQgBOXOfmoZCgyMNkM9c7FM4Zeu8=; path=/; expires=Fri, 02-Jun-23 12:04:16 GMT; domain=.remitano.com; HttpOnly; Secure; SameSite=None _cfuvid=a_xXrpBNRu34xz5CUpjNAA2L_PhtW9YyARj_UGsH158-1685705656042-0-604800000; path=/; domain=.remitano.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 7d0f62dd4e71b517-OSL X-Firefox-Spdy: h2

	1x-xredbet256225.top/?tag=s_137887m_355c_	178.253.47.30		84 B
URL GET 1x-xredbet256225.top/?tag=s_137887m_355c_ IP 178.253.47.30:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subject.1x-xredbet256225.top Fingerprint95:4B:F1:1A:E5:CE:18:52:1E:E9:07:7F:D0:8F:B7:5C:78:6E:CA:0A ValidityTue, 21 Mar 2023 01:05:03 GMT - Mon, 19 Jun 2023 01:05:02 GMT File type HTML document, ASCII text Size 84 B (84 bytes) Hash 1eafefc43b27eb058194b67c0da24611 052249d00715c286e624ecd195b18082cc758f12 c0e05e4618cacd78b810681c3c3b4de384cd359dba86e3676f643ff1365d28f0 HTTP Headers `GET /?tag=s_137887m_355c_ HTTP/1.1 Host: 1x-xredbet256225.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 307 Temporary Redirect server: nginx date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=utf-8 content-length: 84 location: https://lite-1x69818824.top/?tag=s_137887m_355c_ x-reason: 1080 x-request-id: 22912a8e08118b04fd44d69d4ec74841 strict-transport-security: max-age=63072000; includeSubDomains; preload set-cookie: auid=sv0vHmR507h09HOYAyh6Ag==; path=/; secure; httponly; samesite=lax X-Firefox-Spdy: h2`

	www.instaforex.org/?x=LVYG	195.201.188.46	301 Moved Permanently	0 B
URL GET HTTP/2 www.instaforex.org/?x=LVYG IP 195.201.188.46:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectinstaforex.org Fingerprint7C:99:64:79:61:BB:CF:62:34:52:D0:57:CD:C9:9B:64:DE:35:93:0D ValiditySun, 09 Apr 2023 12:00:19 GMT - Sat, 08 Jul 2023 12:00:18 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?x=LVYG HTTP/1.1 Host: www.instaforex.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 301 Moved Permanently server: nginx date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 content-length: 0 x-powered-by: PHP/7.3.33 location: https://instaforex.org/?x=LVYG expires: Fri, 02 Jun 2023 11:34:15 GMT cache-control: no-cache strict-transport-security: max-age=31536000; x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block X-Firefox-Spdy: h2`

	bongacams.com/track?c=287325	195.85.23.89	302 Found	138 B
URL GET HTTP/2 bongacams.com/track?c=287325 IP 195.85.23.89:443 ASN #209242 Cloudflare London, LLC Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoGetSSL Subject.bongacams.com FingerprintD8:5F:95:AA:A0:73:63:73:18:46:DC:8F:4A:5F:D1:BA:94:17:B0:68 ValidityMon, 03 Apr 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 138 B (138 bytes) Hash aff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0 HTTP Headers `GET /track?c=287325 HTTP/1.1 Host: bongacams.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html content-length: 138 location: https://bngtrak.com/hit.php?c=287325 x-bc: ded7850 x-zone: 5a-web51 cf-cache-status: DYNAMIC set-cookie: __cf_bm=OuGrrI.593_aD9g.FL3KV.dklr34tslEjPWxbJGL68g-1685705656-0-AXn8KEQoUHqYGfQaO7PJ/0W55UzssLL9kFtX8PgM1hKvKIX+8B/BHIXCJkzFAn0/wjyjYgUczwBFYDeD1wxwRKU=; path=/; expires=Fri, 02-Jun-23 12:04:16 GMT; domain=.bongacams.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 7d0f62de58aab518-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	fd91b5c89c.fb2d1abede.com/in/multy	94.130.198.6	204 No Content	25 kB
URL OPTIONS HTTP/2 fd91b5c89c.fb2d1abede.com/in/multy IP 94.130.198.6:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (25115), with no line terminators Size 25 kB (25117 bytes) Hash 1933b18bda2d7e6a6ffcdec6557dd760 65c92c6ae75643de9e3c030f83a34dfa7869a844 d6f3b476de286ca63601b871867ed89307ade2cc1747f5649c43ca6642812f5a HTTP Headers `POST /in/multy HTTP/1.1 Host: fd91b5c89c.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 1767 Origin: https://javmec.me DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: application/json content-length: 25117 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	cex.io/	104.22.49.167		9.8 kB
URL GET cex.io/ IP 104.22.49.167:0 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerSectigo Limited Subjectcex.io Fingerprint65:B3:50:7E:A8:CD:D7:1C:F7:27:ED:D5:DF:0C:33:48:81:E5:B1:3A ValidityMon, 05 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40642) Size 9.8 kB (9754 bytes) Hash fe178f188db626e6c587af1aa960f716 b3399b97f31a392696e76a68bd2a7e966ce9a10d f4e31c72a143709a0d5e0d746f89a85131ee857326a7721e8f98f325e0c2c352 HTTP Headers `GET / HTTP/1.1 Host: cex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Cookie: cex-session=s%3Adg66WT2dQOG3H3rOGfImF5MF.xwMACHbw2eAk0NjnZAHNIGzgEMEAfi3Ib7WOdgMrgdQ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62ddbb450b55-OSL content-encoding: br X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 753842b09f076b939357f60b60413441 ec9c175cca69824cb88322ad59320d3fa408fed8 0a86ea4c305d52d1fada65b6b1ec658d35daf4ec59acb467ff194ca5ccc28c6f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Jun 2023 11:34:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.dhgate.com/?f=bm%7Caff%7Cimpact%7C2334778%7CV-4zKb0wKxyPR7TQ1CxahX8JUkAS6kTOXUjWwE0%7C&irgwc=1	104.110.18.132		18 kB
URL GET www.dhgate.com/?f=bm%7Caff%7Cimpact%7C2334778%7CV-4zKb0wKxyPR7TQ1CxahX8JUkAS6kTOXUjWwE0%7C&irgwc=1 IP 104.110.18.132:0 ASN #16625 AKAMAI-AS Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subject.dhgate.com Fingerprint5D:AF:A8:9C:6F:D8:0B:C5:7B:0F:4F:CA:84:E9:66:F9:28:B0:33:AE ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1209), with CRLF, LF line terminators Size 18 kB (17881 bytes) Hash 421b8e7be3d8c38f0c7bdcb84b837d65 f534b66ae99c96a8b5acef0b0eddb039f0488095 1fe60eb074cffc7e6f06315f393a0345582d83a07f0a1fed78117024317de164 HTTP Headers `GET /?f=bm%7Caff%7Cimpact%7C2334778%7CV-4zKb0wKxyPR7TQ1CxahX8JUkAS6kTOXUjWwE0%7C&irgwc=1 HTTP/1.1 Host: www.dhgate.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: openresty content-type: text/html; charset=utf-8 content-language: en-US referrer-policy: no-referrer-when-downgrade srv_id: 172.18.223.161:80 strict-transport-security: max-age=63072000; includeSubdomains; preload x-akamai-transformed: 9 17620 0 pmb=mTOE,3 content-encoding: gzip date: Fri, 02 Jun 2023 11:34:16 GMT content-length: 17881 set-cookie: b2b_ip_country=NO; Domain=dhgate.com; Expires=Sun, 02-Jul-23 11:34:16 GMT; Path=/ b2b_ship_country=NO; Domain=dhgate.com; Expires=Sun, 02-Jul-23 11:34:16 GMT; Path=/ last_choice=0; Domain=dhgate.com; Expires=Sun, 02-Jul-23 11:34:16 GMT; Path=/ ref_f=bm%7Caff%7Cimpact%7C2334778%7CV-4zKb0wKxyPR7TQ1CxahX8JUkAS6kTOXUjWwE0%7C;Domain=dhgate.com; Expires=Sun, 02-Jul-23 11:34:16 GMT; Path=/ ref_f_full=%7B%22f%22%3A%22bm%257Caff%257Cimpact%257C2334778%257CV-4zKb0wKxyPR7TQ1CxahX8JUkAS6kTOXUjWwE0%257C%22%2C%22utm%5Fsource%22%3A%22%22%2C%22utm%5Fmedium%22%3A%22%22%2C%22utm%5Fcampaign%22%3A%22%22%2C%22utm%5Fterm%22%3A%22%22%2C%22utm%5Fcontent%22%3A%22%22%2C%22cst1%22%3A%22%22%2C%22cst2%22%3A%22%22%7D; Domain=dhgate.com; Expires=Sun, 02-Jul-23 11:34:16 GMT; Path=/ vid=rBIKaGR507h2hWh/EsaWAg==; expires=Thu, 26-Feb-26 11:34:16 GMT; domain=dhgate.com; path=/ _abck=557E381BDE4A0A51AB09B197BF5669F1~-1~YAAQvk0kF7HZb2+IAQAACwjjewmAmJCDWPXRp6rWyS44ljH8xfNtCwn72/z7RcV4Hlck4jwPJDtq81ILHrE+gZqoVYf8Y+Fn/bjx5t/ZuInR55hD0WVkKa6sm4vq6LjqYp+gtp7IPVQjpOgYdIQAYic5jOnDgAoGjOMg2AuRwK9Sv3ltGbBtPJ0T402/TICDXqyb+JBNBpgwdoP6m7GepaneXq79wJi0oZHFiQS11Rb1F6OpAWAp8QwDujZUSdNfGm2BikBIQlvrW378K8L5jQplbC8uGsfKMXrij5oa9WhsBk5N6oKg7jPrjaU9Nu/wEdP0FcQE+ZAIgA0tqQo8sSqUNahVeIva3aq1PsegS8g+Kbvbss0tITdxgwU=~-1~-1~-1; Domain=.dhgate.com; Path=/; Expires=Sat, 01 Jun 2024 11:34:16 GMT; Max-Age=31536000; Secure ak_bmsc=0112869B2DFB2FA99B6881A1A6F2759B~000000000000000000000000000000~YAAQvk0kF7LZb2+IAQAACwjjexNfX9tO0LQg1EdJuJXxF8wYFUX2yCeXuTRmL4LeFIeEiLgG0VQq6i8fZNZNH6hm3qYw+pJ9C+VSC0EhcIB3kmCIFGL32LlJQuQ97keksU7YBDlWqV4iz83hITBq7ux5cuFVCkZg8CwoQvsVa2fX78af8Xy4zEc0XLRagyWtGekBDN4jSwlA2tHs881Yv7DP5LUlAoj8b34d64pz6e5jUsyD5nf6v12Y9+vLeWdq3gr96hazXQ8NcpOj7iNgMGAzgNFch9QpvdkFnMoa2nnz1WpfJVqIvkSMrS5gS1FmufrLcocWnyp0TEEk1IHf/wIS2YeN6/KZ3kcRcRV7ZSU0+t6N0eebB2o9yITGm+nfvVCQ/mQF; Domain=.dhgate.com; Path=/; Expires=Fri, 02 Jun 2023 13:34:16 GMT; Max-Age=7200; HttpOnly bm_mi=3954BEAC9B259789E5050397CB6582EF~YAAQvk0kF7PZb2+IAQAACwjjexMYIDcOTOqGk0jVuv+mlSts7mdF0qs3eNhTGpCLkia4Upo/DX6ob/J+SD6udoPcQGzUTmQI4USMbKidEr6QUEJMhYve17AT0ZdihFAC3D2IswIuNG5EFWuAgDzTELR03Uw1T7n3hE2Jo/V0nX3hbhvYq7nII7ChaRsFCrdE62D2dzDWu4Yw8gloE5p0f84IgO0wL5e/Eugcsv0j3gOHUuuTfGGvQXjvMBGt+YyegfYmJj8+1roRc0+3if440yXliWM5SV4UMIlPQUoM0gUjtuNaNn11mEfWFIWbHA==~1; Domain=.dhgate.com; Path=/; Expires=Fri, 02 Jun 2023 11:34:16 GMT; Max-Age=0; Secure bm_sz=79F4B6C63599F43BAB94C38AF8565DD0~YAAQvk0kF7TZb2+IAQAACwjjexNxwaZDU9dUrCSb/q2LBBXfA1z0940MnER91HWirZMkDtwIib/mAHXoug/S/+KdaZ1/XzWvhqog19X0i/h3ZCODjKdyqgQZxC82zwvDl+UV/K+6Hc7KnkJsF+V8eMGxS/3nNUV6ZITXX0u4lLNG43TbA/Klv4vFNdDHHdaMf9tWSHHA/wbQgPJerHOUlGs/XS5jfszTsWCB4/VVlN5asqJ2XfwDOrTc5Pk+DXG3P1/vs4iTD+C7xm9UT3GjNUA2mf8KikuY4ViG4O/XGT7AH3M=~3621189~3553589; Domain=.dhgate.com; Path=/; Expires=Fri, 02 Jun 2023 15:34:16 GMT; Max-Age=14400 vary: Accept-Encoding, User-Agent server-timing: ak_p; desc="468251_388255166_54441925_25624_8399_2_0";dur=1 X-Firefox-Spdy: h2

	ocsp2.globalsign.com/gsorganizationvalsha2g2	104.18.20.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g2 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1459 bytes) Hash a2346148d7a286904a98a468f8334e00 1adde87e63548ab1b3c01dbe2f2e7b6a5126d172 0890ed5cabfd327520b229acdf27f6c1d94ae613baaa5f7fda0bd6dfcb3080c6 HTTP Headers `POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:16 GMT Content-Type: application/ocsp-response Content-Length: 1459 Connection: keep-alive Expires: Tue, 06 Jun 2023 09:20:59 GMT ETag: "1adde87e63548ab1b3c01dbe2f2e7b6a5126d172" Last-Modified: Fri, 02 Jun 2023 09:21:00 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2391 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f62e08d20b4f7-OSL`

	www.xm.com/affiliate_tracking?affid=1104887&clickid=c73340e7-f59d-490a-a715-6a7fc9fc17fb&oldid=&campaigntype=1&url=https%3A%2F%2Fwww.xm.com%2Fru%2F%3Futm_source%3Dhlmiq.com%26utm_content%3D1104887%26utm_medium%3Daffiliate	23.38.200.104		0 B
URL GET www.xm.com/affiliate_tracking?affid=1104887&clickid=c73340e7-f59d-490a-a715-6a7fc9fc17fb&oldid=&campaigntype=1&url=https%3A%2F%2Fwww.xm.com%2Fru%2F%3Futm_source%3Dhlmiq.com%26utm_content%3D1104887%26utm_medium%3Daffiliate IP 23.38.200.104:0 ASN #16625 AKAMAI-AS Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subjecttrading-point.com FingerprintA9:94:C6:37:A4:48:46:89:4E:72:EA:A3:FE:6B:28:31:92:44:6E:A2 ValidityTue, 30 Aug 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /affiliate_tracking?affid=1104887&clickid=c73340e7-f59d-490a-a715-6a7fc9fc17fb&oldid=&campaigntype=1&url=https%3A%2F%2Fwww.xm.com%2Fru%2F%3Futm_source%3Dhlmiq.com%26utm_content%3D1104887%26utm_medium%3Daffiliate HTTP/1.1 Host: www.xm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 302 Found server: AkamaiGHost content-length: 0 location: https://www.xm.com/ru/?utm_source=hlmiq.com&utm_content=1104887&utm_medium=affiliate date: Fri, 02 Jun 2023 11:34:16 GMT set-cookie: affid=1104887; expires=Sat, 17-Jun-2023 11:34:16 GMT; path=/; domain=.xm.com affidts=1685705656; expires=Sat, 17-Jun-2023 11:34:16 GMT; path=/; domain=.xm.com clickid=c73340e7-f59d-490a-a715-6a7fc9fc17fb; expires=Sat, 17-Jun-2023 11:34:16 GMT; path=/; domain=.xm.com clickidts=1685705656; expires=Sat, 17-Jun-2023 11:34:16 GMT; path=/; domain=.xm.com _abck=E6A7F4B4CB7ADC8EFEB82489717B9702~-1~YAAQFE8kF9k04m+IAQAAowjjewkq4v6Wo3RsVD0cc98Jp0ocQH5b0wEyp61lws3V76xGOmpNzAZNCv21uHg+teZxLzNZ6OGmMtpUA4vrXE72tx2gqSGUo2IImUK4VJ5ZKorgGv68ayFGjW82ArZgRgd8DSECAWZPToY8CWY9zfjpreOZP3CQvawEzqRmBwijKIdPKFCqnRgZiG1gGxXLfQDULiaVkuk+uOpxJjx7y0v+uo/OkuwM7w1d+/wyQillnNarLga+O7OIsPMjJhQH41jeq8aTs8L+KKeqMIHoIa/XqP97K423/NWxCZEKwOCCc/kBhKuyWFZv58X6XZ8O/o78SYCawB+EzywseVwLc5hHOoDq9o3jRg==~-1~-1~-1; Domain=.xm.com; Path=/; Expires=Sat, 01 Jun 2024 11:34:16 GMT; Max-Age=31536000; Secure bm_sz=FB62741EF90DE91232786A2508C28D5D~YAAQFE8kF9o04m+IAQAAowjjexPtGPHgYGsEMtFXv5yVTEdshpH5Y7QqLPRmsErVZT4XMlzr5N3ZdkA3Oza9C6sPp6OUxlG/Ew0RdjcxoI3/3ERkQqb9ROKrOk9oo9Hcl0mnZO0uuiWtHGzBCQAaxMxBijR1ZZ60zuM2yVRyS2r3Yi9wYLmvg/7PoBz9tbU8yqOip7YRf23lxd2mcSCk3bi0cOTI8MGqxNtSejWD7vOLzFJCQDc3Gt0TDr8j+BqY2crHc0vWRAjSqigDyASZC7vMlQ9LdEm97fUwbCfZMA==~3227956~4535107; Domain=.xm.com; Path=/; Expires=Fri, 02 Jun 2023 15:34:16 GMT; Max-Age=14400 server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468251_388255508_1434152375_14_16285_11_0";dur=1 strict-transport-security: max-age=15768000 X-Firefox-Spdy: h2

	ocsp.dcocsp.cn/	47.246.44.225		471 B
URL ocsp.dcocsp.cn/ IP 47.246.44.225:0 ASN #24429 Zhejiang Taobao Network Co.,Ltd File type data Size 471 B (471 bytes) Hash 5f2b4b31ea8aecff85ae6b66866d1a97 f815ab4e67c55f5edc9356c08f520c79993363a3 2edea1e881d6d05bdcd1e118151dbd3eb5bc0125cbedd5fe2be1d5986b27bbe4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Tengine Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Date: Fri, 02 Jun 2023 10:46:50 GMT Ali-Swift-Global-Savetime: 1685702810 Via: cache21.l2de2[0,0,200-0,H], cache17.l2de2[1,0], cache2.se1[0,0,200-0,H], cache2.se1[2,0] Age: 2846 X-Cache: HIT TCP_MEM_HIT dirn:3:170444227 X-Swift-SaveTime: Fri, 02 Jun 2023 10:59:04 GMT X-Swift-CacheTime: 2866 Timing-Allow-Origin: * EagleId: 2ff62c9616857056564767153e`

	changelly.com/?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f	172.67.72.173	200 OK	27 kB
URL GET HTTP/2 changelly.com/?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f IP 172.67.72.173:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectchangelly.com Fingerprint69:E8:69:4C:FA:BD:9E:5E:39:97:B8:44:39:CB:ED:51:4F:BC:DB:59 ValidityFri, 30 Sep 2022 00:00:00 GMT - Sat, 30 Sep 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40715) Size 27 kB (27077 bytes) Hash 5703df6651ed884bb4c86f0b4c0a4d59 422612986d01ca26a00e42d74035daf5b0b7e0e7 74a07074031f611c206c6159e38d20012166aae8f53b56bc141894face4fa3be HTTP Headers `GET /?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f HTTP/1.1 Host: changelly.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html; charset=utf-8 set-cookie: wtpExperiment=4; Max-Age=16070400; Domain=.changelly.com; Path=/; Expires=Tue, 05 Dec 2023 11:34:15 GMT; Secure; SameSite=None Promocodes_ABvariant=default; Max-Age=5356800; Domain=.changelly.com; Path=/; Expires=Thu, 03 Aug 2023 11:34:15 GMT; Secure; SameSite=None ProShowing_ABvariant=default; Max-Age=5356800; Domain=.changelly.com; Path=/; Expires=Thu, 03 Aug 2023 11:34:15 GMT; Secure; SameSite=None Is_ProShowing_ABvariant_Send=false; Max-Age=5356800; Domain=.changelly.com; Path=/; Expires=Thu, 03 Aug 2023 11:34:15 GMT; Secure; SameSite=None AggregatorRedirect_ABvariant=default; Max-Age=5356800; Domain=.changelly.com; Path=/; Expires=Thu, 03 Aug 2023 11:34:15 GMT; Secure; SameSite=None first_visit_by_promo=1; Max-Age=5356800; Domain=.changelly.com; Path=/; Expires=Thu, 03 Aug 2023 11:34:15 GMT; Secure; SameSite=None device_id=46ebf22b-273e-4789-ba0e-026fe74f0d2d; Max-Age=32140800; Domain=.changelly.com; Path=/; Expires=Sat, 08 Jun 2024 11:34:15 GMT; Secure; SameSite=None ref_id=t68bpi9bnrma1q8f; Domain=.changelly.com; Path=/; Secure; SameSite=None affise_data=; Domain=.changelly.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Secure; SameSite=None ipcountry=NO; Max-Age=2678400; Domain=.changelly.com; Path=/; Expires=Mon, 03 Jul 2023 11:34:15 GMT; Secure; SameSite=None time=1685705655587; Domain=.changelly.com; Path=/; Secure; SameSite=None __zrtbanner49=0512d07b-870b-4344-9924-842775a4f229; Max-Age=7776000; Domain=.changelly.com; Path=/; Expires=Thu, 31 Aug 2023 11:34:15 GMT; HttpOnly; Secure; SameSite=None x-nextjs-cache: HIT cache-control: s-maxage=900, stale-while-revalidate strict-transport-security: max-age=31536000; includeSubdomains; x-frame-options: DENY x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QorlohGmK32gQeSbru%2BPUh622YqZd8RBnow3As83rpOtyaH7mReFzPSLtfdSUE3bvifEts%2FG6ruyTTSe5jn6d8vuKHbRnWpvtR2F0YcVEx7C9T8TDzoid7zolXDI1sM%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62db18cf0b55-OSL content-encoding: br X-Firefox-Spdy: h2

	fd91b5c89c.fb2d1abede.com/in/show/?mid=7782176240244809520&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=764022017&sid=2034687550&cid=14080&price=0.0008040000381879508&is_cpm=0&cpm=0&ecpm=0.011821774103467127&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=1&ver=8.66.0&ver_c=&refdom=javmec.me&hostname=auc-inpage-hz-0-a&site_id=3118793&spot_id=18793&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1685792055&created_at=2023-06-02&is_native=2&auction_queue=0&burl=9NZ9y9ZYVxs47Z0fNkfTaF-9KkRubcvhh_p1T7HizK3wCsUInbX6Tw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5318793&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.010972527226173541&placement_type_id=0&skin_test=0&verify_hash=33ded536acc660a8304a6b7ce71a5b7a&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D764022017%26spot_id%3D18793%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.0008040000381879508&user_fp=7728110929669612498&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=kiZovGYrItaZBs48GyYxlRBzaNM6swJ1rETJPRn8ZDk2AYarZcMy-UwWx-epRq3GTAwZJY1M-tmeYbScZ4FiWbFzJIGYcGN4Le13YfJ1BXStZ8z6vE31bHJ9EbaUJIBuP6DxkQLhyDdr0p5TmTwvX5RiqXXy49--m042lnw-jwTqmL3GxQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=8&vertical_id=0&real_bid=0.0007555188358852173&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult,Japanese&label_ids=4,89,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fjavmec.me%2F&auction_time=1685705655&show_count=1&from_cache=0&mlf=1&cpa=162bfa74-0443-4f0c-9f7e-817f767ba61c&mlc=1&format=androidWhatsAppCompact-slide-t_r-body	94.130.198.6	200 OK	0 B
URL GET HTTP/2 fd91b5c89c.fb2d1abede.com/in/show/?mid=7782176240244809520&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=764022017&sid=2034687550&cid=14080&price=0.0008040000381879508&is_cpm=0&cpm=0&ecpm=0.011821774103467127&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=1&ver=8.66.0&ver_c=&refdom=javmec.me&hostname=auc-inpage-hz-0-a&site_id=3118793&spot_id=18793&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1685792055&created_at=2023-06-02&is_native=2&auction_queue=0&burl=9NZ9y9ZYVxs47Z0fNkfTaF-9KkRubcvhh_p1T7HizK3wCsUInbX6Tw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5318793&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.010972527226173541&placement_type_id=0&skin_test=0&verify_hash=33ded536acc660a8304a6b7ce71a5b7a&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D764022017%26spot_id%3D18793%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.0008040000381879508&user_fp=7728110929669612498&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=kiZovGYrItaZBs48GyYxlRBzaNM6swJ1rETJPRn8ZDk2AYarZcMy-UwWx-epRq3GTAwZJY1M-tmeYbScZ4FiWbFzJIGYcGN4Le13YfJ1BXStZ8z6vE31bHJ9EbaUJIBuP6DxkQLhyDdr0p5TmTwvX5RiqXXy49--m042lnw-jwTqmL3GxQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=8&vertical_id=0&real_bid=0.0007555188358852173&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult,Japanese&label_ids=4,89,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fjavmec.me%2F&auction_time=1685705655&show_count=1&from_cache=0&mlf=1&cpa=162bfa74-0443-4f0c-9f7e-817f767ba61c&mlc=1&format=androidWhatsAppCompact-slide-t_r-body IP 94.130.198.6:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/show/?mid=7782176240244809520&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=764022017&sid=2034687550&cid=14080&price=0.0008040000381879508&is_cpm=0&cpm=0&ecpm=0.011821774103467127&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=1&ver=8.66.0&ver_c=&refdom=javmec.me&hostname=auc-inpage-hz-0-a&site_id=3118793&spot_id=18793&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1685792055&created_at=2023-06-02&is_native=2&auction_queue=0&burl=9NZ9y9ZYVxs47Z0fNkfTaF-9KkRubcvhh_p1T7HizK3wCsUInbX6Tw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5318793&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.010972527226173541&placement_type_id=0&skin_test=0&verify_hash=33ded536acc660a8304a6b7ce71a5b7a&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D764022017%26spot_id%3D18793%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.0008040000381879508&user_fp=7728110929669612498&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=kiZovGYrItaZBs48GyYxlRBzaNM6swJ1rETJPRn8ZDk2AYarZcMy-UwWx-epRq3GTAwZJY1M-tmeYbScZ4FiWbFzJIGYcGN4Le13YfJ1BXStZ8z6vE31bHJ9EbaUJIBuP6DxkQLhyDdr0p5TmTwvX5RiqXXy49--m042lnw-jwTqmL3GxQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=8&vertical_id=0&real_bid=0.0007555188358852173&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult,Japanese&label_ids=4,89,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fjavmec.me%2F&auction_time=1685705655&show_count=1&from_cache=0&mlf=1&cpa=162bfa74-0443-4f0c-9f7e-817f767ba61c&mlc=1&format=androidWhatsAppCompact-slide-t_r-body HTTP/1.1 Host: fd91b5c89c.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	hlmiq.com/to2/expedia.no/	142.132.202.70	307 Temporary Redirect	0 B
URL GET HTTP/1.1 hlmiq.com/to2/expedia.no/ IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjecthlmiq.com Fingerprint76:F7:2B:47:FA:82:52:97:1D:77:80:F9:6D:9F:88:93:BD:70:EB:A4 ValidityTue, 04 Apr 2023 03:48:54 GMT - Mon, 03 Jul 2023 03:48:53 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /to2/expedia.no/ HTTP/1.1 Host: hlmiq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 307 Temporary Redirect Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Referrer-Policy: no-referrer Location: https://www.expedia.no/?clickref=1100lwPiPbpR&affcid=NO.DIRECT.PHG.1100l95727.0&ref_id=1100lwPiPbpR&my_ad=AFF.NO.DIRECT.PHG.1100l95727.0&afflid=1100lwPiPbpR&original_destination=https://www.expedia.no/?clickref=1100lwPiPbpR&affcid=NO.DIRECT.PHG.1100l95727.0&ref_id=1100lwPiPbpR&my_ad=AFF.NO.DIRECT.PHG.1100l95727.0&afflid=1100lwPiPbpR

	www.exness.com/?utm_source=partners&_8f4x=1	45.60.78.64	302 Found	0 B
URL GET HTTP/2 www.exness.com/?utm_source=partners&_8f4x=1 IP 45.60.78.64:443 ASN #19551 INCAPSULA Requested by https://hlmiq.com/vu/a/? Certificate IssuerSectigo Limited Subjectwww.exness.com FingerprintFB:2D:29:6E:CF:0C:28:BB:4B:73:07:BA:67:BD:82:31:84:95:7E:FF ValidityThu, 13 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?utm_source=partners&_8f4x=1 HTTP/1.1 Host: www.exness.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 302 Found cache-control: no-cache content-length: 0 location: https://www.exness.uk/?utm_source=partners&_8f4x=1 set-cookie: nlbi_961876=M0REd/WFiTD6QQenzTYrKwAAAACkBLoxYTmcHZkDrj6COSNL; path=/; Domain=.exness.com visid_incap_961876=UkxTvLsWQE6IQUu9cuJts7fTeWQAAAAAQUIPAAAAAADeKuym2GG4W6DdKXNuc7Mt; expires=Fri, 31 May 2024 22:36:05 GMT; HttpOnly; path=/; Domain=.exness.com incap_ses_633_961876=SHYWX2aoLkce/Rhuwd7ICLjTeWQAAAAAa+PZfF9qbd6iVK7wjq3N7Q==; path=/; Domain=.exness.com x-cdn: Imperva x-iinfo: 4-2410165-2409664 pNNN RT(1685705655064 1048) q(0 0 0 0) r(0 0) U11 X-Firefox-Spdy: h2

	fd91b5c89c.fb2d1abede.com/in/show/?mid=7782176240244809520&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=764022017&sid=2034687550&cid=2315&price=0.010184000171720982&is_cpm=0&cpm=0&ecpm=0.057643432851838546&crid=&crtid=ac926a6d2175051b968c67b4e816f242&tcid=0&out_id=0&ver=8.66.0&ver_c=&refdom=javmec.me&hostname=auc-inpage-hz-0-a&site_id=3118793&spot_id=18793&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1685792055&created_at=2023-06-02&is_native=1&auction_queue=0&burl=YuaqtjQwonpAlv68uPk9L1j9pM8RHPDpmq2kevEHEt-dk3PzqBp2cA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7318793&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.00455128947845675&placement_type_id=0&skin_test=0&verify_hash=91e6c1dca1d2e088c8f86a0259a26a82&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D764022017%26spot_id%3D18793%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.010184000171720982&user_fp=7728110929669612498&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=vuUHULJb3zjc__5GOb7TvOXt8abaVM21itImiTlb9sxNirpAbOJ7J9_1Zqw1Z0gqWnBVjJil9K2lxjm2Z9vViUNpfeXpHb55x6BgUtwZLoqvbAMYMYjIiffdESBeBD10hDPCSPEpNPGKD9PAz_5XQOGnhsk88mENLX-hVnmVz2roTQVMl1S6FfSpsSq2RGCUReh7PslJI8n4TCfQ_aE5MHUEXdxIKTxRJXiTHOdoZG--pmBfjoln2shTwSNuruZo6uxZGWtD_KMha25U2u_2_tZQ_MwytG7LQjuxyn5F7HHNRm1kuEOWyzaCMvnvfH-DcGcydgQkLNVlhQwLScA2oiCht8LSCXBID5WC2jN16z7C1m-CGtuMeE2Lw5HkeaLayFzZw91f4oOCBNaeaM4G4kIibX7PQfA5uoExC2OEbnZJeREHoe3AGuFWzhlDimjsTEqt2tRi1JyABicKx8mA9JBKtsvjtLn250mPL_SWgvmRAAyvKrLtKmi6xtTaV-xAGaFviQnMxy3_KzYLJzTUjGHG7SEW43FPKNiKcgWVeuqRcBC5FQ1H4jS8d9Q3IUeImXpP6jUi6QgOUFTrkFtfVbCIXjBJat0BlltszOLNmYqaXUSbxCSOvqGn_gepzxRNUnSQl4aE4ZE4PUcitnJJowMOFWM2SWesJR1qCVbIPh0oKdzyFFNn9xVu80OgredH0HskuMDFlMgpUTJ1flXVqNb0HrJfwGsZqcYzmNiZTwfZCc7U0H2o22f6gnuaOpQAufobJbrVNRP2zdjG1EL7gTQMTeejpznjE9VcM45I_qgz4YKkBsS6_f_h-eYvUNyMPRzn-uK_iKBRhYf3EHLeU_KWcqVCkzTqiSyBL0iWkRZ1woZsS8-27KQMcXxihM7yyBwQmGkx4AZx6avoIslwE_jNLSCjssib3-nFYFlJR0QNdOjWsPCyt0nmeLG0xy33iXy4G91UwewWFj5Wza8odcEuKHc42YtEKmu_czqWiii2j41wMq6s3YdvjFsiTZZYvVPkabXLu_c1xnmnoClx8yHfTQuESK9jIN-6eZPQC2NwXKbpwrr7usZjrHa1WSIK7ELIQJMPH-0bfITCtaO03sUPeLS3LUkH8u4zFOeyyPyGEt-BNNW9ax_Qt0-5UJg7aKDEgUxoMocP1i-DkNuYU6I6-rHFz9tZBWt2AJ4HZyRSe-1KxYU&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F88%2F88%2Frect_625d6a307cfaft1650289200r2729.jpg.webp&skin_id=8&vertical_id=0&real_bid=0.008881466549757867&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult,Japanese&label_ids=4,90,95,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fjavmec.me%2F&auction_time=1685705655&show_count=1&from_cache=0&cpa=7301e47e-4918-44bc-8f86-530c0b506ec8&format=androidWhatsAppCompact-slide-t_r-body	94.130.198.6	200 OK	0 B
URL GET HTTP/2 fd91b5c89c.fb2d1abede.com/in/show/?mid=7782176240244809520&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=764022017&sid=2034687550&cid=2315&price=0.010184000171720982&is_cpm=0&cpm=0&ecpm=0.057643432851838546&crid=&crtid=ac926a6d2175051b968c67b4e816f242&tcid=0&out_id=0&ver=8.66.0&ver_c=&refdom=javmec.me&hostname=auc-inpage-hz-0-a&site_id=3118793&spot_id=18793&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1685792055&created_at=2023-06-02&is_native=1&auction_queue=0&burl=YuaqtjQwonpAlv68uPk9L1j9pM8RHPDpmq2kevEHEt-dk3PzqBp2cA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7318793&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.00455128947845675&placement_type_id=0&skin_test=0&verify_hash=91e6c1dca1d2e088c8f86a0259a26a82&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D764022017%26spot_id%3D18793%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.010184000171720982&user_fp=7728110929669612498&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=vuUHULJb3zjc__5GOb7TvOXt8abaVM21itImiTlb9sxNirpAbOJ7J9_1Zqw1Z0gqWnBVjJil9K2lxjm2Z9vViUNpfeXpHb55x6BgUtwZLoqvbAMYMYjIiffdESBeBD10hDPCSPEpNPGKD9PAz_5XQOGnhsk88mENLX-hVnmVz2roTQVMl1S6FfSpsSq2RGCUReh7PslJI8n4TCfQ_aE5MHUEXdxIKTxRJXiTHOdoZG--pmBfjoln2shTwSNuruZo6uxZGWtD_KMha25U2u_2_tZQ_MwytG7LQjuxyn5F7HHNRm1kuEOWyzaCMvnvfH-DcGcydgQkLNVlhQwLScA2oiCht8LSCXBID5WC2jN16z7C1m-CGtuMeE2Lw5HkeaLayFzZw91f4oOCBNaeaM4G4kIibX7PQfA5uoExC2OEbnZJeREHoe3AGuFWzhlDimjsTEqt2tRi1JyABicKx8mA9JBKtsvjtLn250mPL_SWgvmRAAyvKrLtKmi6xtTaV-xAGaFviQnMxy3_KzYLJzTUjGHG7SEW43FPKNiKcgWVeuqRcBC5FQ1H4jS8d9Q3IUeImXpP6jUi6QgOUFTrkFtfVbCIXjBJat0BlltszOLNmYqaXUSbxCSOvqGn_gepzxRNUnSQl4aE4ZE4PUcitnJJowMOFWM2SWesJR1qCVbIPh0oKdzyFFNn9xVu80OgredH0HskuMDFlMgpUTJ1flXVqNb0HrJfwGsZqcYzmNiZTwfZCc7U0H2o22f6gnuaOpQAufobJbrVNRP2zdjG1EL7gTQMTeejpznjE9VcM45I_qgz4YKkBsS6_f_h-eYvUNyMPRzn-uK_iKBRhYf3EHLeU_KWcqVCkzTqiSyBL0iWkRZ1woZsS8-27KQMcXxihM7yyBwQmGkx4AZx6avoIslwE_jNLSCjssib3-nFYFlJR0QNdOjWsPCyt0nmeLG0xy33iXy4G91UwewWFj5Wza8odcEuKHc42YtEKmu_czqWiii2j41wMq6s3YdvjFsiTZZYvVPkabXLu_c1xnmnoClx8yHfTQuESK9jIN-6eZPQC2NwXKbpwrr7usZjrHa1WSIK7ELIQJMPH-0bfITCtaO03sUPeLS3LUkH8u4zFOeyyPyGEt-BNNW9ax_Qt0-5UJg7aKDEgUxoMocP1i-DkNuYU6I6-rHFz9tZBWt2AJ4HZyRSe-1KxYU&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F88%2F88%2Frect_625d6a307cfaft1650289200r2729.jpg.webp&skin_id=8&vertical_id=0&real_bid=0.008881466549757867&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult,Japanese&label_ids=4,90,95,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fjavmec.me%2F&auction_time=1685705655&show_count=1&from_cache=0&cpa=7301e47e-4918-44bc-8f86-530c0b506ec8&format=androidWhatsAppCompact-slide-t_r-body IP 94.130.198.6:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectfb2d1abede.com Fingerprint90:D4:05:07:6B:1B:12:F5:45:F3:64:2B:21:D6:76:6B:1E:46:9B:F7 ValidityTue, 30 May 2023 03:01:52 GMT - Mon, 28 Aug 2023 03:01:51 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/show/?mid=7782176240244809520&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=764022017&sid=2034687550&cid=2315&price=0.010184000171720982&is_cpm=0&cpm=0&ecpm=0.057643432851838546&crid=&crtid=ac926a6d2175051b968c67b4e816f242&tcid=0&out_id=0&ver=8.66.0&ver_c=&refdom=javmec.me&hostname=auc-inpage-hz-0-a&site_id=3118793&spot_id=18793&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1685792055&created_at=2023-06-02&is_native=1&auction_queue=0&burl=YuaqtjQwonpAlv68uPk9L1j9pM8RHPDpmq2kevEHEt-dk3PzqBp2cA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=7318793&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.00455128947845675&placement_type_id=0&skin_test=0&verify_hash=91e6c1dca1d2e088c8f86a0259a26a82&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D764022017%26spot_id%3D18793%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.010184000171720982&user_fp=7728110929669612498&v2=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=vuUHULJb3zjc__5GOb7TvOXt8abaVM21itImiTlb9sxNirpAbOJ7J9_1Zqw1Z0gqWnBVjJil9K2lxjm2Z9vViUNpfeXpHb55x6BgUtwZLoqvbAMYMYjIiffdESBeBD10hDPCSPEpNPGKD9PAz_5XQOGnhsk88mENLX-hVnmVz2roTQVMl1S6FfSpsSq2RGCUReh7PslJI8n4TCfQ_aE5MHUEXdxIKTxRJXiTHOdoZG--pmBfjoln2shTwSNuruZo6uxZGWtD_KMha25U2u_2_tZQ_MwytG7LQjuxyn5F7HHNRm1kuEOWyzaCMvnvfH-DcGcydgQkLNVlhQwLScA2oiCht8LSCXBID5WC2jN16z7C1m-CGtuMeE2Lw5HkeaLayFzZw91f4oOCBNaeaM4G4kIibX7PQfA5uoExC2OEbnZJeREHoe3AGuFWzhlDimjsTEqt2tRi1JyABicKx8mA9JBKtsvjtLn250mPL_SWgvmRAAyvKrLtKmi6xtTaV-xAGaFviQnMxy3_KzYLJzTUjGHG7SEW43FPKNiKcgWVeuqRcBC5FQ1H4jS8d9Q3IUeImXpP6jUi6QgOUFTrkFtfVbCIXjBJat0BlltszOLNmYqaXUSbxCSOvqGn_gepzxRNUnSQl4aE4ZE4PUcitnJJowMOFWM2SWesJR1qCVbIPh0oKdzyFFNn9xVu80OgredH0HskuMDFlMgpUTJ1flXVqNb0HrJfwGsZqcYzmNiZTwfZCc7U0H2o22f6gnuaOpQAufobJbrVNRP2zdjG1EL7gTQMTeejpznjE9VcM45I_qgz4YKkBsS6_f_h-eYvUNyMPRzn-uK_iKBRhYf3EHLeU_KWcqVCkzTqiSyBL0iWkRZ1woZsS8-27KQMcXxihM7yyBwQmGkx4AZx6avoIslwE_jNLSCjssib3-nFYFlJR0QNdOjWsPCyt0nmeLG0xy33iXy4G91UwewWFj5Wza8odcEuKHc42YtEKmu_czqWiii2j41wMq6s3YdvjFsiTZZYvVPkabXLu_c1xnmnoClx8yHfTQuESK9jIN-6eZPQC2NwXKbpwrr7usZjrHa1WSIK7ELIQJMPH-0bfITCtaO03sUPeLS3LUkH8u4zFOeyyPyGEt-BNNW9ax_Qt0-5UJg7aKDEgUxoMocP1i-DkNuYU6I6-rHFz9tZBWt2AJ4HZyRSe-1KxYU&image_url=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F492x328%2Fq85%2Fimage%2Fvk%2F88%2F88%2Frect_625d6a307cfaft1650289200r2729.jpg.webp&skin_id=8&vertical_id=0&real_bid=0.008881466549757867&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&keywords=Adult,Japanese&label_ids=4,90,95,108,0&conditions=dch_ip,tz_offset&need_redirect_show=0&page=https%3A%2F%2Fjavmec.me%2F&auction_time=1685705655&show_count=1&from_cache=0&cpa=7301e47e-4918-44bc-8f86-530c0b506ec8&format=androidWhatsAppCompact-slide-t_r-body HTTP/1.1 Host: fd91b5c89c.fb2d1abede.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	referral.crypto.com/r/8mk2bghn8f	104.17.108.60	302 Found	948 B
URL GET HTTP/2 referral.crypto.com/r/8mk2bghn8f IP 104.17.108.60:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectcrypto.com FingerprintFE:C9:EF:7F:D2:E4:56:EB:6E:D4:D8:D2:DC:CC:D6:F8:87:6C:3E:3F ValidityMon, 05 Dec 2022 00:00:00 GMT - Tue, 05 Dec 2023 23:59:59 GMT File type data Size 948 B (948 bytes) Hash d3d9b9854754bf7e18d95b2e044957bc aaaf3736a2e63a530f3c19b30c9ba1f209e8980a 05a766dcec6ba4a132dc0b2c8a081733ac1682ef696b4ead104a871db6185df3 HTTP Headers GET /r/8mk2bghn8f HTTP/1.1 Host: referral.crypto.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Cookie: __cf_bm=eDZbMbRE19DnHADidWMUACW1uL_uBMLR9rvRjQODFCs-1685705655-0-AT79spgTD4z84TSJyDVofBQEwA9tgT5UAKJYbt2VG+W1IBebeNguuT79xDzeFys8apHKe0RTEwcN2ccxIesZkrc=; _cfuvid=uF5vqU5OMlu9ZSqKmfCgJR1WmsrraDLlkAEK_Vp.G8o-1685705655610-0-604800000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 302 Found date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html; charset=utf-8 location: https://get.mona.co/1mLxRmFn1bb cache-control: no-cache, no-store pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT x-request-id: decec2ff-9922-4bc7-ba4b-7d8136694e0c x-runtime: 0.021410 strict-transport-security: max-age=604800 x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62dc6e23b4fd-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676	109.206.163.116	302 Found	0 B
URL GET HTTP/2 bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676 IP 109.206.163.116:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectbts.red12flyw2.site FingerprintA2:EE:B1:29:D2:79:72:48:25:A2:42:40:8E:06:30:40:A0:E8:48:BE ValidityTue, 02 May 2023 03:02:57 GMT - Mon, 31 Jul 2023 03:02:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/2643/?spot_id=18525&source=1079458676 HTTP/1.1 Host: bts.red12flyw2.site User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 content-length: 0 location: https://tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1079458676 pragma: no-cache vary: * cache-control: no-cache, no-store, must-revalidate set-cookie: 2643.0=1; expires=Sat, 03 Jun 2023 11:34:16 GMT; path=/; secure; SameSite=None X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	104.18.14.101		472 B
URL ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 16904e2a252f35d362d1ef6386c43b43 370b8bc73cdc73a243e019e3f658d3a40df09e16 32adb79931a77edcc923ed54e94cf0046bdc9642a48cba13904e2db11c99104d HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:16 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Thu, 01 Jun 2023 21:51:30 GMT Expires: Thu, 08 Jun 2023 21:51:29 GMT Etag: "370b8bc73cdc73a243e019e3f658d3a40df09e16" Cache-Control: max-age=556441,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d0f62e20e77fac4-OSL`

	bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676	109.206.163.116	302 Found	0 B
URL GET HTTP/2 bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676 IP 109.206.163.116:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectbts.red12flyw2.site FingerprintA2:EE:B1:29:D2:79:72:48:25:A2:42:40:8E:06:30:40:A0:E8:48:BE ValidityTue, 02 May 2023 03:02:57 GMT - Mon, 31 Jul 2023 03:02:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/2643/?spot_id=18525&source=1079458676 HTTP/1.1 Host: bts.red12flyw2.site User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 content-length: 0 location: https://tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1079458676 pragma: no-cache vary: * cache-control: no-cache, no-store, must-revalidate set-cookie: 2643.0=1; expires=Sat, 03 Jun 2023 11:34:16 GMT; path=/; secure; SameSite=None X-Firefox-Spdy: h2`

	bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676	109.206.163.116	302 Found	0 B
URL GET HTTP/2 bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676 IP 109.206.163.116:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectbts.red12flyw2.site FingerprintA2:EE:B1:29:D2:79:72:48:25:A2:42:40:8E:06:30:40:A0:E8:48:BE ValidityTue, 02 May 2023 03:02:57 GMT - Mon, 31 Jul 2023 03:02:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/2643/?spot_id=18525&source=1079458676 HTTP/1.1 Host: bts.red12flyw2.site User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 content-length: 0 location: https://tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1079458676 vary: * cache-control: no-cache, no-store, must-revalidate pragma: no-cache set-cookie: 2643.0=1; expires=Sat, 03 Jun 2023 11:34:16 GMT; path=/; secure; SameSite=None X-Firefox-Spdy: h2`

	bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676	109.206.163.116	302 Found	0 B
URL GET HTTP/2 bts.red12flyw2.site/in/2643/?spot_id=18525&source=1079458676 IP 109.206.163.116:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectbts.red12flyw2.site FingerprintA2:EE:B1:29:D2:79:72:48:25:A2:42:40:8E:06:30:40:A0:E8:48:BE ValidityTue, 02 May 2023 03:02:57 GMT - Mon, 31 Jul 2023 03:02:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/2643/?spot_id=18525&source=1079458676 HTTP/1.1 Host: bts.red12flyw2.site User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 content-length: 0 location: https://tsyndicate.com/iframes2/5448ab07c1bf49eaa9dbda8be6d24dd1.html?subid=1079458676 pragma: no-cache vary: * cache-control: no-cache, no-store, must-revalidate set-cookie: 2643.0=1; expires=Sat, 03 Jun 2023 11:34:16 GMT; path=/; secure; SameSite=None X-Firefox-Spdy: h2`

	www.semrush.com/partner/semrushpro/?irclickid=wYyQQM0wfxyPR7TQ1CxahX8JUkAS6DUWXUjWwE0&utm_source=affiliate&utm_Medium=impact&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact&utm_term=	34.120.45.191	200 OK	20 kB
URL GET HTTP/2 www.semrush.com/partner/semrushpro/?irclickid=wYyQQM0wfxyPR7TQ1CxahX8JUkAS6DUWXUjWwE0&utm_source=affiliate&utm_Medium=impact&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact&utm_term= IP 34.120.45.191:443 ASN #15169 GOOGLE Requested by https://hlmiq.com/vu/a/? Certificate IssuerSectigo Limited Subject.semrush.com Fingerprint74:94:68:ED:94:1A:08:F7:A6:4D:D9:C6:B4:82:40:34:CA:30:FC:87 ValidityFri, 24 Feb 2023 00:00:00 GMT - Thu, 08 Feb 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1696), with CRLF, LF line terminators Size 20 kB (20435 bytes) Hash d477a86a7865997994ea10657bca1414 249425025b4644d12609c8462ed4609a6c595a53 d41f355fd2c3f9d2908aac3e4b7595aa829cbcbd5dc769ab5108f39b4cdc1916 HTTP Headers GET /partner/semrushpro/?irclickid=wYyQQM0wfxyPR7TQ1CxahX8JUkAS6DUWXUjWwE0&utm_source=affiliate&utm_Medium=impact&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact&utm_term= HTTP/1.1 Host: www.semrush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding referrer-policy: same-origin strict-transport-security: max-age=15724800; includeSubDomains x-service-response-time: 0.02541 content-language: en x-service: partners_landing server-timing: service;dur=26.15188, backend;dur=39.47760 set-cookie: PHPSESSID=5503937672cd4b39b2c080d9113380e4; Path=/; Domain=semrush.com; Expires=Sat, 03 Jun 2023 11:34:16 GMT; HttpOnly; Secure SSO-JWT=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1NTAzOTM3NjcyY2Q0YjM5YjJjMDgwZDkxMTMzODBlNCIsImlhdCI6MTY4NTcwNTY1MSwiaXNzIjoic3NvIn0.1_dy5423EoQx-9ZIMSJ-AeMWuYeGhIIirPhsw-jIFP2mt18InVsVhQ50RswX5d8nTvgMLZDXFAuUOdu_Dhn83w; Path=/; Domain=semrush.com; Expires=Sat, 03 Jun 2023 11:34:16 GMT; HttpOnly; Secure GCLB=CO3Mq4aN272rnQE; path=/; HttpOnly; expires=Sat, 03-Jun-2023 11:34:16 GMT sm-log-id: flb-c4c3f607bd7b018aaefb7bec0176a7f0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-cache content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	vast.yomeno.xyz/vast	109.206.175.85	204 No Content	23 kB
URL OPTIONS HTTP/2 vast.yomeno.xyz/vast IP 109.206.175.85:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectvast.yomeno.xyz Fingerprint13:5C:08:D5:3E:F3:37:AC:41:C6:11:A5:10:49:63:DF:DB:41:C5:5E ValiditySun, 28 May 2023 03:08:58 GMT - Sat, 26 Aug 2023 03:08:57 GMT File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31106) Size 23 kB (23286 bytes) Hash aa6436001ea13b4d3ab807cdc7b1be81 1ad8c7ec75a753916035809a4914975e229b9ea4 1d82a039607a28edbb561bd85776a2624a7f0cb36ce1674de19df7a92966266d HTTP Headers `POST /vast HTTP/1.1 Host: vast.yomeno.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 929 Origin: https://javmec.me DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:15 GMT content-type: application/json; charset=utf-8 cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: Accept-Encoding, * access-control-allow-credentials: true access-control-allow-origin: https://javmec.me access-control-expose-headers: Content-Length,Content-Range content-encoding: gzip X-Firefox-Spdy: h2`

	ocsp.usertrust.com/	104.18.15.101		471 B
URL ocsp.usertrust.com/ IP 104.18.15.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash cf4bf939fa21faf9f81ba70ab5c7b44a 743d604ec14b1daf425e4e8c120bf3a47eed1f5f 90f8867e34596ca74d0d1421daf64c2e59d754233108b1c48654c72af8d94ecf HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:16 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Thu, 01 Jun 2023 03:45:30 GMT Expires: Thu, 08 Jun 2023 03:45:29 GMT Etag: "743d604ec14b1daf425e4e8c120bf3a47eed1f5f" Cache-Control: max-age=602867,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 1111 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f62e2bcc1067b-OSL

	s.viiyblva.com/n/738/ozihu72zijnhu7lapv3uoyihpvwhiz3tjfbfabkbjnfggg47s3jgmwd7pabbmw3zfuyfurkfm4ah22d4n5n43p3rcli6rqfork2zdomtkf5uqwlhhwue2draelgilpfvqh65thv3oqfilvmv3nlabsv2v23fkm6rnx6wyeka53w4q4clfb6fqrcxynofj3inhknx6klqjjxem3cqxn3oc5tmyjevzwcdzckdd7kz7crwxslu5u43e46a6x5eti2hpptzu4nuo3ihbd3mvvbr4wspogyeksn6obrnly2kvn5fa4ck5zvu3x3u4fqerxkljpxeslnlkkcjb4xmksrxbr57tdnhdecrog4g6rjzamh4ayygkbaj75jyu5gmgncm6jdfifrcghjdbevm3ghxjcdmajsvas2j4fnezrlxi6p6cayon6lny63hk5ewci7f2ebckcnlzziro3cqjnewc545ouqvmscc6n7bpqthgwaoaajihpu7mtprkgt6shq3gwf465vjoufjqsswsbahdmzuzhjyxvseqf3wpodrpjhtmfl6bvzfs2o3jjrno3vdj77ewq6dka37kw4ixp6hbnlb7cpm26naool6byokkleu2yd67vhnyvgqizzpgmx276r7irozofrye5wr4lui5agj75xoqt5jx7lletuskjbhaq3aaj5wa43coza5kzzt3j3xtytvje5rkka=?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F88%2F88%2F625d6a307cfaft1650289200r2729.jpg.webp&cpa=0ffe0fb4-79ea-4599-8955-7b8a847f8be2&format=androidWhatsAppCompact-slide-t_r-body	185.196.197.130	302 Found	0 B
URL GET HTTP/2 s.viiyblva.com/n/738/ozihu72zijnhu7lapv3uoyihpvwhiz3tjfbfabkbjnfggg47s3jgmwd7pabbmw3zfuyfurkfm4ah22d4n5n43p3rcli6rqfork2zdomtkf5uqwlhhwue2draelgilpfvqh65thv3oqfilvmv3nlabsv2v23fkm6rnx6wyeka53w4q4clfb6fqrcxynofj3inhknx6klqjjxem3cqxn3oc5tmyjevzwcdzckdd7kz7crwxslu5u43e46a6x5eti2hpptzu4nuo3ihbd3mvvbr4wspogyeksn6obrnly2kvn5fa4ck5zvu3x3u4fqerxkljpxeslnlkkcjb4xmksrxbr57tdnhdecrog4g6rjzamh4ayygkbaj75jyu5gmgncm6jdfifrcghjdbevm3ghxjcdmajsvas2j4fnezrlxi6p6cayon6lny63hk5ewci7f2ebckcnlzziro3cqjnewc545ouqvmscc6n7bpqthgwaoaajihpu7mtprkgt6shq3gwf465vjoufjqsswsbahdmzuzhjyxvseqf3wpodrpjhtmfl6bvzfs2o3jjrno3vdj77ewq6dka37kw4ixp6hbnlb7cpm26naool6byokkleu2yd67vhnyvgqizzpgmx276r7irozofrye5wr4lui5agj75xoqt5jx7lletuskjbhaq3aaj5wa43coza5kzzt3j3xtytvje5rkka=?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F88%2F88%2F625d6a307cfaft1650289200r2729.jpg.webp&cpa=0ffe0fb4-79ea-4599-8955-7b8a847f8be2&format=androidWhatsAppCompact-slide-t_r-body IP 185.196.197.130:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectviiyblva.com Fingerprint8D:84:A7:14:DB:F4:66:A0:4F:BD:54:5E:CE:B5:15:6F:DF:73:F3:1A ValidityFri, 12 May 2023 00:41:04 GMT - Thu, 10 Aug 2023 00:41:03 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /n/738/ozihu72zijnhu7lapv3uoyihpvwhiz3tjfbfabkbjnfggg47s3jgmwd7pabbmw3zfuyfurkfm4ah22d4n5n43p3rcli6rqfork2zdomtkf5uqwlhhwue2draelgilpfvqh65thv3oqfilvmv3nlabsv2v23fkm6rnx6wyeka53w4q4clfb6fqrcxynofj3inhknx6klqjjxem3cqxn3oc5tmyjevzwcdzckdd7kz7crwxslu5u43e46a6x5eti2hpptzu4nuo3ihbd3mvvbr4wspogyeksn6obrnly2kvn5fa4ck5zvu3x3u4fqerxkljpxeslnlkkcjb4xmksrxbr57tdnhdecrog4g6rjzamh4ayygkbaj75jyu5gmgncm6jdfifrcghjdbevm3ghxjcdmajsvas2j4fnezrlxi6p6cayon6lny63hk5ewci7f2ebckcnlzziro3cqjnewc545ouqvmscc6n7bpqthgwaoaajihpu7mtprkgt6shq3gwf465vjoufjqsswsbahdmzuzhjyxvseqf3wpodrpjhtmfl6bvzfs2o3jjrno3vdj77ewq6dka37kw4ixp6hbnlb7cpm26naool6byokkleu2yd67vhnyvgqizzpgmx276r7irozofrye5wr4lui5agj75xoqt5jx7lletuskjbhaq3aaj5wa43coza5kzzt3j3xtytvje5rkka=?f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fq85%2Fimage%2Fvk%2F88%2F88%2F625d6a307cfaft1650289200r2729.jpg.webp&cpa=0ffe0fb4-79ea-4599-8955-7b8a847f8be2&format=androidWhatsAppCompact-slide-t_r-body HTTP/1.1 Host: s.viiyblva.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx/1.23.2 date: Fri, 02 Jun 2023 11:34:16 GMT content-length: 0 location: https://i.cdnkimg.com/auto/192/q85/image/vk/88/88/625d6a307cfaft1650289200r2729.jpg.webp X-Firefox-Spdy: h2`

	offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=10f508f2894593612d5bb67d3171caec&pid=656490	47.246.44.228	200	54 kB
URL GET HTTP/1.1 offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=10f508f2894593612d5bb67d3171caec&pid=656490 IP 47.246.44.228:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://hlmiq.com/vu/a/? Certificate IssuerGlobalSign nv-sa Subject.alibaba.com FingerprintD8:79:66:7C:30:A0:AD:A1:C1:36:49:A4:AD:81:9F:D7:D9:85:0B:CA ValidityWed, 08 Jun 2022 03:26:08 GMT - Mon, 10 Jul 2023 03:26:07 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5313), with CRLF, LF line terminators Size 54 kB (54519 bytes) Hash f4231e83174bc42589094a5bb87a16f8 f7136fa583930907a3ed1085fd3377081bd837cf bf5f67d37abcef971800f3c57a05d6e4767c08344379e98bd71f5b40c22822c9 HTTP Headers `GET /cps/j19u1ne5?bm=cps&src=saf&tp1=10f508f2894593612d5bb67d3171caec&pid=656490 HTTP/1.1 Host: offer.alibaba.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 Server: Tengine Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Date: Fri, 02 Jun 2023 11:34:16 GMT Vary: Accept-Encoding Set-Cookie: ali_apache_id=33.3.44.173.1685705656537.496029.4; path=/; domain=.alibaba.com; expires=Wed, 30-Nov-2084 01:01:01 GMT XSRF-TOKEN=4ae6dc2c-84b2-4f58-84e7-69c6d5a7611f; Path=/; HttpOnly cna=uMEAHeEPPSgCAS/2gMisSwT5; Domain=alibaba.com; Expires=Wed, 20-Jun-2091 14:48:23 GMT; Path=/ cna=uMEAHeEPPSgCAS/2gMisSwT5; Domain=mmstat.com; Expires=Wed, 20-Jun-2091 14:48:23 GMT; Path=/ ali_apache_track=""; Domain=.alibaba.com; Expires=Wed, 20-Jun-2091 14:48:23 GMT; Path=/ ali_apache_tracktmp=""; Domain=.alibaba.com; Path=/ Referrer-Policy: unsafe-url X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY Content-Language: en-US Content-Encoding: gzip Strict-Transport-Security: max-age=31536000 Timing-Allow-Origin: , , * EagleId: 2ff62c9816857056564704665e, 2ff62c9816857056564704665e, 2ff62c9816857056564704665e server-timing: rt;dur=0.224,eagleid;desc=2ff62c9816857056564704665e Via: cache8.us13[235,0], cache4.se1[323,0]

	www.thelotter.net/?tl_affid=9175	107.154.132.27		88 kB
URL GET www.thelotter.net/?tl_affid=9175 IP 107.154.132.27:0 ASN #19551 INCAPSULA Requested by https://hlmiq.com/vu/a/? Certificate IssuerSectigo Limited Subjectwww.lottosmile.in FingerprintCB:5E:9B:D0:B0:2D:BE:FB:6B:A4:AA:07:95:10:07:29:F0:B4:E9:FA ValidityMon, 21 Nov 2022 00:00:00 GMT - Tue, 21 Nov 2023 23:59:59 GMT File type gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT)\012- data Size 88 kB (87938 bytes) Hash 8d0f02360a9e4f34b34bdbab18984845 f4785c6f8147477faff5fbcb417598a51bfac8cb a186881640e152351eae75844450762afff3454814d55788c4424fdff0207b84 HTTP Headers `GET /?tl_affid=9175 HTTP/1.1 Host: www.thelotter.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK cache-control: private content-type: text/html; charset=utf-8 content-encoding: gzip vary: Accept-Encoding server: x-frame-options: SAMEORIGIN x-aspnet-version: 4.0.30319 set-cookie: lng=1; path=/; secure number_of_redirects=0; path=/; secure urls_tracker=https://www.thelotter.net/default.aspx?itemid=1&tl_affid=9175; path=/; secure ViewMobileV2={"DeviceName":"Firefox - Emulator","DeviceType":"Desktop","IsDesktop":true,"IsMobile":false,"IsRobot":false,"IsSmartphone":false,"IsTablet":false}; path=/; secure ASP.NET_SessionId=qcoirnrjrvxyjbzauh4g23ek; path=/; secure; HttpOnly; SameSite=None Referral-Cookie=%7b%22LandingUrl%22%3a%22https%3a%2f%2fwww.thelotter.net%3a443%2fdefault.aspx%3fitemid%3d1%26tl_affid%3d9175%22%2c%22ReferralUrl%22%3a%22https%3a%2f%2fhlmiq.com%2f%22%7d; expires=Sun, 02-Jul-2023 11:34:16 GMT; path=/; secure visid_incap_2436245=6Ha1ZSUjSSuCjSvgL7MYSbfTeWQAAAAAQUIPAAAAAAAzn778h8aUxc6uOaf7MJyj; expires=Fri, 31 May 2024 23:56:35 GMT; HttpOnly; path=/; Domain=.thelotter.net; Secure; SameSite=None incap_ses_277_2436245=TPmHCWEUHR3qhLXyqBrYA7fTeWQAAAAAjyvrRFzH9Vti8diexR5dJA==; path=/; Domain=.thelotter.net; Secure; SameSite=None x-powered-by: ASP.NET server-name: simba3 strict-transport-security: max-age=31536000 x-ua-compatible: IE=edge access-control-allow-origin: * access-control-allow-headers: * date: Fri, 02 Jun 2023 11:34:15 GMT x-cdn: Imperva x-iinfo: 10-2845270-2845273 NNNY CT(23 70 0) RT(1685705655736 249) q(0 0 0 0) r(4 5) U12 X-Firefox-Spdy: h2

	static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp	78.47.181.156	200 OK	790 B
URL GET HTTP/2 static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp IP 78.47.181.156:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectbookmsg.com FingerprintD6:6E:0F:A6:67:62:7E:D4:E0:5E:87:61:7A:1E:EB:BB:36:47:D0:71 ValidityMon, 15 May 2023 01:51:00 GMT - Sun, 13 Aug 2023 01:50:59 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 790 B (790 bytes) Hash 65156a660e465299370ebd90d84aa461 12ff60b17f579a77e42a8be7b6b1892fc71be33d e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18 HTTP Headers `GET /creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp HTTP/1.1 Host: static.bookmsg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: image/webp content-length: 790 last-modified: Tue, 24 Nov 2020 14:20:43 GMT etag: "5fbd16bb-316" cache-control: public, max-age=315360000 accept-ranges: bytes X-Firefox-Spdy: h2`

	assets.alicdn.com/g/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.39/baxiaCommon.js	104.110.21.4	200 OK	14 kB
URL GET HTTP/2 assets.alicdn.com/g/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.39/baxiaCommon.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (37875) Size 14 kB (14305 bytes) Hash 533375bd3d3e55396f5efeca784961ef 61db24ccd12351884773e50482b90b0f0de3882a 475875c4c8702f73c4cfc8199f9e2b6bdafa413a48f853920d239825532ed97c HTTP Headers `GET /g/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.39/baxiaCommon.js HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 14305 x-oss-request-id: 6479BB0A5AC30330369E6E2C x-oss-object-type: Normal x-oss-hash-crc64ecma: 7512433114953199032 x-oss-storage-class: Standard content-md5: BczYKGDxrWPTJpa3tsDOFA== x-oss-server-time: 4 access-control-allow-origin: * x-source-scheme: https content-encoding: gzip ali-swift-global-savetime: 1685699338 x-swift-savetime: Fri, 02 Jun 2023 09:49:53 GMT x-swift-cachetime: 3545 timing-allow-origin: * eagleid: 2ff62c9916856993937184809e served-from: 47.246.44.231 cache-control: max-age=888, s-maxage=3600 date: Fri, 02 Jun 2023 11:34:16 GMT vary: Accept-Encoding network_info: NO_OSLO_50304 X-Firefox-Spdy: h2

	static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=d149244d-808e-4785-9c89-7754816b867c&mlc=1&format=androidWhatsAppCompact-slide-t_r-body	78.47.181.156	200 OK	790 B
URL GET HTTP/2 static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=d149244d-808e-4785-9c89-7754816b867c&mlc=1&format=androidWhatsAppCompact-slide-t_r-body IP 78.47.181.156:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectbookmsg.com FingerprintD6:6E:0F:A6:67:62:7E:D4:E0:5E:87:61:7A:1E:EB:BB:36:47:D0:71 ValidityMon, 15 May 2023 01:51:00 GMT - Sun, 13 Aug 2023 01:50:59 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 790 B (790 bytes) Hash 65156a660e465299370ebd90d84aa461 12ff60b17f579a77e42a8be7b6b1892fc71be33d e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18 HTTP Headers GET /creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=d149244d-808e-4785-9c89-7754816b867c&mlc=1&format=androidWhatsAppCompact-slide-t_r-body HTTP/1.1 Host: static.bookmsg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx/1.18.0 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: image/webp content-length: 790 last-modified: Tue, 24 Nov 2020 14:20:43 GMT etag: "5fbd16bb-316" cache-control: public, max-age=315360000 accept-ranges: bytes X-Firefox-Spdy: h2`

	www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=y-ARZt0wNxyPR7TQ1CxahX8JUkAS6QT%3AXUjWwE0&irgwc=1	2.22.31.185	200 OK	82 kB
URL GET HTTP/2 www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=y-ARZt0wNxyPR7TQ1CxahX8JUkAS6QT%3AXUjWwE0&irgwc=1 IP 2.22.31.185:443 ASN #20940 Akamai International B.V. Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subjectwww.lightinthebox.com Fingerprint7A:2D:8E:34:AF:6E:70:F3:DD:78:5B:5B:16:8D:56:6A:E5:D4:5D:AE ValidityWed, 01 Mar 2023 00:00:00 GMT - Thu, 22 Feb 2024 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 82 kB (81593 bytes) Hash 1223e87a7162412361c9b8dd1b9017ae cb656642a66b4122e563f9eb0dda14ad8597e042 2c07ab7c8b81a8e67554ecb13ba0244732c00d3a6983b5e81264361f45055a23 HTTP Headers GET /?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=y-ARZt0wNxyPR7TQ1CxahX8JUkAS6QT%3AXUjWwE0&irgwc=1 HTTP/1.1 Host: www.lightinthebox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: litb-web1server content-type: text/html; charset=utf-8 x-frame-options: allow-from https://gw.lightinthebox.com x-xss-protection: 1;mode=block strict-transport-security: max-age=31536000 x-content-type-options: nosniff p3p: CP="CAO PSA OUR" pragma: no-cache vela_device: vela_is_first_visit: vela_s: vela_s_c: vela_v: vela_v_c: vela_w: vela_w_c: access-control-allow-origin: 0 access-control-allow-credentials: true access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS access-control-allow-headers: Keep-Alive,User-Agent,Cache-Control,Content-Type,token x-akamai-transformed: 9 - 0 pmb=mTOE,1 content-encoding: gzip cache-control: no-cache, no-store, must-revalidate expires: Fri, 02 Jun 2023 11:34:16 GMT date: Fri, 02 Jun 2023 11:34:16 GMT vary: Accept-Encoding set-cookie: sid=8m5j27qies0ne44mkiingr6on5; expires=Sun, 02-Jul-2023 11:34:15 GMT; Max-Age=2592000; path=/; domain=.lightinthebox.com local=en%7CNO%7CNOK; expires=Sun, 02-Jul-2023 11:34:16 GMT; Max-Age=2592000; path=/; domain=.lightinthebox.com; secure __cust=AAAAAGR507dwAV50oYHeAg==; expires=Sat, 01-Jun-24 11:34:16 GMT; domain=lightinthebox.com; path=/ SRV=B_202107051500; Expires=Sun, 02-Jul-2023 11:34:16 GMT; path=/; domain=.lightinthebox.com AKA-WWW-LITB-ORIGIN=EU; expires=Sun, 02-Jul-2023 11:34:16 GMT; path=/; domain=.lightinthebox.com; secure server-timing: ak_p; desc="468251_35004341_586260419_17853_4543_19_0";dur=1 X-Firefox-Spdy: h2

	assets.alicdn.com/g/ae-fe/login-ui/0.0.70/index.css	104.110.21.4	200 OK	14 kB
URL GET HTTP/2 assets.alicdn.com/g/ae-fe/login-ui/0.0.70/index.css IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 14 kB (13553 bytes) Hash f9a839e079a3845d79a79560dbd17995 9d177a6e5f5092d126677c66dec3139a3628de09 fcec016faf1ff5e1d30a5b852ea2341a02d33f79d790ad7357148fbbc63683ec HTTP Headers `GET /g/ae-fe/login-ui/0.0.70/index.css HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css access-control-allow-origin: * ali-swift-global-savetime: 1684982683 content-encoding: br content-md5: +ag54HmjhF15p5Vg29F5lQ== eagleid: 80019d9716849826829594447e last-modified: Thu, 25 May 2023 02:45:13 GMT served-from: 23.59.252.133 server: Akamai Resource Optimizer timing-allow-origin: * x-source-scheme: https x-swift-cachetime: 86400 x-swift-savetime: Thu, 25 May 2023 02:44:43 GMT x-oss-hash-crc64ecma: 13767110009122417633 x-oss-object-type: Normal x-oss-request-id: 646ECB9BE0AD9936370C66CF x-oss-server-time: 4 x-oss-storage-class: Standard content-length: 13553 cache-control: max-age=1869018, s-maxage=86400 expires: Sat, 24 Jun 2023 02:44:34 GMT date: Fri, 02 Jun 2023 11:34:16 GMT network_info: US_RICHARDSON_35994, NO_OSLO_50304 X-Firefox-Spdy: h2

	assets.alicdn.com/g/ae-fe/login-ui/0.0.70/index.js	104.110.21.4	200 OK	66 kB
URL GET HTTP/2 assets.alicdn.com/g/ae-fe/login-ui/0.0.70/index.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (54935) Size 66 kB (66137 bytes) Hash 19a99a9b671bd6561aed0297f08b9c52 1e9e7cd0acda6d65ac833c42bb20cae7b1fa25b8 cf176d4f30d26e47a32815ef73b45f38e1a127c11519270be90bb0264dbcc1cb HTTP Headers `GET /g/ae-fe/login-ui/0.0.70/index.js HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript access-control-allow-origin: * ali-swift-global-savetime: 1684982604 content-encoding: br content-md5: Gamam2cb1lYa7QKX8IucUg== eagleid: 2f59420916849826034623343e last-modified: Thu, 25 May 2023 02:44:11 GMT served-from: 23.59.252.133 server: Akamai Resource Optimizer timing-allow-origin: * x-source-scheme: https x-swift-cachetime: 86400 x-swift-savetime: Thu, 25 May 2023 02:43:24 GMT x-oss-hash-crc64ecma: 2945424382625352620 x-oss-object-type: Normal x-oss-request-id: 646ECB4CAC87183837441F95 x-oss-server-time: 6 x-oss-storage-class: Standard content-length: 66137 cache-control: max-age=1868986, s-maxage=86400 expires: Sat, 24 Jun 2023 02:44:02 GMT date: Fri, 02 Jun 2023 11:34:16 GMT network_info: US_RICHARDSON_35994, NO_OSLO_50304 X-Firefox-Spdy: h2

	www.canva.com/pricing/?clickId=RTSTfr0wcxyPR7TQ1CxahX8JUkAS6hXGXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1	104.16.226.10	200 OK	79 kB
URL GET HTTP/2 www.canva.com/pricing/?clickId=RTSTfr0wcxyPR7TQ1CxahX8JUkAS6hXGXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1 IP 104.16.226.10:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectcanva.com Fingerprint8D:56:56:B1:8C:A2:08:39:DA:13:0E:67:84:12:9E:CC:B9:33:76:2F ValidityFri, 21 Apr 2023 00:00:00 GMT - Sat, 20 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (63410) Size 79 kB (78801 bytes) Hash 96407fddcdc8e60929fa39e5f21870ae a794ce20248ecae467f61dc8930d02e36ad7a9e4 ec680ab868cfe0514709c8c0d966b39cccfb25055ca3e64d3b1e2cdb42dfeb4b HTTP Headers `GET /pricing/?clickId=RTSTfr0wcxyPR7TQ1CxahX8JUkAS6hXGXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1 HTTP/1.1 Host: www.canva.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html;charset=utf-8 cf-ray: 7d0f62dc79ddb509-OSL cf-cache-status: DYNAMIC cache-control: no-cache, no-store content-language: en expires: Thu, 01 Jan 1970 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Accept-Encoding content-security-policy: frame-ancestors https://canvateam.zendesk.com https://phoenix.canva.com;, base-uri 'self'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-IBpvSf/JRGgNNflvyh0Ejw'; report-uri https://csp.canva.com/_cspreport?requestId=7d0f62dc79ddb509&app=pricing&policyHash=406548de pragma: No-cache referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-frame-options: deny x-request-id: 7d0f62dc79ddb509 x-xss-protection: 1; mode=block report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=an824GCcV0gkBdMRjThNM7seZku131%2FGVFL1v0s7B%2F5xiISuAHoxxT%2BIqsP7K6s3PLboOaQu554%2BpAd1ul0YTsY2Fzp%2Fx9RjqrhixnmPMWBCAKNxZUGuO78LFF1clUg%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} set-cookie: CDI=ac75960f-b33c-4f9e-9a2c-41144d9d4141; Path=/; Expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; Secure; HttpOnly; SameSite=None CAI=0d8f8cf3-4bdb-4d87-b8eb-5eb757f04b5c; Path=/; Domain=.canva.com; Expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; Secure; SameSite=None CPA=W5Ku8wMlnTThcCR2ENxc7B9Y0lqnwvPPzcuQKCeYyk6WqLmULenvV_p__ztuQ78oCi750z6kOR5_CXmtviCmEaiFtIhePHib-iQsz_am2MGMyyu5m1BVILNh5HEniRsS8m5RU8efU1ZUhpSmhXICVNgQyBMgwigFRseGRIXrWOKPzEvEGlmFeVqLJcubOnUn8o6Yh91s_jnZQCIu4-ATYe3nl_GYLYDyrMz6IdHcH3E9dn-ReTyiAgzJC0spZYIHp73tqq_ue_hUCk-9Rtw3_5vHh0U-mQkEQTtiU46Uc1zN171W; Path=/; Expires=Fri, 02-Jun-2023 14:34:15 GMT; Max-Age=10800; Secure; HttpOnly; SameSite=None CCK=DlykPpjcWPkUk9vVnIpWDw; Path=/; Expires=Fri, 02-Jun-2023 14:34:15 GMT; Max-Age=10800; Secure; HttpOnly; SameSite=None __cf_bm=lZfsX1lTLwW_Zv3EVomUHdlYPyF3.yqDK8nxDqHwRoY-1685705656-0-AYfaohjvas5cO9+H4rRLXQxDiLxVr0JItTvIzMAZzEGB5g2ta3qKvLWWwLelp1hILZ1vx0JqvxrjtJINjF7ctnA=; path=/; expires=Fri, 02-Jun-23 12:04:16 GMT; domain=.canva.com; HttpOnly; Secure; SameSite=None __cfruid=8a5a8339d48c3621c0e959b29445ee516b302535-1685705656; path=/; domain=.canva.com; HttpOnly; Secure; SameSite=None server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp2.globalsign.com/gsorganizationvalsha2g2	104.18.20.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g2 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1459 bytes) Hash a80a6b5f8de995a2ddb4668fed969d3a d6b57eaa538e877bf0b78f3c061b16e7941e087b 8854006dbb55a6f2ac2eb8ec0d8ac4e8e57c801971ac8ed0216762b4c75cd1ea HTTP Headers `POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:17 GMT Content-Type: application/ocsp-response Content-Length: 1459 Connection: keep-alive Expires: Tue, 06 Jun 2023 10:24:53 GMT ETag: "d6b57eaa538e877bf0b78f3c061b16e7941e087b" Last-Modified: Fri, 02 Jun 2023 10:24:54 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 3222 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f62e64d44b4f7-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g2	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g2 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1459 bytes) Hash a80a6b5f8de995a2ddb4668fed969d3a d6b57eaa538e877bf0b78f3c061b16e7941e087b 8854006dbb55a6f2ac2eb8ec0d8ac4e8e57c801971ac8ed0216762b4c75cd1ea HTTP Headers `POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:17 GMT Content-Type: application/ocsp-response Content-Length: 1459 Connection: keep-alive Expires: Tue, 06 Jun 2023 10:24:53 GMT ETag: "d6b57eaa538e877bf0b78f3c061b16e7941e087b" Last-Modified: Fri, 02 Jun 2023 10:24:54 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 3222 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f62e64b1eb527-OSL`

	vast.yomeno.xyz/vast	109.206.175.85	204 No Content	4.3 kB
URL OPTIONS HTTP/2 vast.yomeno.xyz/vast IP 109.206.175.85:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectvast.yomeno.xyz Fingerprint13:5C:08:D5:3E:F3:37:AC:41:C6:11:A5:10:49:63:DF:DB:41:C5:5E ValiditySun, 28 May 2023 03:08:58 GMT - Sat, 26 Aug 2023 03:08:57 GMT File type gzip compressed data, from Unix\012- data Size 4.3 kB (4287 bytes) Hash e8e56a4448075910574cdc195b2c81f8 75860fff5ca7e8c0ee4c51099e97c254a3a27364 ca7fa08405364b091ae967fd0fdc5ab6310b1472be72f764cbbd951a20aad934 HTTP Headers `POST /vast HTTP/1.1 Host: vast.yomeno.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json;charset=utf-8 Content-Length: 933 Origin: https://javmec.me DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: application/json; charset=utf-8 cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: Accept-Encoding, * access-control-allow-credentials: true access-control-allow-origin: https://javmec.me access-control-expose-headers: Content-Length,Content-Range content-encoding: gzip X-Firefox-Spdy: h2`

	accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHHHt6iH_ECV6xlvhcas6c02Fdeq6HGvvwg1hSjqrqoEwPj2n0UnuiskvIaQ_0Cy7BtN6arsA	142.250.74.109	302 Found	403 B
URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHHHt6iH_ECV6xlvhcas6c02Fdeq6HGvvwg1hSjqrqoEwPj2n0UnuiskvIaQ_0Cy7BtN6arsA IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://javmec.me/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (392) Size 403 B (403 bytes) Hash 0cd778d101d02b49aafeb21deecfdadc ca6183969f8c4c45e8661bff35e5d342374e79f2 bcc115f2a615e4a92e00d7f873df180f2a6a9ee414a5276a84aa20cb4362d592 HTTP Headers GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHHHt6iH_ECV6xlvhcas6c02Fdeq6HGvvwg1hSjqrqoEwPj2n0UnuiskvIaQ_0Cy7BtN6arsA HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 302 Found content-type: text/html; charset=UTF-8 set-cookie: __Host-GAPS=1:-gVEBBfG1zDlao1hSefNtqzX1skScQ:yubz6LuuqwH8PK1Q;Path=/;Expires=Sun, 01-Jun-2025 11:34:17 GMT;Secure;HttpOnly;Priority=HIGH x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Fri, 02 Jun 2023 11:34:17 GMT location: https://accounts.google.com/v3/signin/identifier?dsh=S940405774%3A1685705657350422&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneEZ8-b6TqBV_iTyHWvCC8wkohQEUBRn1vESDpycGjTVzb6L68MZlhPhFJ-UOSTs7AtryXWPsg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin strict-transport-security: max-age=31536000; includeSubDomains report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-security-policy: script-src 'nonce-mcf0OIjio63haoMos1rbQA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 403 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	g.alicdn.com/secdev/entry/index.js	47.246.44.251	200 OK	2.5 kB
URL GET HTTP/2 g.alicdn.com/secdev/entry/index.js IP 47.246.44.251:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.tbcdn.cn Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1 ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT File type ASCII text, with very long lines (5549), with no line terminators Size 2.5 kB (2509 bytes) Hash d416b4b86cad7f41d7d2b452535953d8 390818349e9a71b665f6043bb6113699c7df5c82 57d4c26920cd0ad9b08926df40fe960a9249f82e17af8bb796940b87a4ce14fe HTTP Headers `GET /secdev/entry/index.js HTTP/1.1 Host: g.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 2509 date: Fri, 02 Jun 2023 11:01:59 GMT vary: Accept-Encoding x-oss-request-id: 6479CC2794D6E939379BC6FA x-oss-object-type: Normal x-oss-hash-crc64ecma: 4124847400620562986 x-oss-storage-class: Standard cache-control: max-age=7200,s-maxage=3600 content-md5: 1Ba0uGytf0HX0rRSU1lT2A== x-oss-server-time: 1 content-encoding: gzip access-control-allow-origin: * x-bucket-code: 3 ali-swift-global-savetime: 1685703719 via: cache21.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache19.l2de2[1,0], cache1.se1[0,0,200-0,H], cache7.se1[1,0] age: 1938 x-cache: HIT TCP_MEM_HIT dirn:11:38957403 x-swift-savetime: Fri, 02 Jun 2023 11:01:59 GMT x-swift-cachetime: 3600 timing-allow-origin: * eagleid: 2ff62c9b16857056573615906e X-Firefox-Spdy: h2

	g.alicdn.com/aes/??tracker/1.0.34/index.js,tracker-plugin-event/1.2.5/index.js,tracker-plugin-jserror/1.0.13/index.js,tracker-plugin-api/1.1.14/index.js,tracker-plugin-perf/1.1.8/index.js,tracker-plugin-eventTiming/1.0.4/index.js,tracker-plugin-pv/2.4.5/index.js,tracker-plugin-blank/1.0.0/index.js,tracker-plugin-autolog/1.0.21/index.js	47.246.44.251	200 OK	26 kB
URL GET HTTP/2 g.alicdn.com/aes/??tracker/1.0.34/index.js,tracker-plugin-event/1.2.5/index.js,tracker-plugin-jserror/1.0.13/index.js,tracker-plugin-api/1.1.14/index.js,tracker-plugin-perf/1.1.8/index.js,tracker-plugin-eventTiming/1.0.4/index.js,tracker-plugin-pv/2.4.5/index.js,tracker-plugin-blank/1.0.0/index.js,tracker-plugin-autolog/1.0.21/index.js IP 47.246.44.251:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.tbcdn.cn Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1 ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT File type Unicode text, UTF-8 text, with very long lines (65494), with no line terminators Size 26 kB (25843 bytes) Hash 208f3e20731aa02bc02faab1410f751f a8bbca6ad8cce4c3356f070d8b012ac476a347f7 88e90b6cee2e482fdc7b6ba16709a0cc5259f62b922c0b43dd27213fa52118b5 HTTP Headers GET /aes/??tracker/1.0.34/index.js,tracker-plugin-event/1.2.5/index.js,tracker-plugin-jserror/1.0.13/index.js,tracker-plugin-api/1.1.14/index.js,tracker-plugin-perf/1.1.8/index.js,tracker-plugin-eventTiming/1.0.4/index.js,tracker-plugin-pv/2.4.5/index.js,tracker-plugin-blank/1.0.0/index.js,tracker-plugin-autolog/1.0.21/index.js HTTP/1.1 Host: g.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 25843 date: Thu, 01 Jun 2023 13:49:20 GMT vary: Accept-Encoding x-oss-request-id: 6478A1E0D7AA7A30311DA105 x-oss-object-type: Normal x-oss-hash-crc64ecma: 14157739603154525209 x-oss-storage-class: Standard cache-control: max-age=2592000,s-maxage=86400 content-md5: YaSdKZFnhdDkpkTJTXgyyw== x-oss-server-time: 20 access-control-allow-origin: * x-bucket-code: 3 content-encoding: gzip ali-swift-global-savetime: 1685627360 via: cache11.l2de2[0,0,200-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache4.se1[0,0,200-0,H], cache7.se1[1,0] age: 78297 x-cache: HIT TCP_MEM_HIT dirn:4:444804185 x-swift-savetime: Thu, 01 Jun 2023 13:49:24 GMT x-swift-cachetime: 86396 timing-allow-origin: * eagleid: 2ff62c9b16857056573645910e X-Firefox-Spdy: h2

	assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2	104.110.21.4	200 OK	8.9 kB
URL GET HTTP/2 assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 8892, version 1.0\012- data Size 8.9 kB (8892 bytes) Hash 8e3f978a77d191a9e7f94ff9e7090085 8aa9bf7e29101b1bb719e1b95d0ebf3fec801f60 8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167 HTTP Headers GET /g/ae-fe/static-ui/open-sans/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://assets.alicdn.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: Tengine content-type: font/woff2 content-length: 8892 x-oss-request-id: 644CC9923074EF37366D57B8 accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 838915909867765876 x-oss-storage-class: Standard content-md5: jj+XinfRkann+U/55wkAhQ== x-oss-server-time: 38 access-control-allow-origin: * x-source-scheme: https ali-swift-global-savetime: 1682753938 x-swift-savetime: Sat, 29 Apr 2023 07:39:38 GMT x-swift-cachetime: 3560 timing-allow-origin: * eagleid: 2ff62c9816827544248986918e served-from: 104.123.68.190 cache-control: max-age=1973050, s-maxage=3600 date: Fri, 02 Jun 2023 11:34:17 GMT network_info: NO_OSLO_50304 X-Firefox-Spdy: h2

	assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2	104.110.21.4	200 OK	8.8 kB
URL GET HTTP/2 assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 8800, version 1.0\012- data Size 8.8 kB (8800 bytes) Hash 7631d9dc713cd0544300c5aef9394f54 31223824922afeffe5349644e3f5ab82ebec197d fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be HTTP Headers GET /g/ae-fe/static-ui/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://assets.alicdn.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: Tengine content-type: font/woff2 content-length: 8800 x-oss-request-id: 6443ACB6B6301D393090DDFB accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 622431805556229219 x-oss-storage-class: Standard content-md5: djHZ3HE80FRDAMWu+TlPVA== x-oss-server-time: 41 access-control-allow-origin: * x-source-scheme: https ali-swift-global-savetime: 1682156726 x-swift-savetime: Sat, 22 Apr 2023 09:50:45 GMT x-swift-cachetime: 3281 timing-allow-origin: * eagleid: 2ff62c9916821573534564769e served-from: 104.123.68.221 cache-control: max-age=1199598, s-maxage=3600 date: Fri, 02 Jun 2023 11:34:17 GMT network_info: NO_OSLO_50304 X-Firefox-Spdy: h2

	get.mona.co/1mLxRmFn1bb	52.52.241.59	307 Temporary Redirect	0 B
URL GET HTTP/1.1 get.mona.co/1mLxRmFn1bb IP 52.52.241.59:443 ASN #16509 AMAZON-02 Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectget.mona.co FingerprintD4:CE:0B:05:6A:19:46:ED:F3:47:AC:CC:05:E5:34:B4:28:61:15:FB ValidityWed, 31 May 2023 10:15:05 GMT - Tue, 29 Aug 2023 10:15:04 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /1mLxRmFn1bb HTTP/1.1 Host: get.mona.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 307 Temporary Redirect Server: openresty Date: Fri, 02 Jun 2023 11:34:17 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: _s=t9DmqSPmmTKGmdMPM6mxtfblw%2BcGuGtj2EqhncuJ526AhK13P0mk1EABL7I%2BVJ55; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Sat, 01 Jun 2024 11:34:17 GMT; Secure Location: https://monaco.app.link/1mLxRmFn1bb?_p=c91529cb981c60f2fc1c8bf9 Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-CH: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model

	assets.alicdn.com/g/??AWSC/AWSC/awsc.js,sd/baxia-entry/baxiaCommon.js	104.110.21.4	200 OK	5.4 kB
URL GET HTTP/2 assets.alicdn.com/g/??AWSC/AWSC/awsc.js,sd/baxia-entry/baxiaCommon.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (15491) Size 5.4 kB (5436 bytes) Hash 3f6cf4c9dbdd118075b443609bbf89d5 dd2757296b54489c6f0242e81c77a6fa28c620db 490e9d488cf632536bb3ebbec7ec43f652ee46e007ac05900754ae355b56afa7 HTTP Headers `GET /g/??AWSC/AWSC/awsc.js,sd/baxia-entry/baxiaCommon.js HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 5436 x-oss-request-id: 6479CDB91FC42232326C08CD x-oss-object-type: Normal x-oss-hash-crc64ecma: 7512433114953199032 x-oss-storage-class: Standard content-md5: BczYKGDxrWPTJpa3tsDOFA== x-oss-server-time: 3 access-control-allow-origin: * x-source-scheme: https content-encoding: gzip ali-swift-global-savetime: 1685704121 x-swift-savetime: Fri, 02 Jun 2023 11:09:21 GMT x-swift-cachetime: 3560 timing-allow-origin: * eagleid: 2ff62c9516857041618332524e served-from: 104.123.68.196 cache-control: max-age=5639, s-maxage=3600 date: Fri, 02 Jun 2023 11:34:17 GMT vary: Accept-Encoding network_info: NO_OSLO_50304 X-Firefox-Spdy: h2

	assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js	104.110.21.4	200 OK	10 kB
URL GET HTTP/2 assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type C source, ASCII text, with very long lines (25618) Size 10 kB (10282 bytes) Hash 1f3c9908a1b02ee25855afd8c80ba114 721179b53195dcabf257a3ec06b1dbb5121cec9f 8b702343ff64cd45af9d6524822d30ccb997da05d1b08ce92ded3703c5012859 HTTP Headers `GET /g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 10282 x-oss-request-id: 6479CD56C601333439AA2E2B x-oss-object-type: Normal x-oss-hash-crc64ecma: 15290110112012039273 x-oss-storage-class: Standard content-md5: gygBRN2M4MlVRBr7rF/+vA== x-oss-server-time: 44 access-control-allow-origin: * x-source-scheme: https content-encoding: gzip ali-swift-global-savetime: 1685704023 x-swift-savetime: Fri, 02 Jun 2023 11:28:17 GMT x-swift-cachetime: 526 timing-allow-origin: * eagleid: 2ff62c9b16857052976556129e cache-control: max-age=1920, s-maxage=1800 date: Fri, 02 Jun 2023 11:34:17 GMT vary: Accept-Encoding network_info: NO_OSLO_50304 served-from: 23.36.77.199 X-Firefox-Spdy: h2

	assets.alicdn.com/g/secdev/sufei_data/3.9.0/index.js	104.110.21.4	200 OK	6.7 kB
URL GET HTTP/2 assets.alicdn.com/g/secdev/sufei_data/3.9.0/index.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (17418), with no line terminators Size 6.7 kB (6695 bytes) Hash bfacb8c26526cf210b2db63b2539beda 243d88307a46e63d3cb4f65eb44a91453faedcf6 5df942f1b2d4d42480553a6f9f0500e64cc499e2ca026f0268a25e7030083162 HTTP Headers `GET /g/secdev/sufei_data/3.9.0/index.js HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-type: application/javascript access-control-allow-origin: * ali-swift-global-savetime: 1679588283 content-encoding: br content-md5: v6y4wmUmzyELLbY7JTm+2g== eagleid: 082d34a816795883293053005e last-modified: Thu, 23 Mar 2023 16:18:49 GMT served-from: 23.44.237.141 server: Akamai Resource Optimizer timing-allow-origin: * x-source-scheme: https x-swift-cachetime: 3554 x-swift-savetime: Thu, 23 Mar 2023 16:18:49 GMT x-oss-hash-crc64ecma: 11427884514220853186 x-oss-object-type: Normal x-oss-request-id: 641C7BBBC075263830DC082C x-oss-server-time: 3 x-oss-storage-class: Standard content-length: 6695 cache-control: max-age=1131633, s-maxage=3600 expires: Thu, 15 Jun 2023 13:54:50 GMT date: Fri, 02 Jun 2023 11:34:17 GMT network_info: US_CHICAGO_35994, NO_OSLO_50304 X-Firefox-Spdy: h2

	assets.alicdn.com/g/ae-fe/login-ui/0.0.70/zoro-gep-sdk-H4PFq.js	104.110.21.4	200 OK	12 kB
URL GET HTTP/2 assets.alicdn.com/g/ae-fe/login-ui/0.0.70/zoro-gep-sdk-H4PFq.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (37091) Size 12 kB (11902 bytes) Hash 9bc33f8946f7a15b447c5fb542d6efcf 44f62e2461c6359f61433952cc4b43234c19bb32 7de4fcbcb257f88d2f071b48c3adef82b2160eccf958ba1a6db42a95d910c6ed HTTP Headers `GET /g/ae-fe/login-ui/0.0.70/zoro-gep-sdk-H4PFq.js HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-type: application/javascript access-control-allow-origin: * ali-swift-global-savetime: 1684983504 content-encoding: br content-md5: m8M/iUb3oVtEfF+1Qtbvzw== eagleid: a3b55c9e16849835034625427e last-modified: Thu, 25 May 2023 02:58:49 GMT served-from: 104.94.100.148 server: Akamai Resource Optimizer timing-allow-origin: * x-source-scheme: https x-swift-cachetime: 86400 x-swift-savetime: Thu, 25 May 2023 02:58:24 GMT x-oss-hash-crc64ecma: 842839853269425343 x-oss-object-type: Normal x-oss-request-id: 646ECED09E3C3E3036A8225D x-oss-server-time: 38 x-oss-storage-class: Standard content-length: 11902 cache-control: max-age=1869796, s-maxage=86400 expires: Sat, 24 Jun 2023 02:57:33 GMT date: Fri, 02 Jun 2023 11:34:17 GMT network_info: US_CHICAGO_35994, NO_OSLO_50304 X-Firefox-Spdy: h2

	g.alicdn.com/secdev/sufei_data/3.9.10/index.js	47.246.44.251	200 OK	7.6 kB
URL GET HTTP/2 g.alicdn.com/secdev/sufei_data/3.9.10/index.js IP 47.246.44.251:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.tbcdn.cn Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1 ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT File type ASCII text, with very long lines (17690), with no line terminators Size 7.6 kB (7571 bytes) Hash 0ad4251158abb9d73a55ab7dd24fbf66 350d23bc2e5036ac20a9513d7d30a8e7391916c4 8a978233505986e37cf952a7656e6c31f4a8d13902d76c68f28de30bf9f1d57c HTTP Headers `GET /secdev/sufei_data/3.9.10/index.js HTTP/1.1 Host: g.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 7571 date: Thu, 01 Jun 2023 13:17:46 GMT vary: Accept-Encoding x-oss-request-id: 64789A7A01FB553331C4B2B6 x-oss-object-type: Normal x-oss-hash-crc64ecma: 13500841233386616122 x-oss-storage-class: Standard cache-control: max-age=2592000,s-maxage=86400 content-md5: CtQlEVirudc6Vat90k+/Zg== x-oss-server-time: 1 content-encoding: gzip access-control-allow-origin: * x-bucket-code: 3 ali-swift-global-savetime: 1685625466 via: cache21.l2de2[0,0,200-0,H], cache4.l2de2[0,0], cache4.l2de2[1,0], cache3.se1[0,0,200-0,H], cache7.se1[0,0] age: 80191 x-cache: HIT TCP_MEM_HIT dirn:1:94524488 x-swift-savetime: Thu, 01 Jun 2023 13:17:46 GMT x-swift-cachetime: 86400 timing-allow-origin: * eagleid: 2ff62c9b16857056576506231e X-Firefox-Spdy: h2

	g.alicdn.com/??xlly/spl/rp.js,secdev/nsv/1.0.87/ns_f_95_3_n.js?v=1	47.246.44.251	200 OK	58 kB
URL GET HTTP/2 g.alicdn.com/??xlly/spl/rp.js,secdev/nsv/1.0.87/ns_f_95_3_n.js?v=1 IP 47.246.44.251:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.tbcdn.cn Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1 ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT File type data Size 58 kB (58502 bytes) Hash 17db7067be7673ff20a0e5330001fb57 eaf7a827b5b835e7ca438ee18089a0f67a647a69 d13527c97629c2533aace904cdb35174cb2efa89805006b1a63137348589c43d HTTP Headers `GET /??xlly/spl/rp.js,secdev/nsv/1.0.87/ns_f_95_3_n.js?v=1 HTTP/1.1 Host: g.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 58502 date: Thu, 01 Jun 2023 13:02:59 GMT vary: Accept-Encoding x-oss-request-id: 64789703D546093633CE2F32 x-oss-object-type: Normal x-oss-hash-crc64ecma: 16118199083463912186 x-oss-storage-class: Standard cache-control: max-age=86400,s-maxage=86400 content-md5: xWa3V2X33BPyIBIBPhn6Vg== x-oss-server-time: 21 access-control-allow-origin: * x-bucket-code: 3 content-encoding: gzip ali-swift-global-savetime: 1685624579 via: cache23.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache5.se1[0,0,200-0,H], cache7.se1[2,0] age: 81078 x-cache: HIT TCP_MEM_HIT dirn:4:359858990 x-swift-savetime: Thu, 01 Jun 2023 13:02:59 GMT x-swift-cachetime: 86400 timing-allow-origin: * eagleid: 2ff62c9b16857056576516234e X-Firefox-Spdy: h2

	g.alicdn.com/AWSC/et/1.62.7/et_n.js	47.246.44.251	200 OK	37 kB
URL GET HTTP/2 g.alicdn.com/AWSC/et/1.62.7/et_n.js IP 47.246.44.251:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.tbcdn.cn Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1 ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT File type data Size 37 kB (37291 bytes) Hash 97b6c61e26db08c305205b68cdf68ac8 ae0a900042897de3cdb8a6e8317bc19686bcea6f 23efaab0233a71426cdfe8398921fae6c9d19b43db05f5e61800141dc90d449d HTTP Headers `GET /AWSC/et/1.62.7/et_n.js HTTP/1.1 Host: g.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 37291 date: Thu, 01 Jun 2023 13:31:21 GMT vary: Accept-Encoding x-oss-request-id: 64789DA9E477A237345BA79B x-oss-object-type: Normal x-oss-hash-crc64ecma: 8759877793609080201 x-oss-storage-class: Standard cache-control: max-age=2592000,s-maxage=86400 content-md5: l7bGHibbCMMFIFtozfaKyA== x-oss-server-time: 28 content-encoding: gzip access-control-allow-origin: * x-bucket-code: 3 ali-swift-global-savetime: 1685626281 via: cache19.l2de2[0,0,200-0,H], cache4.l2de2[1,0], cache4.l2de2[1,0], cache8.se1[0,0,200-0,H], cache7.se1[1,0] age: 79376 x-cache: HIT TCP_MEM_HIT dirn:11:8022102 x-swift-savetime: Thu, 01 Jun 2023 13:31:21 GMT x-swift-cachetime: 86400 timing-allow-origin: * eagleid: 2ff62c9b16857056576546236e X-Firefox-Spdy: h2

	assets.alicdn.com/g/??/sd/baxia/2.5.0/baxiaCommon.js	104.110.21.4	200 OK	10 kB
URL GET HTTP/2 assets.alicdn.com/g/??/sd/baxia/2.5.0/baxiaCommon.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type C source, Unicode text, UTF-8 text, with very long lines (26436) Size 10 kB (10540 bytes) Hash b3dd0e1ac2e9a5a51ce4b08dc537dfcc 324d7b125fdfc6e24383407212f5be3559a41859 25b330da2bc7a79e58107c7f720989e31f2e143d064c631a2776ad3a86bb6e31 HTTP Headers `GET /g/??/sd/baxia/2.5.0/baxiaCommon.js HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 10540 x-oss-request-id: 644BF20E1DB7263536376EB7 x-oss-object-type: Normal x-oss-hash-crc64ecma: 14796409380524246032 x-oss-storage-class: Standard content-md5: s90OGsLppaUc5LCNxTffzA== x-oss-server-time: 2 access-control-allow-origin: * x-source-scheme: https content-encoding: gzip ali-swift-global-savetime: 1682698766 x-swift-savetime: Sat, 29 Apr 2023 07:47:02 GMT x-swift-cachetime: 30744 timing-allow-origin: * eagleid: 2ff62c9616827544227696535e served-from: 104.123.68.213 cache-control: max-age=1917945, s-maxage=86400 date: Fri, 02 Jun 2023 11:34:17 GMT vary: Accept-Encoding network_info: NO_OSLO_50304 X-Firefox-Spdy: h2

	www.hotelscombined.com/	151.101.1.29	200 OK	135 kB
URL GET HTTP/2 www.hotelscombined.com/ IP 151.101.1.29:443 ASN #54113 FASTLY Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectwww.hotelscombined.com FingerprintFB:61:D9:B6:8A:F1:04:88:73:94:65:D2:00:57:E4:95:74:D4:0B:5E ValidityThu, 18 May 2023 11:08:43 GMT - Wed, 16 Aug 2023 11:08:42 GMT File type data Size 135 kB (134768 bytes) Hash 4b60d33d7aca6e88fbe03eb4284cdff9 54e51bf335713301d9b26ea6d1098601f50cb950 fe2f119665a937925e1a330248a4a045c2b9db5caf1bf4bc41f06e7d921c2c6b HTTP Headers GET / HTTP/1.1 Host: www.hotelscombined.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Cookie: Apache=W1oqmg-AAABiHvjBjU-57-JakRGw; cluster=4; kayak=HNeZMkRlqHCNqXrlNNic; p1.med.sid=R-4L6xyrwhwypnJo1IPus3A-6HCbcvFqy3c8mxIdDq2WAiZ5DqW0j9TpHxNKv2bHy; kanid=; kanlabel=; a_aid=172493; brandId=; label=; languageCode=EN; currencyCode=USD; kmkid=AgizDM_Ao4QfI4qXykS6mYU; Mobile=0; visitor=id=42975dc5-e66c-47bb-9c40-964deb4b9ad5&tracked=false; visit=date=2023-06-02T21:34:15.885858741+10:00&id=b12c9ab2-ce86-4613-98ab-9080ecfdbbe3; QueryBasedAffiliate=11; kayak.mc=ATDiw4_9R-qFAvXKRbjyjh4K2syqZN95ac1H4LOEN0mQ09cHIdElHhiiCNLl5rY7Yg9ecmS-ChrdEWCMZplw5ggtJyl2jdF_KhMBvOolcRfekt8kgw2717_x6rr8ITPgCaRQq5TQB-IbRrIoryjG_7em9ZOPay3t5GgD8J3sTjx5dTtZdwZOY34y6GBnuT3pXLI98eAhvODYdmQcwHfG6lA1AV5_iGJ2H9FFTH1S5ZVzIf7w55DWgluH6XnC12H1fosXjWwM3JgKlLrPeqGVCqW2NSks3qCrUMJvdiExqr2eqnTszawYrQvL_9uwbetQ4g Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK set-cookie: Apache=W1oqmg-AAABiHvjBjU-57-JakRGw; Max-Age=86400000; Expires=Thu, 26 Feb 2026 11:34:16 GMT; Path=/; Secure; HTTPOnly; SameSite=None cluster=4; Max-Age=2700; Expires=Fri, 02 Jun 2023 12:19:16 GMT; Path=/; Secure; HTTPOnly; SameSite=None kanid=; Path=/; Secure; HTTPOnly; SameSite=None kanlabel=; Path=/; Secure; HTTPOnly; SameSite=None a_aid=; Path=/; Secure; HTTPOnly; SameSite=None brandId=; Path=/; Secure; HTTPOnly; SameSite=None label=; Path=/; Secure; HTTPOnly; SameSite=None languageCode=EN; Max-Age=946080000; Expires=Sun, 25 May 2053 11:34:16 GMT; Path=/; Secure; HTTPOnly; SameSite=None currencyCode=USD; Max-Age=946080000; Expires=Sun, 25 May 2053 11:34:16 GMT; Path=/; Secure; HTTPOnly; SameSite=None languageCode=EN; Max-Age=946080000; Expires=Sun, 25 May 2053 11:34:16 GMT; Path=/; Secure; HTTPOnly; SameSite=None currencyCode=USD; Max-Age=946080000; Expires=Sun, 25 May 2053 11:34:16 GMT; Path=/; Secure; HTTPOnly; SameSite=None mst_iBfK2g=BoGBtVHGwvDyaZepHR6MOpNUMAI_Tywd8yhViXS0-uOgi00XAEzX6uhwOjdMm0rLXnvTrZ8B1K5ER34yIh_LTg; Expires=Fri, 02 Jun 2023 11:49:17 GMT; Path=/; HttpOnly csid=2a5d75d3-15cd-47ce-ae47-8a14947be231; path=/; Secure; SameSite=Strict; content-encoding: br content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: origin-when-cross-origin content-security-policy-report-only: default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https: data:; worker-src blob:; report-uri /s/run/cspreport/reportHttp dnt: 1 feature-policy: camera 'none'; microphone 'none'; midi 'none'; usb 'none'; geolocation 'self' content-language: en-US server: KAYAK/1.0 content-type: text/html;charset=UTF-8 x-sn-waf-code: accept-ranges: bytes date: Fri, 02 Jun 2023 11:34:17 GMT vary: Accept-Encoding cache-control: private, no-store X-Firefox-Spdy: h2

	aeis.alicdn.com/AWSC/uab/1.140.0/collina.js	104.110.21.4	200 OK	119 kB
URL GET HTTP/2 aeis.alicdn.com/AWSC/uab/1.140.0/collina.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type data Size 119 kB (119440 bytes) Hash 75fb6b94dcb3a9c89abb59a3ffd7546f 96101820857ef511ba83017e928aeeb88353b162 04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58 HTTP Headers `GET /AWSC/uab/1.140.0/collina.js HTTP/1.1 Host: aeis.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 119440 x-oss-request-id: 6464CEB6B0E0E7333712CD38 x-oss-object-type: Normal x-oss-hash-crc64ecma: 17940526130122019226 x-oss-storage-class: Standard content-md5: dftrlNyzqciau1mj/9dUbw== x-oss-server-time: 6 x-source-scheme: https content-encoding: gzip ali-swift-global-savetime: 1684328118 x-swift-savetime: Wed, 17 May 2023 18:04:24 GMT x-swift-cachetime: 67854 eagleid: 2ff62c9b16843466639526205e served-from: 104.123.68.189 cache-control: max-age=1214473, s-maxage=86400 expires: Fri, 16 Jun 2023 12:55:30 GMT date: Fri, 02 Jun 2023 11:34:17 GMT vary: Accept-Encoding network_info: NO_OSLO_50304 timing-allow-origin: , access-control-allow-origin: * access-control-expose-headers: FW_IP fw_ip: 104.110.21.4 X-Firefox-Spdy: h2

	accounts.google.com/v3/signin/identifier?dsh=S940405774%3A1685705657350422&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneEZ8-b6TqBV_iTyHWvCC8wkohQEUBRn1vESDpycGjTVzb6L68MZlhPhFJ-UOSTs7AtryXWPsg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin	142.250.74.109	403 Forbidden	47 kB
URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S940405774%3A1685705657350422&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneEZ8-b6TqBV_iTyHWvCC8wkohQEUBRn1vESDpycGjTVzb6L68MZlhPhFJ-UOSTs7AtryXWPsg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://javmec.me/ Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32006) Size 47 kB (47062 bytes) Hash ed5c3c8c67258fb4cf6e714ac34753d8 935fcbdc16673c6e1fac8b9b7d4b1ca924f73457 eb2751abcfb2038a89645f2f50b31aefbd2a06eecfedabdfea03e24281f4e4b8 HTTP Headers GET /v3/signin/identifier?dsh=S940405774%3A1685705657350422&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&ffgf=1&hl=en&ifkv=Af_xneEZ8-b6TqBV_iTyHWvCC8wkohQEUBRn1vESDpycGjTVzb6L68MZlhPhFJ-UOSTs7AtryXWPsg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Fri, 02 Jun 2023 11:34:17 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi" content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-VIIYSMRZWAZUXfIcze38ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]} accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factor=, ch-ua-platform=, ch-ua-platform-version=* content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	instaforex.org/	195.201.188.46	200 OK	100 kB
URL GET HTTP/2 instaforex.org/ IP 195.201.188.46:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectinstaforex.org Fingerprint7C:99:64:79:61:BB:CF:62:34:52:D0:57:CD:C9:9B:64:DE:35:93:0D ValiditySun, 09 Apr 2023 12:00:19 GMT - Sat, 08 Jul 2023 12:00:18 GMT File type gzip compressed data, from Unix\012- data Size 100 kB (100342 bytes) Hash 26cfb3b8f91480248cab1c523aebbe5b 1508de88afb6ddda29bf5f821f88fb9128c3a7ac 6647b063a8359fcde83e5c396ead6ac50a11191becf287762a665ee676e0b1c6 HTTP Headers `GET / HTTP/1.1 Host: instaforex.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:17 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding x-powered-by: PHP/7.3.33 set-cookie: cookie1h=1; expires=Fri, 02-Jun-2023 12:34:17 GMT; Max-Age=3600; path=/ cookie24h=1; expires=Sat, 03-Jun-2023 11:34:17 GMT; Max-Age=86400; path=/ cookieForever=1; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/ lang=en; expires=Sun, 02-Jul-2023 11:34:17 GMT; Max-Age=2592000; path=/; domain=.instaforex.org PHPSESSID=s80rnhn4q9j8cfe5k3u0s79ukt; path=/ criteoPatrnersTimestamp=1685705687; expires=Mon, 30-May-2033 11:34:17 GMT; Max-Age=315360000; path=/ criteoTimestamp=1685705687; expires=Mon, 30-May-2033 11:34:17 GMT; Max-Age=315360000; path=/ expires: Fri, 02 Jun 2023 11:34:16 GMT pragma: no-cache cache-control: no-cache strict-transport-security: max-age=31536000; x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block content-encoding: gzip X-Firefox-Spdy: h2

	ae01.alicdn.com/kf/H44c0698a1944450a9ac158772a32fe1aN.png	47.246.44.251	200 OK	24 kB
URL GET HTTP/2 ae01.alicdn.com/kf/H44c0698a1944450a9ac158772a32fe1aN.png IP 47.246.44.251:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.tbcdn.cn Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1 ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT File type PNG image data, 64 x 723, 8-bit/color RGBA, non-interlaced\012- data Size 24 kB (24506 bytes) Hash b3380a13b09e44e90ec389fe576dca29 3a7a1def07c773101e560eba445df958ef26b058 873d4ea27e3132833fa2f3dc013d75b586cd7fdc9976013349b30cbaf6d6a1c9 HTTP Headers `GET /kf/H44c0698a1944450a9ac158772a32fe1aN.png HTTP/1.1 Host: ae01.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://assets.alicdn.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: image/png content-length: 24506 date: Sun, 18 Sep 2022 21:01:04 GMT traceid: 4f85b09716635348643247965e last-modified: Wed, 16 Sep 2020 08:46:51 GMT cache-control: max-age=86400000 access-control-allow-origin: * eagleeye-traceid: 4f85b09716635348643247965e strict-transport-security: max-age=0 timing-allow-origin: , ali-swift-global-savetime: 1663534864 via: cache5.l2us1[0,0,200-0,H], cache24.l2us1[0,0], cache1.se1[0,0,200-0,H], cache7.se1[3,0] age: 22170794 x-cache: HIT TCP_MEM_HIT dirn:4:148819805 x-swift-savetime: Fri, 26 May 2023 04:34:42 GMT x-swift-cachetime: 64859182 cdn-type: alibaba eagleid: 2ff62c9b16857056580636755e X-Firefox-Spdy: h2

	c40b17bdc6.00280181d0.com/health/	162.55.139.130	200 OK	0 B
URL GET HTTP/2 c40b17bdc6.00280181d0.com/health/ IP 162.55.139.130:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subject00280181d0.com Fingerprint9D:E4:44:C4:A1:EC:DA:C7:07:8B:14:52:FA:D4:1B:12:12:C2:35:5E ValidityTue, 30 May 2023 03:06:44 GMT - Mon, 28 Aug 2023 03:06:43 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /health/ HTTP/1.1 Host: c40b17bdc6.00280181d0.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:34:18 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * X-Firefox-Spdy: h2`

	c40b17bdc6.00280181d0.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkphdiUyQ1NleCUyQ1N0cmVhbWluZyUyQ09ubGluZSUyQ0hEJTJDQmVzdCUyQ0phcGFuZXNlJTJDUG9ybiUyQ0ZyZWUlMkMxMDgwcCUyQ0phdk1lYy5NZSUyQ1dhdGNoJTJDSkFWJTJDRlJFRSUyQ2NvbGxlY3Rpb24lMkNTZXglMkNWaWRlb3MlMkNIRCUyQ2Z1bGwlMkNTdHJlYW1pbmclMkNPbmxpbmUlMkMlRTIlOUMlODVDZW5zb3JlZCUyQ1VuY2Vuc29yZWQlMkMlRTIlOUMlODUlMkNKQVZNRUMlMkN3aXRoJTJDZnVsbCUyQ3RvcCUyQzElMkNyYXRlZCUyQ2FuZCUyQzUlMkNzdGFycyUyQ0phcGFuZXNlJTJDUG9ybiUyQ21vdmllcyUyQ2ZvciUyQ0ZyZWUlMkNmb3JldmVyLiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI2NTI1MjY1MDciLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0ODUzNywibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWEiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjQ4NTM3IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNGNiNzI1NjYwYzQzMDMxZTNiMDZjNzU4OTJkOTZjNWEiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY4NTcwNTY1ODEwNn19	162.55.139.130		0 B
URL GET c40b17bdc6.00280181d0.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkphdiUyQ1NleCUyQ1N0cmVhbWluZyUyQ09ubGluZSUyQ0hEJTJDQmVzdCUyQ0phcGFuZXNlJTJDUG9ybiUyQ0ZyZWUlMkMxMDgwcCUyQ0phdk1lYy5NZSUyQ1dhdGNoJTJDSkFWJTJDRlJFRSUyQ2NvbGxlY3Rpb24lMkNTZXglMkNWaWRlb3MlMkNIRCUyQ2Z1bGwlMkNTdHJlYW1pbmclMkNPbmxpbmUlMkMlRTIlOUMlODVDZW5zb3JlZCUyQ1VuY2Vuc29yZWQlMkMlRTIlOUMlODUlMkNKQVZNRUMlMkN3aXRoJTJDZnVsbCUyQ3RvcCUyQzElMkNyYXRlZCUyQ2FuZCUyQzUlMkNzdGFycyUyQ0phcGFuZXNlJTJDUG9ybiUyQ21vdmllcyUyQ2ZvciUyQ0ZyZWUlMkNmb3JldmVyLiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI2NTI1MjY1MDciLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0ODUzNywibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWEiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjQ4NTM3IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNGNiNzI1NjYwYzQzMDMxZTNiMDZjNzU4OTJkOTZjNWEiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY4NTcwNTY1ODEwNn19 IP 162.55.139.130:0 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subject00280181d0.com Fingerprint9D:E4:44:C4:A1:EC:DA:C7:07:8B:14:52:FA:D4:1B:12:12:C2:35:5E ValidityTue, 30 May 2023 03:06:44 GMT - Mon, 28 Aug 2023 03:06:43 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkphdiUyQ1NleCUyQ1N0cmVhbWluZyUyQ09ubGluZSUyQ0hEJTJDQmVzdCUyQ0phcGFuZXNlJTJDUG9ybiUyQ0ZyZWUlMkMxMDgwcCUyQ0phdk1lYy5NZSUyQ1dhdGNoJTJDSkFWJTJDRlJFRSUyQ2NvbGxlY3Rpb24lMkNTZXglMkNWaWRlb3MlMkNIRCUyQ2Z1bGwlMkNTdHJlYW1pbmclMkNPbmxpbmUlMkMlRTIlOUMlODVDZW5zb3JlZCUyQ1VuY2Vuc29yZWQlMkMlRTIlOUMlODUlMkNKQVZNRUMlMkN3aXRoJTJDZnVsbCUyQ3RvcCUyQzElMkNyYXRlZCUyQ2FuZCUyQzUlMkNzdGFycyUyQ0phcGFuZXNlJTJDUG9ybiUyQ21vdmllcyUyQ2ZvciUyQ0ZyZWUlMkNmb3JldmVyLiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI2NTI1MjY1MDciLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0ODUzNywibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWEiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjQ4NTM3IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL2phdm1lYy5tZS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNGNiNzI1NjYwYzQzMDMxZTNiMDZjNzU4OTJkOTZjNWEiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY4NTcwNTY1ODEwNn19 HTTP/1.1 Host: c40b17bdc6.00280181d0.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 302 Found server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:34:18 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * location: https://rtbrennab.com/banner/in/show/?mid=6636338014110048894&pid=0&site=48537&sc=NO&usage_type=DCH&subid=652526507&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javmec.me&hostname=auc-banner-hz-3&site_id=0&spot_id=48537&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=407&skin_test=&verify_hash=&score=85.84565740468115&ml=&tag_ab=c&v2=0&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D48537%26source%3D652526507%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D48537%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DJav%252CSex%252CStreaming%252COnline%252CHD%252CBest%252CJapanese%252CPorn%252CFree%252C1080p%252CJavMec.Me%252CWatch%252CJAV%252CFREE%252Ccollection%252CSex%252CVideos%252CHD%252Cfull%252CStreaming%252COnline%252C%25E2%259C%2585Censored%252CUncensored%252C%25E2%259C%2585%252CJAVMEC%252Cwith%252Cfull%252Ctop%252C1%252Crated%252Cand%252C5%252Cstars%252CJapanese%252CPorn%252Cmovies%252Cfor%252CFree%252Cforever.%2C%26spot_id%3D48537%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26katds_labels%3D%26btype%3D0%26score%3D85.84565740468115%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Jav%2CSex%2CStreaming%2COnline%2CHD%2CBest%2CJapanese%2CPorn%2CFree%2C1080p%2CJavMec.Me%2CWatch%2CJAV%2CFREE%2Ccollection%2CSex%2CVideos%2CHD%2Cfull%2CStreaming%2COnline%2C%E2%9C%85Censored%2CUncensored%2C%E2%9C%85%2CJAVMEC%2Cwith%2Cfull%2Ctop%2C1%2Crated%2Cand%2C5%2Cstars%2CJapanese%2CPorn%2Cmovies%2Cfor%2CFree%2Cforever.,&stratagem=nlabel-a&ssp=3972&refresh=1&priority=0&bb=0.0001 X-Firefox-Spdy: h2

	www.tomtop.com/?aid=agru	35.81.13.3		47 kB
URL GET www.tomtop.com/?aid=agru IP 35.81.13.3:0 ASN #16509 AMAZON-02 Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subject.tomtop.com Fingerprint50:4A:A5:57:22:AB:DA:6B:52:C1:20:BD:9D:C9:86:4A:D8:2F:79:12 ValidityTue, 20 Sep 2022 00:00:00 GMT - Sun, 08 Oct 2023 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 47 kB (47103 bytes) Hash 3f6e47f5b6c376dbe8d6f38ddb5c65a9 81fb00d06e754edeb1db8e3461447b535b02a31a 1cc5425a9b852325cc52d08d15f0236fdf60be706011288036906ea00aa08f27 HTTP Headers `GET /?aid=agru HTTP/1.1 Host: www.tomtop.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 server: nginx/ vary: Accept-Encoding, Accept-Encoding set-cookie: PLAY_LANG=en; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com country=United+States%7CUS; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com TT_CURR=USD; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com TT_LANG=1; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com USERID_COOKIE_NAME=20230602113227884252; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com PLAY_LANG=en; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com country=United+States%7CUS; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com TT_CURR=USD; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com TT_LANG=1; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com USERID_COOKIE_NAME=20230602113227100818; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com PLAY_LANG=en; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com country=United+States%7CUS; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com TT_CURR=USD; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com TT_LANG=1; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com USERID_COOKIE_NAME=20230602113227859371; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com PLAY_LANG=en; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com country=United+States%7CUS; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com TT_CURR=USD; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com TT_LANG=1; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com USERID_COOKIE_NAME=20230602113227532146; expires=Sat, 01-Jun-2024 11:32:27 GMT; Max-Age=31536000; path=/; domain=.tomtop.com expires: Fri, 02 Jun 2023 11:37:16 GMT cache-control: max-age=180 x-cache: HIT from 172.31.31.38 content-encoding: gzip X-Firefox-Spdy: h2

	rtbrennab.com/banner/in/show/?mid=6636338014110048894&pid=0&site=48537&sc=NO&usage_type=DCH&subid=652526507&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javmec.me&hostname=auc-banner-hz-3&site_id=0&spot_id=48537&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=407&skin_test=&verify_hash=&score=85.84565740468115&ml=&tag_ab=c&v2=0&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D48537%26source%3D652526507%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D48537%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DJav%252CSex%252CStreaming%252COnline%252CHD%252CBest%252CJapanese%252CPorn%252CFree%252C1080p%252CJavMec.Me%252CWatch%252CJAV%252CFREE%252Ccollection%252CSex%252CVideos%252CHD%252Cfull%252CStreaming%252COnline%252C%25E2%259C%2585Censored%252CUncensored%252C%25E2%259C%2585%252CJAVMEC%252Cwith%252Cfull%252Ctop%252C1%252Crated%252Cand%252C5%252Cstars%252CJapanese%252CPorn%252Cmovies%252Cfor%252CFree%252Cforever.%2C%26spot_id%3D48537%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26katds_labels%3D%26btype%3D0%26score%3D85.84565740468115%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Jav%2CSex%2CStreaming%2COnline%2CHD%2CBest%2CJapanese%2CPorn%2CFree%2C1080p%2CJavMec.Me%2CWatch%2CJAV%2CFREE%2Ccollection%2CSex%2CVideos%2CHD%2Cfull%2CStreaming%2COnline%2C%E2%9C%85Censored%2CUncensored%2C%E2%9C%85%2CJAVMEC%2Cwith%2Cfull%2Ctop%2C1%2Crated%2Cand%2C5%2Cstars%2CJapanese%2CPorn%2Cmovies%2Cfor%2CFree%2Cforever.,&stratagem=nlabel-a&ssp=3972&refresh=1&priority=0&bb=0.0001	162.55.139.130	302 Found	0 B
URL GET HTTP/2 rtbrennab.com/banner/in/show/?mid=6636338014110048894&pid=0&site=48537&sc=NO&usage_type=DCH&subid=652526507&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javmec.me&hostname=auc-banner-hz-3&site_id=0&spot_id=48537&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=407&skin_test=&verify_hash=&score=85.84565740468115&ml=&tag_ab=c&v2=0&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D48537%26source%3D652526507%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D48537%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DJav%252CSex%252CStreaming%252COnline%252CHD%252CBest%252CJapanese%252CPorn%252CFree%252C1080p%252CJavMec.Me%252CWatch%252CJAV%252CFREE%252Ccollection%252CSex%252CVideos%252CHD%252Cfull%252CStreaming%252COnline%252C%25E2%259C%2585Censored%252CUncensored%252C%25E2%259C%2585%252CJAVMEC%252Cwith%252Cfull%252Ctop%252C1%252Crated%252Cand%252C5%252Cstars%252CJapanese%252CPorn%252Cmovies%252Cfor%252CFree%252Cforever.%2C%26spot_id%3D48537%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26katds_labels%3D%26btype%3D0%26score%3D85.84565740468115%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Jav%2CSex%2CStreaming%2COnline%2CHD%2CBest%2CJapanese%2CPorn%2CFree%2C1080p%2CJavMec.Me%2CWatch%2CJAV%2CFREE%2Ccollection%2CSex%2CVideos%2CHD%2Cfull%2CStreaming%2COnline%2C%E2%9C%85Censored%2CUncensored%2C%E2%9C%85%2CJAVMEC%2Cwith%2Cfull%2Ctop%2C1%2Crated%2Cand%2C5%2Cstars%2CJapanese%2CPorn%2Cmovies%2Cfor%2CFree%2Cforever.,&stratagem=nlabel-a&ssp=3972&refresh=1&priority=0&bb=0.0001 IP 162.55.139.130:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectrtbbnr.com Fingerprint9B:8F:E9:E4:0D:14:0C:51:0B:F8:0A:FC:22:6C:4B:F8:E0:BE:A6:D4 ValidityFri, 05 May 2023 01:54:59 GMT - Thu, 03 Aug 2023 01:54:58 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /banner/in/show/?mid=6636338014110048894&pid=0&site=48537&sc=NO&usage_type=DCH&subid=652526507&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javmec.me&hostname=auc-banner-hz-3&site_id=0&spot_id=48537&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25-3&min_cpm=0.0001&placement_type_id=407&skin_test=&verify_hash=&score=85.84565740468115&ml=&tag_ab=c&v2=0&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25-3&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D48537%26source%3D652526507%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D48537%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DJav%252CSex%252CStreaming%252COnline%252CHD%252CBest%252CJapanese%252CPorn%252CFree%252C1080p%252CJavMec.Me%252CWatch%252CJAV%252CFREE%252Ccollection%252CSex%252CVideos%252CHD%252Cfull%252CStreaming%252COnline%252C%25E2%259C%2585Censored%252CUncensored%252C%25E2%259C%2585%252CJAVMEC%252Cwith%252Cfull%252Ctop%252C1%252Crated%252Cand%252C5%252Cstars%252CJapanese%252CPorn%252Cmovies%252Cfor%252CFree%252Cforever.%2C%26spot_id%3D48537%26p%3Dhttps%253A%252F%252Fjavmec.me%252F%26katds_labels%3D%26btype%3D0%26score%3D85.84565740468115%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Jav%2CSex%2CStreaming%2COnline%2CHD%2CBest%2CJapanese%2CPorn%2CFree%2C1080p%2CJavMec.Me%2CWatch%2CJAV%2CFREE%2Ccollection%2CSex%2CVideos%2CHD%2Cfull%2CStreaming%2COnline%2C%E2%9C%85Censored%2CUncensored%2C%E2%9C%85%2CJAVMEC%2Cwith%2Cfull%2Ctop%2C1%2Crated%2Cand%2C5%2Cstars%2CJapanese%2CPorn%2Cmovies%2Cfor%2CFree%2Cforever.,&stratagem=nlabel-a&ssp=3972&refresh=1&priority=0&bb=0.0001 HTTP/1.1 Host: rtbrennab.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx/1.16.0 date: Fri, 02 Jun 2023 11:34:18 GMT content-length: 0 vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * location: https://btds.zog.link/in/912/?sid=48537&source=652526507&idzone=0&w=1&h=1&mo=&ve=&site_id=48537&utm1=&utm2=&utm3=&utm4=&ad_tags=Jav%2CSex%2CStreaming%2COnline%2CHD%2CBest%2CJapanese%2CPorn%2CFree%2C1080p%2CJavMec.Me%2CWatch%2CJAV%2CFREE%2Ccollection%2CSex%2CVideos%2CHD%2Cfull%2CStreaming%2COnline%2C%E2%9C%85Censored%2CUncensored%2C%E2%9C%85%2CJAVMEC%2Cwith%2Cfull%2Ctop%2C1%2Crated%2Cand%2C5%2Cstars%2CJapanese%2CPorn%2Cmovies%2Cfor%2CFree%2Cforever.,&spot_id=48537&p=https%3A%2F%2Fjavmec.me%2F&katds_labels=&btype=0&score=85.84565740468115&bf=0.0001 X-Firefox-Spdy: h2

	monaco.app.link/1mLxRmFn1bb?_p=c91529cb981c60f2fc1c8bf9	54.230.111.23	307 Temporary Redirect	3.9 kB
URL GET HTTP/2 monaco.app.link/1mLxRmFn1bb?_p=c91529cb981c60f2fc1c8bf9 IP 54.230.111.23:443 ASN #16509 AMAZON-02 Requested by https://hlmiq.com/vu/a/? Certificate IssuerAmazon Subjectappipv4.link Fingerprint45:47:07:24:84:A1:30:C2:74:DB:10:B8:3D:79:44:35:1D:7F:86:B9 ValidityTue, 25 Apr 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT File type data Size 3.9 kB (3858 bytes) Hash 2169d46d5faae22861b5576b1335bb08 0a5fb1a0de51015790f8ce6e067804dcddab816d 02bbdfcd7b57c12672547cd0757846b92867f479e10106fbdc7de59cfcffd63e HTTP Headers `GET /1mLxRmFn1bb?_p=c91529cb981c60f2fc1c8bf9 HTTP/1.1 Host: monaco.app.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 307 Temporary Redirect location: https://app.mona.co/referral/fallback?_branch_match_id=1193142884920872333&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT08t0cvNz0vUS87XN8z1qQjKdcszTEoCAE64N64fAAAA server: openresty date: Fri, 02 Jun 2023 11:34:17 GMT set-cookie: _s=BfICe8rvLSopJ%2B4xuQSQzHZKI92XAyNDUoKiPHfJJV6XgtOk9LWgTagBvAp1SMKB; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Sat, 01 Jun 2024 11:34:17 GMT; Secure last-modified: Fri, 02 Jun 2023 11:34:17 GMT strict-transport-security: max-age=31536000; includeSubDomains accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model x-cache: Miss from cloudfront via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: jvKOcZAOyJvRqNYsR1YVgBlkGJPtWjSaNkoE8VpDhEUqY9jA4Bavmw== X-Firefox-Spdy: h2

	btds.zog.link/in/912/?sid=48537&source=652526507&idzone=0&w=1&h=1&mo=&ve=&site_id=48537&utm1=&utm2=&utm3=&utm4=&ad_tags=Jav%2CSex%2CStreaming%2COnline%2CHD%2CBest%2CJapanese%2CPorn%2CFree%2C1080p%2CJavMec.Me%2CWatch%2CJAV%2CFREE%2Ccollection%2CSex%2CVideos%2CHD%2Cfull%2CStreaming%2COnline%2C%E2%9C%85Censored%2CUncensored%2C%E2%9C%85%2CJAVMEC%2Cwith%2Cfull%2Ctop%2C1%2Crated%2Cand%2C5%2Cstars%2CJapanese%2CPorn%2Cmovies%2Cfor%2CFree%2Cforever.,&spot_id=48537&p=https%3A%2F%2Fjavmec.me%2F&katds_labels=&btype=0&score=85.84565740468115&bf=0.0001	109.206.191.198	302 Found	0 B
URL GET HTTP/2 btds.zog.link/in/912/?sid=48537&source=652526507&idzone=0&w=1&h=1&mo=&ve=&site_id=48537&utm1=&utm2=&utm3=&utm4=&ad_tags=Jav%2CSex%2CStreaming%2COnline%2CHD%2CBest%2CJapanese%2CPorn%2CFree%2C1080p%2CJavMec.Me%2CWatch%2CJAV%2CFREE%2Ccollection%2CSex%2CVideos%2CHD%2Cfull%2CStreaming%2COnline%2C%E2%9C%85Censored%2CUncensored%2C%E2%9C%85%2CJAVMEC%2Cwith%2Cfull%2Ctop%2C1%2Crated%2Cand%2C5%2Cstars%2CJapanese%2CPorn%2Cmovies%2Cfor%2CFree%2Cforever.,&spot_id=48537&p=https%3A%2F%2Fjavmec.me%2F&katds_labels=&btype=0&score=85.84565740468115&bf=0.0001 IP 109.206.191.198:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectbtds.zog.link Fingerprint73:D2:AA:B6:B5:C6:09:E2:67:77:68:C7:C3:66:A8:DC:B2:86:35:36 ValiditySat, 27 May 2023 03:07:32 GMT - Fri, 25 Aug 2023 03:07:31 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /in/912/?sid=48537&source=652526507&idzone=0&w=1&h=1&mo=&ve=&site_id=48537&utm1=&utm2=&utm3=&utm4=&ad_tags=Jav%2CSex%2CStreaming%2COnline%2CHD%2CBest%2CJapanese%2CPorn%2CFree%2C1080p%2CJavMec.Me%2CWatch%2CJAV%2CFREE%2Ccollection%2CSex%2CVideos%2CHD%2Cfull%2CStreaming%2COnline%2C%E2%9C%85Censored%2CUncensored%2C%E2%9C%85%2CJAVMEC%2Cwith%2Cfull%2Ctop%2C1%2Crated%2Cand%2C5%2Cstars%2CJapanese%2CPorn%2Cmovies%2Cfor%2CFree%2Cforever.,&spot_id=48537&p=https%3A%2F%2Fjavmec.me%2F&katds_labels=&btype=0&score=85.84565740468115&bf=0.0001 HTTP/1.1 Host: btds.zog.link User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:18 GMT content-type: text/html; charset=UTF-8 content-length: 0 location: https://cdn.1vag.com/1x1.png pragma: no-cache vary: * cache-control: no-cache, no-store, must-revalidate set-cookie: 912.0=1; expires=Sat, 03 Jun 2023 11:34:19 GMT; path=/; secure; SameSite=None X-Firefox-Spdy: h2`

	ocsp2.globalsign.com/gsorganizationvalsha2g2	104.18.20.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g2 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1459 bytes) Hash e4cb7b98d5bede40a41c796201e3133d ce33b93c22df61232ff88da39772d5d6c9a7237b f3a298878b06eca85540733338016c636bcb4fc1670e000eaa7cf241a50d0db6 HTTP Headers `POST /gsorganizationvalsha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:19 GMT Content-Type: application/ocsp-response Content-Length: 1459 Connection: keep-alive Expires: Tue, 06 Jun 2023 09:20:13 GMT ETag: "ce33b93c22df61232ff88da39772d5d6c9a7237b" Last-Modified: Fri, 02 Jun 2023 09:20:14 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 1286 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f62f15c81b4f7-OSL`

	cdn.1vag.com/1x1.png	45.133.44.24	200 OK	68 B
URL GET HTTP/2 cdn.1vag.com/1x1.png IP 45.133.44.24:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectcdn.1vag.com FingerprintB5:C5:FE:20:80:C4:32:26:08:83:9D:59:5E:B9:AD:43:D9:A9:3D:0F ValiditySat, 27 May 2023 02:11:33 GMT - Fri, 25 Aug 2023 02:11:32 GMT File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data Size 68 B (68 bytes) Hash 91e42db1c66c0b276abf6234dc50b2eb c1986af3c26609b8b7d8933f99c51c1a89e9ea6b 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 HTTP Headers `GET /1x1.png HTTP/1.1 Host: cdn.1vag.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:19 GMT content-type: image/png content-length: 68 server: nginx/1.20.1 last-modified: Wed, 15 Apr 2020 13:30:15 GMT etag: "5e970c67-44" cache-control: max-age=3600 x-request-id: 28eea0836f6cd5562d41ccabe8fa4a5b expires: Fri, 02 Jun 2023 12:34:19 GMT x-proxy-cache: HIT access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2`

	monday.com/lp/management/general/?gspk=YWxsYWtob3ppdHNrYXlhOTEzMw&gsxid=Q0GlR4ODkQv7&sid=14330&sid1=6479bceff1e7630001058d13&sub_id=6479bceff1e7630001058d13&utm_adgroup=allakhozitskaya9133&utm_campaign=ww-multi-prm-workos-multi-generic-desktop-network-core&utm_medium=affiliates&utm_source=partnerstack	54.230.111.88		129 kB
URL GET monday.com/lp/management/general/?gspk=YWxsYWtob3ppdHNrYXlhOTEzMw&gsxid=Q0GlR4ODkQv7&sid=14330&sid1=6479bceff1e7630001058d13&sub_id=6479bceff1e7630001058d13&utm_adgroup=allakhozitskaya9133&utm_campaign=ww-multi-prm-workos-multi-generic-desktop-network-core&utm_medium=affiliates&utm_source=partnerstack IP 54.230.111.88:0 ASN #16509 AMAZON-02 Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoDaddy.com, Inc. Subject.monday.com Fingerprint0F:49:CE:7F:10:10:02:0C:BF:B2:CE:7E:39:99:C6:BF:0B:98:88:81 ValiditySun, 07 Aug 2022 07:19:35 GMT - Mon, 07 Aug 2023 07:19:35 GMT File type gzip compressed data, from Unix\012- data Size 129 kB (128937 bytes) Hash 928d4b0870003fb4c0c3a2164cb6377c 633ba37a06d8d481edc1e4f730f22ff7dd8992ee c1efb7a9a77077ea643daa96f59e10a21f67a868c03e50f9a25889a32d16d435 HTTP Headers GET /lp/management/general/?gspk=YWxsYWtob3ppdHNrYXlhOTEzMw&gsxid=Q0GlR4ODkQv7&sid=14330&sid1=6479bceff1e7630001058d13&sub_id=6479bceff1e7630001058d13&utm_adgroup=allakhozitskaya9133&utm_campaign=ww-multi-prm-workos-multi-generic-desktop-network-core&utm_medium=affiliates&utm_source=partnerstack HTTP/1.1 Host: monday.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 01 Jun 2023 20:28:08 GMT x-powered-by: Next.js cloudfront-is-mobile-viewer: false cloudfront-is-tablet-viewer: false cloudfront-is-desktop-viewer: true x-envoy-upstream-service-time: 439 x-xss-protection: 1; mode=block content-encoding: gzip server: monday edge vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload set-cookie: experiment_visitor_id=1685705656751; Path=/; Domain=monday.com; Max-Age=7776000; t_3608=1; Path=/; Domain=monday.com; Max-Age=300; t_3479=1; Path=/; Domain=monday.com; Max-Age=300; t_3471=1; Path=/; Domain=monday.com; Max-Age=300; cloudfront-viewer-country: NO x-cache: Hit from cloudfront via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: pC8TpxBN3UYn1JECzqYbQNipHn19SHoUlCkXqADk5nVK6yBgbxmYuA== age: 54368 X-Firefox-Spdy: h2

	assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2	104.110.21.4	200 OK	8.8 kB
URL GET HTTP/2 assets.alicdn.com/g/ae-fe/static-ui/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 8800, version 1.0\012- data Size 8.8 kB (8800 bytes) Hash 7631d9dc713cd0544300c5aef9394f54 31223824922afeffe5349644e3f5ab82ebec197d fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be HTTP Headers GET /g/ae-fe/static-ui/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://assets.alicdn.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: Tengine content-type: font/woff2 content-length: 8800 x-oss-request-id: 6443ACB6B6301D393090DDFB accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 622431805556229219 x-oss-storage-class: Standard content-md5: djHZ3HE80FRDAMWu+TlPVA== x-oss-server-time: 41 access-control-allow-origin: * x-source-scheme: https ali-swift-global-savetime: 1682156726 x-swift-savetime: Sat, 22 Apr 2023 09:50:45 GMT x-swift-cachetime: 3281 timing-allow-origin: * eagleid: 2ff62c9916821573534564769e served-from: 104.123.68.221 cache-control: max-age=1199596, s-maxage=3600 date: Fri, 02 Jun 2023 11:34:19 GMT network_info: NO_OSLO_50304 X-Firefox-Spdy: h2

	lite-1x69818824.top/?tag=s_137887m_355c_	178.253.15.88		1.5 kB
URL GET lite-1x69818824.top/?tag=s_137887m_355c_ IP 178.253.15.88:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subject.lite-1x69818824.top FingerprintFD:B9:02:5B:46:81:55:18:FD:6A:F1:3D:CB:AC:04:AE:45:A9:1A:0F ValidityFri, 31 Mar 2023 01:05:01 GMT - Thu, 29 Jun 2023 01:05:00 GMT File type data Size 1.5 kB (1461 bytes) Hash 9c343748ac6ed6d40af352a0b1fa27f8 aa83b03d5d90940943ca73d099b4d3547e293341 c4e129f7ec3ad168f25e87f7a005724e36146da6db6da11e94f3181c0f18dbb1 HTTP Headers `GET /?tag=s_137887m_355c_ HTTP/1.1 Host: lite-1x69818824.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found server: nginx date: Fri, 02 Jun 2023 11:34:16 GMT location: /en?tag=s_137887m_355c_ reason-v3: empty_lang server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=2, px_285;dur=2 x-frame-options: SAMEORIGIN strict-transport-security: max-age=63072000; includeSubDomains; preload set-cookie: platform_type=desktop; Path=/; Expires=Mon, 05 Jun 2023 11:34:16 GMT auid=sv0PWGR507gbAUcxAy9gAg==; path=/; secure; httponly; samesite=lax X-Firefox-Spdy: h2`

	de-wum.aliexpress.com/w/wu.json	47.246.146.63	200 OK	156 B
URL GET HTTP/2 de-wum.aliexpress.com/w/wu.json IP 47.246.146.63:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.aliexpress.com Fingerprint25:07:38:8F:0C:E5:FE:CF:96:5C:24:74:57:A1:4C:95:B6:57:FC:86 ValidityTue, 16 May 2023 09:57:03 GMT - Sun, 16 Jun 2024 09:51:39 GMT File type ASCII text Size 156 B (156 bytes) Hash 488bcfb98a756f948f779b0966ec5a5e e1b9241a6c5cd997b7bd42375f324a208de51330 22250d89c49e611d4f222eed7ee5ead1067a8d4495a540da220db44f76a09dda HTTP Headers `GET /w/wu.json HTTP/1.1 Host: de-wum.aliexpress.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Cookie: af_ss_a=1 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:19 GMT content-type: text/javascript;charset=utf-8 content-length: 156 server: Tengine x-application-context: umid-web:de-prod:7001 access-control-allow-methods: GET,POST,OPTIONS access-control-allow-credentials: true access-control-allow-headers: Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With etag: GD1F73101376D638E65F1DBE6214C918BFDA690E590D6B95B00 cache-control: no-cache set-cookie: cbc=GA67765BD675C0F5009082F9576D1802A32986CD7D441D8F628; Max-Age=31536000; Expires=Sat, 01-Jun-2024 11:34:19 GMT; Domain=de-wum.aliexpress.com; Path=/ x-content-type-options: nosniff x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000 ; includeSubDomains eagleeye-traceid: 21038edc16857056595517238eef85 timing-allow-origin: * X-Firefox-Spdy: h2

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash 7a519f49588d248f0a110eac738b5249 a06e35ea6d433a12c0357517180888b22fa55d7c edbb5785959c88f86f85549927fd6a560663c5abd418de1c3988f282660c64cc HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:19 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Tue, 06 Jun 2023 08:56:18 GMT ETag: "a06e35ea6d433a12c0357517180888b22fa55d7c" Last-Modified: Fri, 02 Jun 2023 08:56:19 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2929 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f62f50bd2b527-OSL`

	bongacams.com/?bcs=aWNhbDc5MGI3OTEzOWExZmNkMDJhOGJmMzhmMjg2MzI2MjMxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow	195.85.23.89	302 Found	60 kB
URL GET HTTP/3 bongacams.com/?bcs=aWNhbDc5MGI3OTEzOWExZmNkMDJhOGJmMzhmMjg2MzI2MjMxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow IP 195.85.23.89:443 ASN #209242 Cloudflare London, LLC Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoGetSSL Subject.bongacams.com FingerprintD8:5F:95:AA:A0:73:63:73:18:46:DC:8F:4A:5F:D1:BA:94:17:B0:68 ValidityMon, 03 Apr 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT File type data Size 60 kB (60407 bytes) Hash 9222b00e138dc144c699eb42cdd94f69 b989157f05f7a90b06d8d65e17482daf48c1624c 84a4c5d9d6b911e3fc1ae12a35d6d06747b9d34c71db2979387038e5bcb3f118 HTTP Headers GET /?bcs=aWNhbDc5MGI3OTEzOWExZmNkMDJhOGJmMzhmMjg2MzI2MjMxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP/1.1 Host: bongacams.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Cookie: __cf_bm=OuGrrI.593_aD9g.FL3KV.dklr34tslEjPWxbJGL68g-1685705656-0-AXn8KEQoUHqYGfQaO7PJ/0W55UzssLL9kFtX8PgM1hKvKIX+8B/BHIXCJkzFAn0/wjyjYgUczwBFYDeD1wxwRKU= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 302 Found date: Fri, 02 Jun 2023 11:34:17 GMT content-type: text/html; charset=utf-8 location: https://no.bongacams.com/?bcs=aWNhbDc5MGI3OTEzOWExZmNkMDJhOGJmMzhmMjg2MzI2MjMxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow set-cookie: bonga20120608=c2994e22f4195e33bb8812b6d9cefbff; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None ts_type=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bongacams.com ts_type2=1; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com fv=AmH2AGN3AGt2ZD==; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com uh=JJSxE2gwBISYpKAlITyGDGS2rz9uZj==; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com ratr=183346%3A%3A287325%3A%3A2023-06-02%2014%3A34%3A17%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A; expires=Sat, 20-May-2073 11:34:17 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com; HttpOnly cache-control: no-cache, no-store, must-revalidate x-zone: 5a-web55 cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62e65af1b524-OSL alt-svc: h3=":443"; ma=86400

	ae.mmstat.com/aes.1.1	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/aes.1.1 IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /aes.1.1 HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 950 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:19 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=8d435fdb; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	de-wum.aliexpress.com/service/um.json	47.246.146.63	200 OK	136 B
URL POST HTTP/2 de-wum.aliexpress.com/service/um.json IP 47.246.146.63:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.aliexpress.com Fingerprint25:07:38:8F:0C:E5:FE:CF:96:5C:24:74:57:A1:4C:95:B6:57:FC:86 ValidityTue, 16 May 2023 09:57:03 GMT - Sun, 16 Jun 2024 09:51:39 GMT File type JSON data\012- , ASCII text, with no line terminators Size 136 B (136 bytes) Hash 73228453635cddd63d2cca1ab2b58e17 960f22e9ee5894d595a6fba0d259740625a5d7d7 e488d5919adbb123c60dc58a95a86ce48a58ea7b49d8974e1afc328c89fa5b1a HTTP Headers POST /service/um.json HTTP/1.1 Host: de-wum.aliexpress.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 624 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Cookie: af_ss_a=1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:19 GMT content-type: text/plain;charset=UTF-8 content-length: 136 server: Tengine x-application-context: umid-web:de-prod:7001 access-control-allow-origin: https://login.aliexpress.com access-control-allow-methods: GET,POST,OPTIONS access-control-allow-credentials: true access-control-allow-headers: Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With set-cookie: umdata_=GAE68CBB84A60C4E68503B0A7DB5674074B4AA4D9E6438DC04D; Max-Age=31536000; Expires=Sat, 01-Jun-2024 11:34:19 GMT; Domain=de-wum.aliexpress.com; Path=/ p3p: CP=IVAa PSAa x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: 0 strict-transport-security: max-age=31536000 ; includeSubDomains eagleeye-traceid: 21038edc16857056597487241eef85 timing-allow-origin: * X-Firefox-Spdy: h2

	aeis.alicdn.com/AWSC/fireyejs/1.225.0/fireyejs.js	104.110.21.4	200 OK	127 kB
URL GET HTTP/2 aeis.alicdn.com/AWSC/fireyejs/1.225.0/fireyejs.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 127 kB (127337 bytes) Hash f88444e6ff7abd4e0ba1e79aba8dee3c 810868d307a6d5137de4e008a2abcaa4747e6883 1225fe4bd74578455837369f00b870d999d0a0f5ac0b9ca52dc0d138faa5e1fb HTTP Headers `GET /AWSC/fireyejs/1.225.0/fireyejs.js HTTP/1.1 Host: aeis.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 127337 x-oss-request-id: 64354F74AF9F043735139B40 x-oss-object-type: Normal x-oss-hash-crc64ecma: 2925676973390429524 x-oss-storage-class: Standard content-md5: +IRE5v96vU4Loeeauo3uPA== x-oss-server-time: 4 x-source-scheme: https content-encoding: gzip ali-swift-global-savetime: 1681215348 x-swift-savetime: Tue, 11 Apr 2023 18:19:22 GMT x-swift-cachetime: 64586 eagleid: 2ff62c9516812371627053287e served-from: 104.123.68.198 cache-control: max-age=434434, s-maxage=86400 expires: Wed, 07 Jun 2023 12:14:53 GMT date: Fri, 02 Jun 2023 11:34:19 GMT vary: Accept-Encoding network_info: NO_OSLO_50304 timing-allow-origin: , access-control-allow-origin: * access-control-expose-headers: FW_IP fw_ip: 104.110.21.4 X-Firefox-Spdy: h2

	ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /ae.pc_ctr.statweb_ae_ctr HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 867 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=914a7191; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/ae.pc_ctr.statweb_ae_ctr IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /ae.pc_ctr.statweb_ae_ctr HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 845 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=70b6c12e; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	ae.mmstat.com/ae.pc_click.statweb_ae_click	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/ae.pc_click.statweb_ae_click IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /ae.pc_click.statweb_ae_click HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 895 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=e4298ceb; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	freebitco.in/signup/?op=s&r=3669689	104.22.6.169		116 kB
URL GET freebitco.in/signup/?op=s&r=3669689 IP 104.22.6.169:0 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectfreebitco.in FingerprintB0:69:AA:58:57:1F:EA:E5:6B:4F:8A:C0:02:A7:E7:66:8F:C1:38:B7 ValidityTue, 05 Jul 2022 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (55103), with no line terminators Size 116 kB (116182 bytes) Hash 9c7677d5a1f41aa402caf073485341e2 27984dcb1634c4063d95495bcff3a2b11584f329 a1332049400dbca4038375d8d37c9fa42e53ec53743bf74bfe1da396e2012ffc HTTP Headers `GET /signup/?op=s&r=3669689 HTTP/1.1 Host: freebitco.in User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html;charset=UTF-8 vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62e27cbb0b51-OSL content-encoding: br X-Firefox-Spdy: h2`

	fourier.taobao.com/rp?ext=51&data=jm_null&random=030168335601643448&href=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%262321%26cn%3Doslo%26cv%3D867834%26dp%3D91.90.42.154%26aff_fcid%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26terminal_id%3D9f39fdb27b484234b0b785968f1f176a&protocol=https:	203.119.169.80	200 OK	1.0 kB
URL GET HTTP/2 fourier.taobao.com/rp?ext=51&data=jm_null&random=030168335601643448&href=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%262321%26cn%3Doslo%26cv%3D867834%26dp%3D91.90.42.154%26aff_fcid%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26terminal_id%3D9f39fdb27b484234b0b785968f1f176a&protocol=https: IP 203.119.169.80:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.taobao.com Fingerprint7A:31:60:C9:14:29:29:63:39:EB:D4:00:4F:EF:71:85:9D:E4:D0:6D ValidityMon, 08 May 2023 02:12:25 GMT - Sat, 08 Jun 2024 02:06:47 GMT File type ASCII text, with very long lines (1023), with no line terminators Size 1.0 kB (1023 bytes) Hash d25560612f7d6c983e4ea042a9120f6a 84c3ddfe2a8568f88dd8e56cbcc5a0f122d6c40d 486ba168351c19d6297fdb944a8c532ddb1c2be56b9f6b4404e60ddd044dc758 HTTP Headers GET /rp?ext=51&data=jm_null&random=030168335601643448&href=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%262321%26cn%3Doslo%26cv%3D867834%26dp%3D91.90.42.154%26aff_fcid%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26terminal_id%3D9f39fdb27b484234b0b785968f1f176a&protocol=https: HTTP/1.1 Host: fourier.taobao.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:20 GMT content-type: application/javascript;charset=UTF-8 content-length: 1023 x5-punish-cache: miss cache-control: no-store access-control-allow-credentials: true use-raw: true bxuuid: 0a7cdd22f28125f96d49684f97e48da7, {"login-token":"0a7cdd22f28125f96d49684f97e48da7___null___fa1d0615835019a4b769463ced9c0a90"} set-cookie: x5secdata=xd5a66fa275bfcf2450a7cdd22f28125f96d49684f97e48da71685705660a-717315356a1993109894abazc2aaa__bx__fourier.taobao.com%3A443%2Frp; Max-Age=20; Expires=Fri, 02-Jun-2023 11:34:40 GMT; Domain=taobao.com; Path=/ bxpunish: 1 server: Tengine/Aserver eagleeye-traceid: 21507fa916857056600132640edbe7 strict-transport-security: max-age=31536000 timing-allow-origin: * X-Firefox-Spdy: h2

	fourier.taobao.com/ts?url=https%3A%2F%2Fjavmec.me%2F&token=BGtrP9G9i8s6fdcfHqEOrub9-YZVgH8CjCxT4t3oR6oBfIveZVAPUgna1iYSx9f6&cna=&ext=1	203.119.169.80	200 OK	0 B
URL GET HTTP/2 fourier.taobao.com/ts?url=https%3A%2F%2Fjavmec.me%2F&token=BGtrP9G9i8s6fdcfHqEOrub9-YZVgH8CjCxT4t3oR6oBfIveZVAPUgna1iYSx9f6&cna=&ext=1 IP 203.119.169.80:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.taobao.com Fingerprint7A:31:60:C9:14:29:29:63:39:EB:D4:00:4F:EF:71:85:9D:E4:D0:6D ValidityMon, 08 May 2023 02:12:25 GMT - Sat, 08 Jun 2024 02:06:47 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ts?url=https%3A%2F%2Fjavmec.me%2F&token=BGtrP9G9i8s6fdcfHqEOrub9-YZVgH8CjCxT4t3oR6oBfIveZVAPUgna1iYSx9f6&cna=&ext=1 HTTP/1.1 Host: fourier.taobao.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 0 server: Tengine/Aserver eagleeye-traceid: 21507fa916857056600392645edbe7 strict-transport-security: max-age=31536000 timing-allow-origin: * X-Firefox-Spdy: h2`

	ae.mmstat.com/aes.1.1	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/aes.1.1 IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /aes.1.1 HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 2083 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=b67274d1; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	ae.mmstat.com/g.gif?logtype=0&title=Buy%20Products%20Online%20from%20China%20Wholesalers%20at%20Aliexpress.com&pre=https%3A%2F%2Fjavmec.me%2F&scr=1280x1024&_p_url=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%262321%26cn%3Doslo%26cv%3D867834%26dp%3D91.90.42.154%26aff_fcid%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26terminal_id%3D9f39fdb27b484234b0b785968f1f176a&cna=u8EAHeg59woCAVtaKppkpDK9&spm-cnt=a2g0s.buyerloginandregister.0.0.2b4155a3L77GPE&aplus=&sidx=aplusSidx&ckx=aplusCkx&pageid=1887be30bca1e4b92af9b35a042b79aaf550181632&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Baep_usuc_f%3D-%7Caeu_cid%3D-%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=linux&b=firefox111&s=1280x1024&w=gecko&ism=other&cache=8bc9a82&lver=8.15.21&jsver=aplus_int&pver=0.7.12&_pw=801&_ph=601&tag=0&stag=2&lstag=0&_slog=0	47.246.110.45	200 OK	43 B
URL GET HTTP/2 ae.mmstat.com/g.gif?logtype=0&title=Buy%20Products%20Online%20from%20China%20Wholesalers%20at%20Aliexpress.com&pre=https%3A%2F%2Fjavmec.me%2F&scr=1280x1024&_p_url=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%262321%26cn%3Doslo%26cv%3D867834%26dp%3D91.90.42.154%26aff_fcid%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26terminal_id%3D9f39fdb27b484234b0b785968f1f176a&cna=u8EAHeg59woCAVtaKppkpDK9&spm-cnt=a2g0s.buyerloginandregister.0.0.2b4155a3L77GPE&aplus=&sidx=aplusSidx&ckx=aplusCkx&pageid=1887be30bca1e4b92af9b35a042b79aaf550181632&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Baep_usuc_f%3D-%7Caeu_cid%3D-%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=linux&b=firefox111&s=1280x1024&w=gecko&ism=other&cache=8bc9a82&lver=8.15.21&jsver=aplus_int&pver=0.7.12&_pw=801&_ph=601&tag=0&stag=2&lstag=0&_slog=0 IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers GET /g.gif?logtype=0&title=Buy%20Products%20Online%20from%20China%20Wholesalers%20at%20Aliexpress.com&pre=https%3A%2F%2Fjavmec.me%2F&scr=1280x1024&_p_url=https%3A%2F%2Flogin.aliexpress.com%2F%3Faf%3Da%262321%26cn%3Doslo%26cv%3D867834%26dp%3D91.90.42.154%26aff_fcid%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26tt%3DCPS_NORMAL%26aff_fsk%3D_DEQI9az%26aff_platform%3Dportals-tool%26sk%3D_DEQI9az%26aff_trace_key%3D05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az%26terminal_id%3D9f39fdb27b484234b0b785968f1f176a&cna=u8EAHeg59woCAVtaKppkpDK9&spm-cnt=a2g0s.buyerloginandregister.0.0.2b4155a3L77GPE&aplus=&sidx=aplusSidx&ckx=aplusCkx&pageid=1887be30bca1e4b92af9b35a042b79aaf550181632&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Baep_usuc_f%3D-%7Caeu_cid%3D-%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=linux&b=firefox111&s=1280x1024&w=gecko&ism=other&cache=8bc9a82&lver=8.15.21&jsver=aplus_int&pver=0.7.12&_pw=801&_ph=601&tag=0&stag=2&lstag=0&_slog=0 HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: cna=u8EAHeg59woCAVtaKppkpDK9; expires=Mon, 30-May-33 11:34:20 GMT; path=/; domain=.mmstat.com; sca=08c2194e; path=/; domain=.mmstat.com atpsida=b253cede4080b25c9d138804_1685705660_1; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2

	ae.mmstat.com/ae.pc_click.statweb_ae_click	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/ae.pc_click.statweb_ae_click IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /ae.pc_click.statweb_ae_click HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 900 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=27e10f3b; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	ae.mmstat.com/ae.pc_click.statweb_ae_click	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/ae.pc_click.statweb_ae_click IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /ae.pc_click.statweb_ae_click HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 884 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=92e24771; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	ae.mmstat.com/aes.1.1	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/aes.1.1 IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /aes.1.1 HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 2068 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:20 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=8377237e; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash bf8dda1b27b458f8daedc112908fe215 5471f56ddf3247ee5bdf5494ab26c8b300b59089 5fc0145b087a742fd9904d42c5e74db7706b3e55966e645a1fccdbc0787d89ee HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:21 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Tue, 06 Jun 2023 10:09:17 GMT ETag: "5471f56ddf3247ee5bdf5494ab26c8b300b59089" Last-Modified: Fri, 02 Jun 2023 10:09:18 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2907 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f62fd6a41b527-OSL`

	ocsp2.globalsign.com/gsorganizationvalsha2g3	104.18.21.226		1.5 kB
URL ocsp2.globalsign.com/gsorganizationvalsha2g3 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1461 bytes) Hash b6974350638f5cba1d079419ff621d9a 5bd35653ba6b1484f47d30fdc43fe497a6fe4cb7 3e323ea1c05c8a0de71df5a177d1649f6863e09b1d1807162e4fe43da42d8be5 HTTP Headers `POST /gsorganizationvalsha2g3 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 02 Jun 2023 11:34:21 GMT Content-Type: application/ocsp-response Content-Length: 1461 Connection: keep-alive Expires: Tue, 06 Jun 2023 07:28:22 GMT ETag: "5bd35653ba6b1484f47d30fdc43fe497a6fe4cb7" Last-Modified: Fri, 02 Jun 2023 07:28:23 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2819 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d0f6302193eb527-OSL`

	js.wpushsdk.com/npc/sdk/wpu/csub.m.js	45.133.44.53	200 OK	27 kB
URL GET HTTP/2 js.wpushsdk.com/npc/sdk/wpu/csub.m.js IP 45.133.44.53:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.wpushsdk.com Fingerprint7D:10:0A:C8:15:7A:C4:BB:44:8D:ED:0C:96:43:07:7E:2E:CC:00:A1 ValidityFri, 19 May 2023 00:01:23 GMT - Thu, 17 Aug 2023 00:01:22 GMT File type gzip compressed data, from Unix\012- data Size 27 kB (26963 bytes) Hash ac4e7edb5c907af287a45e3f2887111b 889ba268a166b94b0162aaa78acb60a5031a4f26 b0b327eb290171410c8bb7457774c48833478eede5b3f5a2a9d61fcd011791c2 HTTP Headers `GET /npc/sdk/wpu/csub.m.js HTTP/1.1 Host: js.wpushsdk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Wed, 07 Dec 2022 08:28:22 GMT etag: W/"63904ea6-16019" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:14 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	ae.mmstat.com/aes.1.1	47.246.110.45	200 OK	43 B
URL POST HTTP/2 ae.mmstat.com/aes.1.1 IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `POST /aes.1.1 HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1604 Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:22 GMT content-type: image/gif content-length: 43 p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" cross-origin-resource-policy: cross-origin set-cookie: sca=1b9c4c87; path=/; domain=.mmstat.com expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache pragma: no-cache X-Firefox-Spdy: h2`

	vast.yomeno.xyz/wrapper?katds_ep=_lg-24ha1DNTmsHddshAnpPLyDQFyuOAMOjaYVEtZh6PSLpxf58uOHjo2eikdEhvNYg5f6xy08SoWl7GBt9M8jV9jNtv2pdTrz9GLpn1Y7Yf_IJL4li1gz9OuzJpQM26YcBuBC2xwX_-Gc5FRaGqH5jwnavTmGx5Xr-NmJRFKNUNr8GVpJjihSsW_idqii93ji7tiHhMBldSconHdqIIgMt4TYrs2kbwYQNqshk17rei3pwZjMTSn8wh6sLZiGyBjgzDkMSxPYtAbMMQ5zI0BO7hnzNma-xDE1KBSB5AvNxbAh9WdYmuFO3812_fWij2Pd8QDtQuYatJAgeN99znKg0NCHFXsCgfCQwHZqenBC-rWl-weqLAyEQHZKI4PzmDV7TTgVYacAJDxyxRt2Zw6NC2c1U9sZie8t2T_Hb_mhBLfu_SCzVICJz2Jqi39VGEm2ltnb935igQn9oBV0ANG-X1uX1qFv6_8FjfDW-jaH7SoHC7BX8zxc7sk0XKqr4qvn7j4n3TvX4TlpvuYzFXZKF60oRg1twlO6NYTKhYEPZvHk8QgO1JoocnPJyBjofdYFIvSduuRQ7IypFhgydw2XlH1d9kJOWg2znsj7eBTu98_fiXMiDIvPjcxMV0B-LFGzAUKDPntY6MAjzAOT7qTojoOrep-FTAvPRcm9AXIwRlcpq1Px9ca1Eceaq2VvEycVzLil4KZ9Gqw-ZvrDK6tEEUAB7CK8MXBlzIEeWX_UqTMlrPV1HcJzs90b-pwpomQ6UUjQqPij_YbtMRXl8hbH0nvEU7vK4IBm-PaO75iYfYZaJaE_nViW3vvxw8awRT5It_RR9bI_vwEgs2xEOjL5YSE7CW-ZX17pdWs-9UtoD7eYuTxukJzjtGbDj1YGn4TJX15UwSij6hNcBEV9GHLTPqnxndGDPIKRgi2IKoRUhyUcuUbzKo2V7h3dbDpoNFDy8_BIrLF-Sx8d0wTah7nqU0IsEFiOYKe5FL0-IEk7veflUpaCQGC1vnx_bTQ-0DFWcF0WYdIdrbwlwve3m5ivrnWJVQ6Sot3xEKlElri5CZrJgTOdwREYP8	109.206.175.85	200 OK	3.4 kB
URL GET HTTP/2 vast.yomeno.xyz/wrapper?katds_ep=_lg-24ha1DNTmsHddshAnpPLyDQFyuOAMOjaYVEtZh6PSLpxf58uOHjo2eikdEhvNYg5f6xy08SoWl7GBt9M8jV9jNtv2pdTrz9GLpn1Y7Yf_IJL4li1gz9OuzJpQM26YcBuBC2xwX_-Gc5FRaGqH5jwnavTmGx5Xr-NmJRFKNUNr8GVpJjihSsW_idqii93ji7tiHhMBldSconHdqIIgMt4TYrs2kbwYQNqshk17rei3pwZjMTSn8wh6sLZiGyBjgzDkMSxPYtAbMMQ5zI0BO7hnzNma-xDE1KBSB5AvNxbAh9WdYmuFO3812_fWij2Pd8QDtQuYatJAgeN99znKg0NCHFXsCgfCQwHZqenBC-rWl-weqLAyEQHZKI4PzmDV7TTgVYacAJDxyxRt2Zw6NC2c1U9sZie8t2T_Hb_mhBLfu_SCzVICJz2Jqi39VGEm2ltnb935igQn9oBV0ANG-X1uX1qFv6_8FjfDW-jaH7SoHC7BX8zxc7sk0XKqr4qvn7j4n3TvX4TlpvuYzFXZKF60oRg1twlO6NYTKhYEPZvHk8QgO1JoocnPJyBjofdYFIvSduuRQ7IypFhgydw2XlH1d9kJOWg2znsj7eBTu98_fiXMiDIvPjcxMV0B-LFGzAUKDPntY6MAjzAOT7qTojoOrep-FTAvPRcm9AXIwRlcpq1Px9ca1Eceaq2VvEycVzLil4KZ9Gqw-ZvrDK6tEEUAB7CK8MXBlzIEeWX_UqTMlrPV1HcJzs90b-pwpomQ6UUjQqPij_YbtMRXl8hbH0nvEU7vK4IBm-PaO75iYfYZaJaE_nViW3vvxw8awRT5It_RR9bI_vwEgs2xEOjL5YSE7CW-ZX17pdWs-9UtoD7eYuTxukJzjtGbDj1YGn4TJX15UwSij6hNcBEV9GHLTPqnxndGDPIKRgi2IKoRUhyUcuUbzKo2V7h3dbDpoNFDy8_BIrLF-Sx8d0wTah7nqU0IsEFiOYKe5FL0-IEk7veflUpaCQGC1vnx_bTQ-0DFWcF0WYdIdrbwlwve3m5ivrnWJVQ6Sot3xEKlElri5CZrJgTOdwREYP8 IP 109.206.175.85:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectvast.yomeno.xyz Fingerprint13:5C:08:D5:3E:F3:37:AC:41:C6:11:A5:10:49:63:DF:DB:41:C5:5E ValiditySun, 28 May 2023 03:08:58 GMT - Sat, 26 Aug 2023 03:08:57 GMT File type Unicode text, UTF-8 text, with very long lines (3403), with no line terminators Size 3.4 kB (3387 bytes) Hash 0eb610c98132e42a93116bbd6e7ca157 7e08e9aa8059e984c65a6b0d34de18b71761f94d c224f5812b6926b2966939cc4feacfe90af89ee35455eb7419a04439b1edaf5d HTTP Headers GET /wrapper?katds_ep=_lg-24ha1DNTmsHddshAnpPLyDQFyuOAMOjaYVEtZh6PSLpxf58uOHjo2eikdEhvNYg5f6xy08SoWl7GBt9M8jV9jNtv2pdTrz9GLpn1Y7Yf_IJL4li1gz9OuzJpQM26YcBuBC2xwX_-Gc5FRaGqH5jwnavTmGx5Xr-NmJRFKNUNr8GVpJjihSsW_idqii93ji7tiHhMBldSconHdqIIgMt4TYrs2kbwYQNqshk17rei3pwZjMTSn8wh6sLZiGyBjgzDkMSxPYtAbMMQ5zI0BO7hnzNma-xDE1KBSB5AvNxbAh9WdYmuFO3812_fWij2Pd8QDtQuYatJAgeN99znKg0NCHFXsCgfCQwHZqenBC-rWl-weqLAyEQHZKI4PzmDV7TTgVYacAJDxyxRt2Zw6NC2c1U9sZie8t2T_Hb_mhBLfu_SCzVICJz2Jqi39VGEm2ltnb935igQn9oBV0ANG-X1uX1qFv6_8FjfDW-jaH7SoHC7BX8zxc7sk0XKqr4qvn7j4n3TvX4TlpvuYzFXZKF60oRg1twlO6NYTKhYEPZvHk8QgO1JoocnPJyBjofdYFIvSduuRQ7IypFhgydw2XlH1d9kJOWg2znsj7eBTu98_fiXMiDIvPjcxMV0B-LFGzAUKDPntY6MAjzAOT7qTojoOrep-FTAvPRcm9AXIwRlcpq1Px9ca1Eceaq2VvEycVzLil4KZ9Gqw-ZvrDK6tEEUAB7CK8MXBlzIEeWX_UqTMlrPV1HcJzs90b-pwpomQ6UUjQqPij_YbtMRXl8hbH0nvEU7vK4IBm-PaO75iYfYZaJaE_nViW3vvxw8awRT5It_RR9bI_vwEgs2xEOjL5YSE7CW-ZX17pdWs-9UtoD7eYuTxukJzjtGbDj1YGn4TJX15UwSij6hNcBEV9GHLTPqnxndGDPIKRgi2IKoRUhyUcuUbzKo2V7h3dbDpoNFDy8_BIrLF-Sx8d0wTah7nqU0IsEFiOYKe5FL0-IEk7veflUpaCQGC1vnx_bTQ-0DFWcF0WYdIdrbwlwve3m5ivrnWJVQ6Sot3xEKlElri5CZrJgTOdwREYP8 HTTP/1.1 Host: vast.yomeno.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ Origin: https://javmec.me DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/xml;charset=UTF-8 cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: Accept-Encoding, * report-to: {"url":"https://vast.yomeno.xyz/report?e_type=heavy-ad\u0026rep=video_events\u0026sid=46938\u0026feed_id=0\u0026stype=slider\u0026iab=IAB25\u0026uid=626171565fbbad99982b15f840fe3539\u0026auction_id=2048043521750164449\u0026score=18.646446\u0026response=json\u0026user_id=12887\u0026rchange=0\u0026p=0.006542","max_age":86401} access-control-allow-credentials: true access-control-allow-origin: https://javmec.me access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, access-control-expose-headers: Content-Length,Content-Range content-encoding: gzip X-Firefox-Spdy: h2

	remitano.com/home/login	104.18.28.12	200 OK	0 B
URL GET HTTP/2 remitano.com/home/login IP 104.18.28.12:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoogle Trust Services LLC Subjectremitano.com Fingerprint92:63:B3:48:F0:BF:85:DE:3B:8C:DA:9A:20:10:FB:66:A6:B0:6A:4F ValiditySat, 06 May 2023 12:21:11 GMT - Fri, 04 Aug 2023 12:21:10 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /home/login HTTP/1.1 Host: remitano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Cookie: AWSALBCORS=r5QM2lnPJjmiEj+I6h/qstsYqqvpjpNZC6iSzO9oOyp4aGMUoLwzqufVJ2YzacuE+XJemb8dxKt35qNB3lT/iFxG5Bs6zCU2LKS+RUd/uuuvhWrjc4GNERRHfTmQ; __cf_bm=KTwdBdJvFBgx0Yw4zBYmQJ1pXoHqQN7hDu56McDazds-1685705656-0-AUyIp6IDNTjABf9Oc7HY53wVFP6CARN4Fy4Zby3CRASaaYpJwOU1PZBleMAvQgBOXOfmoZCgyMNkM9c7FM4Zeu8=; _cfuvid=a_xXrpBNRu34xz5CUpjNAA2L_PhtW9YyARj_UGsH158-1685705656042-0-604800000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=utf-8 x-powered-by: Remitano referrer-policy: strict-origin-when-cross-origin content-security-policy: default-src * 'self' https: wss: data: blob: 'unsafe-inline' 'unsafe-eval' permissions-policy: camera=(*) x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000; includeSubDomains; preload set-cookie: AWSALB=+0wGcpdFvLUFi4eLi2lZTJUwayvur14F1l1eiJ3QM5geVSDKTuDj08VUaYi97Zm+pppXB6A7aiRtNAV/h8Yi3VJ9Wvm4BR/QgGVJV1QORS+rJqtZpc8PkDtxdRsIGSeAJ6cKboA5Tm5IKzvAwz0y+85FfDjABElC26B0GbJlAdZtuY7pche67V+ZN0YrjA==; Expires=Fri, 09 Jun 2023 11:34:16 GMT; Path=/ AWSALBCORS=+0wGcpdFvLUFi4eLi2lZTJUwayvur14F1l1eiJ3QM5geVSDKTuDj08VUaYi97Zm+pppXB6A7aiRtNAV/h8Yi3VJ9Wvm4BR/QgGVJV1QORS+rJqtZpc8PkDtxdRsIGSeAJ6cKboA5Tm5IKzvAwz0y+85FfDjABElC26B0GbJlAdZtuY7pche67V+ZN0YrjA==; Expires=Fri, 09 Jun 2023 11:34:16 GMT; Path=/; SameSite=None; Secure AWSALB=aRuplYFtDXLV6umNZuHMGJ25FDBnbVaZ6FZrTFVpzSU1ZNPi6XLOJosGJKft3EiA/6L+5LRLFA+Zd8KyvbEKiow58icjPwZOcQJWHBTfAe3iGXfRgUYTGA0JX0QB; Expires=Fri, 09 Jun 2023 11:34:16 GMT; Path=/ AWSALBCORS=aRuplYFtDXLV6umNZuHMGJ25FDBnbVaZ6FZrTFVpzSU1ZNPi6XLOJosGJKft3EiA/6L+5LRLFA+Zd8KyvbEKiow58icjPwZOcQJWHBTfAe3iGXfRgUYTGA0JX0QB; Expires=Fri, 09 Jun 2023 11:34:16 GMT; Path=/; SameSite=None; Secure connect.sid=s%3AsTfVQyQRFHDyXOODPwU4FUdvvDnSXGvR.BmGca%2FevrVbnqTd95q%2FfXte%2B3VZN1JniFbk1ezxS1Po; Path=/; Expires=Sat, 03 Jun 2023 11:34:16 GMT; HttpOnly cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62e1edc6b517-OSL content-encoding: gzip X-Firefox-Spdy: h2

	javmec.me/assets/img/nav.png	188.114.96.1	200 OK	100 B
URL GET HTTP/3 javmec.me/assets/img/nav.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type PNG image data, 1 x 47, 8-bit/color RGBA, non-interlaced\012- data Size 100 B (100 bytes) Hash 17a9ea997db0e24585f7bcc390586c7c 23e24281b3d328b945742adb86dfcfb00a8c7115 5a13f2b2c216f677a986e46bbac89636612c0673586350b32312cb3a2b5be86d HTTP Headers `GET /assets/img/nav.png HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/assets/css/main.css?v=1685697450 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: image/png content-length: 100 last-modified: Fri, 30 Nov 2018 23:09:13 GMT etag: "5c01c319-64" expires: Sun, 02 Jul 2023 02:54:27 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29015 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A19i%2F7a%2B%2FRxNJCAmSGbiEVQH0Ezbniqb6zapgvQBrNaKspzhFR%2FnniauPcl6GhTcLKpLaricNI0Ac3nd8lsQjovIdG0cp46hWxdll2%2BkbojgiQIMmFwNAAqfCiY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cc39da0b02-OSL alt-svc: h3=":443"; ma=86400

	www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=SG813a0wLxyPR7TQ1CxahX8JUkAS6W2OXUjWwE0&irgwc=1	2.22.31.185	200 OK	0 B
URL GET HTTP/2 www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=SG813a0wLxyPR7TQ1CxahX8JUkAS6W2OXUjWwE0&irgwc=1 IP 2.22.31.185:443 ASN #20940 Akamai International B.V. Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subjectwww.lightinthebox.com Fingerprint7A:2D:8E:34:AF:6E:70:F3:DD:78:5B:5B:16:8D:56:6A:E5:D4:5D:AE ValidityWed, 01 Mar 2023 00:00:00 GMT - Thu, 22 Feb 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=SG813a0wLxyPR7TQ1CxahX8JUkAS6W2OXUjWwE0&irgwc=1 HTTP/1.1 Host: www.miniinthebox.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=utf-8 x-frame-options: SAMEORIGIN x-xss-protection: 1;mode=block strict-transport-security: max-age=31536000 x-content-type-options: nosniff p3p: CP="CAO PSA OUR" expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vela_device: vela_is_first_visit: vela_s: vela_s_c: vela_v: vela_v_c: vela_w: vela_w_c: access-control-allow-credentials: true access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS x-akamai-transformed: 9 - 0 pmb=mTOE,1mRUM,1 content-encoding: gzip date: Fri, 02 Jun 2023 11:34:16 GMT vary: Accept-Encoding set-cookie: sid=6dk9v0r02104o6lp6k5d3k6hrq; expires=Sun, 02-Jul-2023 11:34:15 GMT; Max-Age=2592000; path=/; domain=.miniinthebox.com first_visit_time=e3d70c2c8f06c8f95bcf1e3e8613b219; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31535999; path=/; domain=.miniinthebox.com; secure vela_s_c=42; expires=Fri, 02-Jun-2023 12:04:15 GMT; Max-Age=1799; path=/; domain=.miniinthebox.com; secure vela_v_c=42; expires=Fri, 02-Jun-2023 19:34:15 GMT; Max-Age=28799; path=/; domain=.miniinthebox.com; secure vela_w_c=42; expires=Fri, 09-Jun-2023 11:34:15 GMT; Max-Age=604799; path=/; domain=.miniinthebox.com; secure vela_m_c=42; expires=Sun, 02-Jul-2023 11:34:15 GMT; Max-Age=2591999; path=/; domain=.miniinthebox.com; secure vela_3m_c=42; expires=Thu, 31-Aug-2023 11:34:15 GMT; Max-Age=7775999; path=/; domain=.miniinthebox.com; secure vela_m_ca=42; expires=Sun, 02-Jul-2023 11:34:15 GMT; Max-Age=2591999; path=/; domain=.miniinthebox.com; secure vela_s=6479d3b7d8cd0; expires=Fri, 02-Jun-2023 12:04:15 GMT; Max-Age=1799; path=/; domain=.miniinthebox.com; secure vela_m=6479d3b7d8cd5; expires=Sun, 02-Jul-2023 11:34:15 GMT; Max-Age=2591999; path=/; domain=.miniinthebox.com; secure vela_3m=6479d3b7d8cd8; expires=Thu, 31-Aug-2023 11:34:15 GMT; Max-Age=7775999; path=/; domain=.miniinthebox.com; secure vela_v=6479d3b7d8cdd; expires=Fri, 02-Jun-2023 19:34:15 GMT; Max-Age=28799; path=/; domain=.miniinthebox.com; secure vela_w=6479d3b7d8ce1; expires=Fri, 09-Jun-2023 11:34:15 GMT; Max-Age=604799; path=/; domain=.miniinthebox.com; secure vela_device=desktop; expires=Sat, 03-Jun-2023 11:34:15 GMT; Max-Age=86399; path=/; domain=.miniinthebox.com; secure vela_is_first_visit=1; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31535999; path=/; domain=.miniinthebox.com; secure affi=664b08e55c41be35e1e822fee3b61691; expires=Mon, 17-Jul-2023 11:34:15 GMT; Max-Age=3887999; path=/; domain=.miniinthebox.com; secure local=en%7CNO%7CNOK; expires=Sun, 02-Jul-2023 11:34:16 GMT; Max-Age=2592000; path=/; domain=.miniinthebox.com; secure __cust=AAAAAGR507ej3wbmvryZAg==; expires=Sat, 01-Jun-24 11:34:16 GMT; domain=miniinthebox.com; path=/ SRV=A_202009161055; Expires=Sun, 02-Jul-2023 11:34:16 GMT; path=/; domain=.miniinthebox.com server-timing: edge; dur=279, origin; dur=353, cdn-cache; desc=MISS, ak_p; desc="468251_35004341_586260100_63133_4697_7_0";dur=1 X-Firefox-Spdy: h2

	app.mona.co/referral/fallback?_branch_match_id=1193142884920872333&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT08t0cvNz0vUS87XN8z1qQjKdcszTEoCAE64N64fAAAA	104.17.243.79	302 Found	0 B
URL GET HTTP/2 app.mona.co/referral/fallback?_branch_match_id=1193142884920872333&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT08t0cvNz0vUS87XN8z1qQjKdcszTEoCAE64N64fAAAA IP 104.17.243.79:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectmona.co FingerprintC0:1D:CC:6D:62:D4:6C:9C:69:06:7D:81:95:8B:AE:BC:AD:24:E0:41 ValidityThu, 28 Jul 2022 00:00:00 GMT - Thu, 27 Jul 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /referral/fallback?_branch_match_id=1193142884920872333&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT08t0cvNz0vUS87XN8z1qQjKdcszTEoCAE64N64fAAAA HTTP/1.1 Host: app.mona.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Fri, 02 Jun 2023 11:34:18 GMT content-type: text/html; charset=utf-8 location: https://referral.crypto.com/signup?_branch_match_id=1193142884920872333 cache-control: no-cache, no-store pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT x-request-id: d81ddf0d-b7ec-4e40-8ebe-3fb83df3af33 x-runtime: 0.010635 strict-transport-security: max-age=604800 x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cf-cache-status: DYNAMIC set-cookie: __cf_bm=k.s5Of9BX47XP8FhLcroWs2eK.CX9FlFAhasdsIAgkk-1685705658-0-AdjA6lxb+Og2Yiyk1iO6J0Ve9VphFVddhl/BSVJ+FA6+arx7LCST0lMOqC3t/jAn5eOyx7eB+Se5S90zgtPKRWQcJMJCdWPcdz71U8s7kkp9; path=/; expires=Fri, 02-Jun-23 12:04:18 GMT; domain=.mona.co; HttpOnly; Secure; SameSite=None __cfruid=cbd5661c50bb32677eba8e927b58d7f0eac21953-1685705658; path=/; domain=.mona.co; HttpOnly; Secure; SameSite=None _cfuvid=QjY3fK8SnqRCBEPyq_0sBgBibg9H.dGyOc2xWbSHkhs-1685705658617-0-604800000; path=/; domain=.mona.co; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 7d0f62ecfb650b06-OSL X-Firefox-Spdy: h2

	gbx9wv.tdum.alibaba.com/dss.js	47.254.177.101	200 OK	52 B
URL GET HTTP/2 gbx9wv.tdum.alibaba.com/dss.js IP 47.254.177.101:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.alibaba.com Fingerprint1C:F6:1C:5A:BA:BC:59:76:3F:BE:93:70:7B:CC:8E:D4:BA:33:C5:3B ValidityTue, 07 Mar 2023 11:27:03 GMT - Sun, 07 Apr 2024 11:21:11 GMT File type ASCII text, with no line terminators Size 52 B (52 bytes) Hash 0bf981e2dbbb56370fa8b1b07ad37cad 0640cb08a18d3c2e3d9f03734eb596c56d7f9121 0eae64c6ae75dba06332e32ef349546a84c51a64aca92c9ce6a9985c64cf9eac HTTP Headers `GET /dss.js HTTP/1.1 Host: gbx9wv.tdum.alibaba.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:21 GMT content-type: application/javascript server: Tengine vary: Accept-Encoding content-encoding: gzip eagleeye-traceid: 211b88ee16857056610621877e1ba2 strict-transport-security: max-age=31536000 timing-allow-origin: * X-Firefox-Spdy: h2`

	instaforex.org/?x=LVYG	195.201.188.46	302 Found	0 B
URL GET HTTP/2 instaforex.org/?x=LVYG IP 195.201.188.46:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectinstaforex.org Fingerprint7C:99:64:79:61:BB:CF:62:34:52:D0:57:CD:C9:9B:64:DE:35:93:0D ValiditySun, 09 Apr 2023 12:00:19 GMT - Sat, 08 Jul 2023 12:00:18 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?x=LVYG HTTP/1.1 Host: instaforex.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found server: nginx date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=utf-8 content-length: 0 x-powered-by: PHP/7.3.33 set-cookie: secure_partner_cookie=hlmiq.comxllxLVYG; expires=Sat, 01-Jun-2024 11:34:16 GMT; Max-Age=31536000; path=/; domain=.instaforex.org secure_partner_cookie=hlmiq.comxllxLVYG; expires=Fri, 09-Jun-2023 11:34:16 GMT; Max-Age=604800; path=/; domain=.instaforex.org cookie1h=1; expires=Fri, 02-Jun-2023 12:34:16 GMT; Max-Age=3600; path=/ cookie24h=1; expires=Sat, 03-Jun-2023 11:34:16 GMT; Max-Age=86400; path=/ cookieForever=1; expires=Sat, 01-Jun-2024 11:34:16 GMT; Max-Age=31536000; path=/ lang=en; expires=Sun, 02-Jul-2023 11:34:16 GMT; Max-Age=2592000; path=/; domain=.instaforex.org PHPSESSID=8bt90nf8u13c83grfachus1pd2; path=/ x=LVYG; expires=Sat, 01-Jun-2024 11:34:16 GMT; Max-Age=31536000; path=/; domain=.instaforex.org x_time=02-06-2023+13%3A34; expires=Sat, 01-Jun-2024 11:34:16 GMT; Max-Age=31536000; path=/; domain=.instaforex.org d=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.instaforex.org d=https%3A%2F%2Fhlmiq.com%2F; expires=Sat, 01-Jun-2024 11:34:16 GMT; Max-Age=31536000; path=/; domain=.instaforex.org expires: Fri, 02 Jun 2023 11:34:15 GMT pragma: no-cache location: https://instaforex.org/ cache-control: no-cache strict-transport-security: max-age=31536000; x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block X-Firefox-Spdy: h2

	iqbroker.com//lp/ultimate-trading/?active=forex2&aff=7792	185.117.134.138	200 OK	0 B
URL GET HTTP/2 iqbroker.com//lp/ultimate-trading/?active=forex2&aff=7792 IP 185.117.134.138:443 ASN #204006 Iqoption Europe Ltd Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subject.iqbroker.com Fingerprint60:4A:DC:C6:5E:09:FA:1D:40:A5:BF:DB:81:5B:E7:ED:0B:28:39:D2 ValidityFri, 28 Apr 2023 02:06:30 GMT - Thu, 27 Jul 2023 02:06:29 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET //lp/ultimate-trading/?active=forex2&aff=7792 HTTP/1.1 Host: iqbroker.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html; charset=utf-8 last-modified: Fri, 02 Jun 2023 09:17:13 GMT cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 set-cookie: Traceid=f1497222f613d6a95b8f85f685c59fc2; expires=Sat, 10 Jun 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None aff=7792; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None afftrack=; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None retrack=; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None affextra=; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None aff_model=; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None aff_ts=2023-06-02T11:34:15Z; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None landing=/lp/ultimate-trading/; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None IsRestrictedCountry=false; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None IsRegulatedCountry=true; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None Country=no; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None CountryID=149; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None AffTrackGroup=Black_team_(partnerka); expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None Serv=NL; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None referrer=https://hlmiq.com/; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None AppID=id871125783; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None brand_id=1; expires=Fri, 09 Jun 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None platform=9; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None client_platform_id=9; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None support_email=support@eu.iqoption.com; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None company_id=1; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None IsAppStoreCountry=true; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None RedirectDomain=iqoption.com; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None RedirectDomains=iqoption.com,iqtrading.asia; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None linkPolicy=/en/terms-and-conditions/privacy-policy-new; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None linkTerms=/en/terms-and-conditions/terms-and-conditions; expires=Sun, 02 Jul 2023 11:34:15 GMT; domain=.iqbroker.com; path=/; secure; SameSite=None link: <https://iqbroker.com/lp/ultimate-trading/en/forex2/>; rel="canonical" backend: arbitre_v4 remote-addr: 91.90.42.154 content-encoding: gzip strict-transport-security: max-age=15555600 x-content-type-options: nosniff X-Firefox-Spdy: h2

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	45.133.44.52	200 OK	67 kB
URL GET HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.52:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.wpshsdk.com FingerprintC6:79:B3:47:76:9F:50:8D:16:89:5C:EF:0E:BB:24:99:45:66:B6:C2 ValidityFri, 26 May 2023 02:01:30 GMT - Thu, 24 Aug 2023 02:01:29 GMT File type Size 67 kB (67094 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /npc/sdk/push.m.js?v=1 HTTP/1.1 Host: js.wpshsdk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Fri, 02 Jun 2023 09:15:58 GMT etag: W/"6479b34e-10616" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:14 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	kwork.com/	93.171.200.41	200 OK	0 B
URL GET HTTP/2 kwork.com/ IP 93.171.200.41:443 ASN #262254 DDOS-GUARD CORP. Requested by https://hlmiq.com/vu/a/? Certificate IssuerGlobalSign nv-sa Subject.kwork.com Fingerprint4F:AE:EF:39:3C:7E:E5:21:04:0E:C4:41:4A:2E:D7:25:10:25:8B:FC ValidityWed, 24 May 2023 12:27:32 GMT - Mon, 24 Jun 2024 12:27:31 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: kwork.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: ddos-guard date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding, User-Agent content-security-policy: frame-ancestors 'self' https://webvisor.com https://awards.ratingruneta.ru set-cookie: __ddg1_=pbO2P7ua13yDzWAR8saM; Domain=.kwork.com; HttpOnly; Path=/; Expires=Sat, 01-Jun-2024 11:34:16 GMT _kmid=8902e09eaeba3c120f331aa4682c0fad; expires=Mon, 30-May-2033 11:34:16 GMT; Max-Age=315360000; path=/; secure; HttpOnly _kmfvt=1685705656; expires=Mon, 30-May-2033 11:34:16 GMT; Max-Age=315360000; path=/; secure; HttpOnly referrer_url=https%3A%2F%2Fhlmiq.com%2F; expires=Fri, 09-Jun-2023 11:34:16 GMT; Max-Age=604800; path=/; secure; HttpOnly site_version=desktop; expires=Mon, 27-May-2024 11:34:16 GMT; Max-Age=31104000; path=/; secure; HttpOnly cache-control: no-cache, private strict-transport-security: max-age=15552000 x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2

	www.expedia.no/?clickref=1100lwPiPbpR&affcid=NO.DIRECT.PHG.1100l95727.0&ref_id=1100lwPiPbpR&my_ad=AFF.NO.DIRECT.PHG.1100l95727.0&afflid=1100lwPiPbpR&original_destination=https://www.expedia.no/?clickref=1100lwPiPbpR&affcid=NO.DIRECT.PHG.1100l95727.0&ref_id=1100lwPiPbpR&my_ad=AFF.NO.DIRECT.PHG.1100l95727.0&afflid=1100lwPiPbpR	23.38.200.193	200 OK	0 B
URL GET HTTP/2 www.expedia.no/?clickref=1100lwPiPbpR&affcid=NO.DIRECT.PHG.1100l95727.0&ref_id=1100lwPiPbpR&my_ad=AFF.NO.DIRECT.PHG.1100l95727.0&afflid=1100lwPiPbpR&original_destination=https://www.expedia.no/?clickref=1100lwPiPbpR&affcid=NO.DIRECT.PHG.1100l95727.0&ref_id=1100lwPiPbpR&my_ad=AFF.NO.DIRECT.PHG.1100l95727.0&afflid=1100lwPiPbpR IP 23.38.200.193:443 ASN #16625 AKAMAI-AS Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subjectwww.expedia.com Fingerprint8F:1A:6B:1A:A8:D6:6D:41:DF:09:88:D5:3B:59:C3:77:2F:62:50:6B ValidityMon, 15 Aug 2022 00:00:00 GMT - Fri, 18 Aug 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?clickref=1100lwPiPbpR&affcid=NO.DIRECT.PHG.1100l95727.0&ref_id=1100lwPiPbpR&my_ad=AFF.NO.DIRECT.PHG.1100l95727.0&afflid=1100lwPiPbpR&original_destination=https://www.expedia.no/?clickref=1100lwPiPbpR&affcid=NO.DIRECT.PHG.1100l95727.0&ref_id=1100lwPiPbpR&my_ad=AFF.NO.DIRECT.PHG.1100l95727.0&afflid=1100lwPiPbpR HTTP/1.1 Host: www.expedia.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=utf-8 x-page-id: Homepage,U,10 x-app-info: blossom-flex-ui,044866db4fb72a93e49d151e93231a96088f0a77 content-language: nb-NO cache-control: no-cache, no-store, must-revalidate x-frame-options: SAMEORIGIN x-download-options: noopen vary: accept-encoding x-envoy-upstream-service-time: 218 server: istio-envoy x-xss-protection: 1 x-content-type-options: nosniff strict-transport-security: max-age=7776000; includeSubDomains; content-security-policy: frame-ancestors about: 'self' trace-id: ea03988f-2565-4536-9d19-d7b9f4534ac6 x-b3-traceid: ea03988f256545369d19d7b9f4534ac6 x-cgp-info: noJvmRouteSet;685c7feb-0139-11ee-8420-0242dbbc3ad4 x-akamai-transformed: 9 - 0 pmb=mTOE,2 content-encoding: gzip date: Fri, 02 Jun 2023 11:34:17 GMT set-cookie: linfo=v.4,\|0\|0\|255\|1\|0\|\|\|\|\|\|\|\|1044\|0\|0\|\|0\|0\|0\|-1\|-1; Max-Age=157680000; Expires=Wed, 31 May 2028 11:34:17 GMT; Path=/; Domain=.expedia.no; Secure; SameSite=None CRQSS=e\|0; Path=/; Domain=.expedia.no; Secure; HTTPOnly; SameSite=None CRQS=t\|66`s\|66`l\|nb_NO`c\|NOK; Max-Age=94608000; Expires=Mon, 01 Jun 2026 11:34:17 GMT; Path=/; Domain=.expedia.no; Secure; HTTPOnly; SameSite=None currency=NOK; Max-Age=157680000; Expires=Wed, 31 May 2028 11:34:17 GMT; Path=/; Domain=.expedia.no; Secure; HTTPOnly; SameSite=None iEAPID=0; Path=/; Domain=.expedia.no; Secure; SameSite=None tpid=v.1,66; Max-Age=1000000; Expires=Wed, 14 Jun 2023 01:20:57 GMT; Path=/; Domain=.expedia.no; Secure; SameSite=None cesc=%7B%22aff%22%3A%5B%22AFF.NO.DIRECT.PHG.1100l95727.0.1100lwPiPbpR%22%2C1685705657387%5D%2C%22marketingClick%22%3A%5B%22true%22%2C1685705657387%5D%2C%22hitNumber%22%3A%5B%221%22%2C1685705657387%5D%2C%22visitNumber%22%3A%5B%221%22%2C1685705657387%5D%2C%22cidVisit%22%3A%5B%22AFF.NO.DIRECT.PHG.1100l95727.0%22%2C1685705657387%5D%2C%22entryPage%22%3A%5B%22Homepage%22%2C1685705657387%5D%2C%22cid%22%3A%5B%22AFF.NO.DIRECT.PHG.1100l95727.0%22%2C1685705657387%5D%7D; Max-Age=157680000; Expires=Wed, 31 May 2028 11:34:17 GMT; Path=/; Domain=expedia.no; Secure; SameSite=None HMS=d6336ab0-e7a8-4e45-9606-bd85f14a9eb4; Max-Age=1800; Expires=Fri, 02 Jun 2023 12:04:17 GMT; Path=/; Domain=.expedia.no; Secure; SameSite=None MC1=GUID=41c4681cf8d24f328f90d5edbfff4e32; Max-Age=0; Expires=Fri, 02 Jun 2023 11:34:17 GMT; Secure; SameSite=None DUAID=41c4681c-f8d2-4f32-8f90-d5edbfff4e32; Max-Age=0; Expires=Fri, 02 Jun 2023 11:34:17 GMT; Secure; SameSite=None MC1=GUID=41c4681cf8d24f328f90d5edbfff4e32; Max-Age=0; Expires=Fri, 02 Jun 2023 11:34:17 GMT; Domain=.www.expedia.no; Secure; SameSite=None DUAID=41c4681c-f8d2-4f32-8f90-d5edbfff4e32; Max-Age=0; Expires=Fri, 02 Jun 2023 11:34:17 GMT; Domain=.www.expedia.no; Secure; SameSite=None MC1=GUID=41c4681cf8d24f328f90d5edbfff4e32; Max-Age=157680000; Expires=Wed, 31 May 2028 11:34:17 GMT; Path=/; Domain=.expedia.no; Secure; SameSite=None DUAID=41c4681c-f8d2-4f32-8f90-d5edbfff4e32; Max-Age=157680000; Expires=Wed, 31 May 2028 11:34:17 GMT; Path=/; Domain=.expedia.no; Secure; SameSite=None OIP=gdpr\|-1; Max-Age=94608000; Expires=Mon, 01 Jun 2026 11:34:17 GMT; Path=/; Domain=.expedia.no; Secure; SameSite=None CRAS=NO.DIRECT.PHG.1100l95727.0; Max-Age=604800; Expires=Fri, 09 Jun 2023 11:34:17 GMT; Path=/; Domain=.expedia.no; Secure; HTTPOnly; SameSite=None _abck=5EB9090126102DA45D5940EFEE9028B4~-1~YAAQB08kF30DczeIAQAAPwzjewn+fsXxxgSalZjCJ8q88mek5NycccRlWB7upzYhM6hLOOogmv8AhtTzSHQfITcDptLqGbKdy1ZSnm5LtjdEkVu98bIy1QH55u9s1atRX2yn9OFFk1ONVCJIYAErRlNpqpRHmVaqSbgag4Ff5wJYYG/QHaZlc9zblApkQ2vYrMKOj+twLT0Nubi2MpDUtJymd20Wg1rgI1eT9PWgf29V0c+WXd2e612UkwQCSRli8YjLNyylHr5UCx2eEf10/ssgAKFgbxY5g5Jg7mUmWSgrnxVmyQRo6nPNzzmhzdfFaYODxWxNDD2YE1fFgbgNO8MxgDcfemA5Ce1H3YGUX1q82xBryyA5SWCHlY8=~-1~-1~-1; Domain=.expedia.no; Path=/; Expires=Sat, 01 Jun 2024 11:34:17 GMT; Max-Age=31536000; Secure ak_bmsc=DCF3B41A3C7649A312CAA1E21B1D19B8~000000000000000000000000000000~YAAQB08kF34DczeIAQAAPwzjexNKogdlf/j1Fkr9gTDyB+vM/+ClPrVeMeIVJyHxxgfXN8y9x3qqg9rtis9n/7x6mOUBQkY+f5I5WelD7Tlnd4a58jcfV5woIph/R/gLglITVYbU1CKil5FVgV1XhC4S/k7c2njtb5WpKYdyIUJU4BjqewEwIBx6g83d1CdeE/RtE+8SJbhW9Zhu3T5SZ6hNVST8+V2VPOHcxpAm05beasP3yefkasWYlNM/+tYmb2p9t9qzYeufD+tIbSgCYuKt/9bWVwYv+pkXbQY23d5av9OB4S80tp3cC6nVKKW5DpG79/DPs1y1yAK/JuwjPJSDUmMElCdyGdCSAkOilor26Bce2ve3UoOMeVOR4vI78Ip88cLP; Domain=.expedia.no; Path=/; Expires=Fri, 02 Jun 2023 13:34:17 GMT; Max-Age=7200; HttpOnly bm_mi=901D6643589D33F64BA67A57B499B9F9~YAAQB08kF38DczeIAQAAPwzjexNOIB6zlh3/NSMPSCKRv5BO2iaylWuFAGW9fz54HRwtWMbNvJN2uPdRVIeIMpg5hMr1J4diHn5RzeIM0yMA+fbtPBGIepb0o5BbrVVs+Jhq3hanFuig381iQk3kDcgXT6XGm0dZ6o/b6988g18FtDjeT9e6GSOjeIio5bt921N5IVG+qjRkRgC9VPzWoiTt970xV2Rtvw9vvUp5Uyey1rKaRwdxaeyRotr8IuTRoImxKhHeUXiOapPdG+8dtttu7voxLBJwIyp1xbxIcE1JS3v49ERRPwGMf7vy~1; Domain=.expedia.no; Path=/; Expires=Fri, 02 Jun 2023 11:34:17 GMT; Max-Age=0; Secure bm_sz=371B83D548AB77EBECFBD48364560BFF~YAAQB08kF4ADczeIAQAAPwzjexM0T0KDXXYuH7UT76vEDOtBzFhXfYpbnnOUMFp+M2BcvSZoC7BZMlafNKpmsyANf7f1T7+uQWQXqK0AzXNtQNIoqm6mf6Gzk0NgjrwN9U5EidBSv/AliQlhDZzgioHxhPRKoBTZSOKLW6AXZWtlCqdRPccAk3p0A2ObhebVQ1EzxFDIOP8yJf8ROytOH3Wrq+zlp/qy2ZIsfSnlJN5DVehFcvu21BclNZnwZ2CjqdITJqObP71Pg3xJ19uLnsYB0Vo7HKj1gTt17svXTTBgc+s=~3618865~4471096; Domain=.expedia.no; Path=/; Expires=Fri, 02 Jun 2023 15:34:17 GMT; Max-Age=14400 x-edgeconnect-cache-status: 0 X-Firefox-Spdy: h2

	js.canstrm.com/video-slider-ad/build.js	45.133.44.53	200 OK	164 kB
URL GET HTTP/2 js.canstrm.com/video-slider-ad/build.js IP 45.133.44.53:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.canstrm.com FingerprintCA:5E:79:01:84:B8:D9:CA:57:15:95:D3:A4:19:83:73:17:71:DE:52 ValidityWed, 24 May 2023 07:02:49 GMT - Tue, 22 Aug 2023 07:02:48 GMT File type Size 164 kB (164120 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /video-slider-ad/build.js HTTP/1.1 Host: js.canstrm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:15 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Wed, 31 May 2023 15:08:46 GMT etag: W/"647762fe-28118" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:15 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	referral.crypto.com/signup?_branch_match_id=1193142884920872333	104.17.108.60	200 OK	0 B
URL GET HTTP/3 referral.crypto.com/signup?_branch_match_id=1193142884920872333 IP 104.17.108.60:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectcrypto.com FingerprintFE:C9:EF:7F:D2:E4:56:EB:6E:D4:D8:D2:DC:CC:D6:F8:87:6C:3E:3F ValidityMon, 05 Dec 2022 00:00:00 GMT - Tue, 05 Dec 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /signup?_branch_match_id=1193142884920872333 HTTP/1.1 Host: referral.crypto.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Cookie: __cf_bm=eDZbMbRE19DnHADidWMUACW1uL_uBMLR9rvRjQODFCs-1685705655-0-AT79spgTD4z84TSJyDVofBQEwA9tgT5UAKJYbt2VG+W1IBebeNguuT79xDzeFys8apHKe0RTEwcN2ccxIesZkrc=; _cfuvid=uF5vqU5OMlu9ZSqKmfCgJR1WmsrraDLlkAEK_Vp.G8o-1685705655610-0-604800000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:18 GMT content-type: text/html; charset=utf-8 cache-control: no-cache, no-store pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT set-cookie: cs=184a36b6ae86788c434c3e52d50cbd7a; path=/; expires=Sun, 02 Jul 2023 11:34:18 GMT; HttpOnly; secure; SameSite=Lax x-request-id: cdc65579-0284-4582-ac59-06272795c23d x-runtime: 0.012469 strict-transport-security: max-age=604800 x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62ee8e2db51d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	assets.alicdn.com/g/ae-fe/global/0.0.3/index.js	104.110.21.4	200 OK	157 kB
URL GET HTTP/2 assets.alicdn.com/g/ae-fe/global/0.0.3/index.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type Size 157 kB (157289 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /g/ae-fe/global/0.0.3/index.js HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript access-control-allow-origin: * ali-swift-global-savetime: 1668878682 content-encoding: br content-md5: prkhmRt0YCJQUoclmKII8Q== eagleid: 2ff62e9816688786819743615e last-modified: Thu, 20 Apr 2023 14:24:39 GMT served-from: 23.199.73.141 server: Akamai Resource Optimizer timing-allow-origin: * x-source-scheme: https x-swift-cachetime: 3599 x-swift-savetime: Sat, 19 Nov 2022 17:24:43 GMT x-oss-hash-crc64ecma: 16903611061583817401 x-oss-object-type: Normal x-oss-request-id: 6379115AED3C0C32399DD200 x-oss-server-time: 20 x-oss-storage-class: Standard content-length: 43798 cache-control: max-age=702524, s-maxage=3600 expires: Sat, 10 Jun 2023 14:43:00 GMT date: Fri, 02 Jun 2023 11:34:16 GMT network_info: DE_FRANKFURT_34164, NO_OSLO_50304 X-Firefox-Spdy: h2

	aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js	104.110.21.4	200 OK	178 kB
URL GET HTTP/2 aeis.alicdn.com/AWSC/WebUMID/1.93.0/um.js IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 178 kB (177654 bytes) Hash a4cff78229e56fde5f28d1999679a1d1 8d8f89aa7d26569337192dce8a12daaa1867bcd4 4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0 HTTP Headers `GET /AWSC/WebUMID/1.93.0/um.js HTTP/1.1 Host: aeis.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 77438 x-oss-request-id: 64454D68151A333738006B37 x-oss-object-type: Normal x-oss-hash-crc64ecma: 2332966527039349753 x-oss-storage-class: Standard content-md5: pM/3ginlb95fKNGZlnmh0Q== x-oss-server-time: 7 x-source-scheme: https content-encoding: gzip ali-swift-global-savetime: 1682263400 x-swift-savetime: Sun, 23 Apr 2023 22:16:13 GMT x-swift-cachetime: 61627 eagleid: 2ff62c9916822881729714138e served-from: 104.123.68.214 cache-control: max-age=1482494, s-maxage=86400 expires: Mon, 19 Jun 2023 15:22:31 GMT date: Fri, 02 Jun 2023 11:34:17 GMT vary: Accept-Encoding network_info: NO_OSLO_50304 timing-allow-origin: , access-control-allow-origin: * access-control-expose-headers: FW_IP fw_ip: 104.110.21.4 X-Firefox-Spdy: h2

	ynuf.aliapp.org/w/wu.json	203.119.145.40	200 OK	156 B
URL GET HTTP/2 ynuf.aliapp.org/w/wu.json IP 203.119.145.40:443 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.alibabacorp.com Fingerprint21:4B:26:A9:58:52:03:EC:07:38:66:00:3B:39:33:F3:9B:56:E7:16 ValidityWed, 12 Apr 2023 23:17:04 GMT - Mon, 13 May 2024 23:11:02 GMT File type ASCII text, with no line terminators Size 156 B (156 bytes) Hash 0cb3dcc649bd9de160770edd236352e6 0eb4080194d544bd944050e0c0ec08cec3594723 262367dd5cfc4edc7823a5715f7a554017dcc27dade1024a5ed5a585e0d264f3 HTTP Headers `GET /w/wu.json HTTP/1.1 Host: ynuf.aliapp.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:22 GMT content-type: text/javascript;charset=utf-8 content-length: 156 x-application-context: umid-web:cn-prod:7001 access-control-allow-methods: GET,POST,OPTIONS access-control-allow-credentials: true access-control-allow-headers: Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With etag: G316AFED521EECA5A79800D68D1EE0529FB9CA95D6B5A792FC7 cache-control: no-cache set-cookie: cbc=G2525C33DC3E55EAE260A1E2246F3E43216A412E2E466477355; Max-Age=31536000; Expires=Sat, 01-Jun-2024 11:34:22 GMT; Domain=ynuf.aliapp.org; Path=/ x-content-type-options: nosniff x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000 ; includeSubDomains server: Tengine/Aserver eagleeye-traceid: 21507fde16857056621191535e869f timing-allow-origin: * X-Firefox-Spdy: h2

	rbfxdirect.com/ru/lk/?a=zkeb	172.67.191.237	302 Found	0 B
URL GET HTTP/2 rbfxdirect.com/ru/lk/?a=zkeb IP 172.67.191.237:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoogle Trust Services LLC Subjectrbfxdirect.com Fingerprint2C:44:4A:C6:AF:EC:13:4E:82:99:1F:87:D2:34:FB:9C:3A:FF:F7:69 ValidityMon, 29 May 2023 06:21:31 GMT - Sun, 27 Aug 2023 06:21:30 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ru/lk/?a=zkeb HTTP/1.1 Host: rbfxdirect.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html location: https://my28.roboforex.org/ru/?a=zkeb strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AakDp15tJZ6wlO83SogxdHsgX1xg36vE8W6Jd16IBlKRD3RNAtBST2o5y9p4el2oxV1rfOrGxwmNptUwbmRYZXk2e84Z5SrpehmTrQVvOqQlX7aVqbgts51gJRtBgTZDiA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62db79f2b4f4-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	javmec.me/	188.114.96.1	200 OK	155 kB
URL User Request GET HTTP/2 javmec.me/ IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type Size 155 kB (155295 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding, Accept-Encoding cache-control: max-age=86400 cf-cache-status: HIT age: 6031 last-modified: Fri, 02 Jun 2023 09:53:41 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riYsEz%2FtttSUD6QZX4fd8baw%2FMvOuX6wk4Z5D3w1MznQrscEZVWWkAVejqEF6ugmGmgK0udKHs4VmdZYYhodHaU8Fluw25pjg3V%2FNNJS8xscSAJhuAUvG6D4dro%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c67d1db524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	lite-1x69818824.top/en?tag=s_137887m_355c_	0.0.0.0		0 B
URL GET lite-1x69818824.top/en?tag=s_137887m_355c_ IP 0.0.0.0:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subject.lite-1x69818824.top FingerprintFD:B9:02:5B:46:81:55:18:FD:6A:F1:3D:CB:AC:04:AE:45:A9:1A:0F ValidityFri, 31 Mar 2023 01:05:01 GMT - Thu, 29 Jun 2023 01:05:00 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /en?tag=s_137887m_355c_ HTTP/1.1 Host: lite-1x69818824.top User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:19 GMT content-type: text/html; charset=utf-8 accept-ranges: none content-encoding: gzip server-timing: total;dur=1753;desc="Nuxt Server Time", dt_285;dur=1765, px_285;dur=1765 set-cookie: platform_type=desktop; Path=/; Expires=Mon, 05 Jun 2023 11:34:17 GMT lng=en; Path=/ SESSION=9d1ee58b88f7a9941f73d226b5648363; Path=/; HttpOnly; Secure; SameSite=Lax cookies_agree_type=3; Path=/ tzo=2; Path=/ referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_137887m_355c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Tue, 01 Aug 2023 11:34:18 GMT reflinkid=s_137887m_355c_; Path=/; Expires=Fri, 02 Jun 2023 12:34:18 GMT postback_watcher=; Path=/; Expires=Fri, 02 Jun 2023 11:34:22 GMT auid=sv0PWGR507sbAUcxAy9iAg==; path=/; secure; httponly; samesite=lax vary: Accept-Encoding x-frame-options: SAMEORIGIN strict-transport-security: max-age=63072000; includeSubDomains; preload X-Firefox-Spdy: h2

	www.litefinance.org/ru/?uid=322652589&cid=211397	0.0.0.0		0 B
URL GET www.litefinance.org/ru/?uid=322652589&cid=211397 IP 0.0.0.0:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectlitefinance.org Fingerprint45:11:AD:46:F2:75:76:10:E5:71:DB:1E:2E:4C:E0:3F:AF:91:4F:A7 ValidityMon, 06 Feb 2023 00:00:00 GMT - Mon, 05 Feb 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ru/?uid=322652589&cid=211397 HTTP/1.1 Host: www.litefinance.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding set-cookie: uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.lite.forex; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.lite.forex; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.id-liteforex.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.id-liteforex.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-id.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-id.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-indo.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-indo.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.ir-litefinance.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.ir-litefinance.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-vi.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-vi.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-vi.org; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-vi.org; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinancevn.org; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinancevn.org; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.indo-liteforex.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.indo-liteforex.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefx-indo.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefx-indo.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.indo-litefx.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.indo-litefx.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-indonesia.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-indonesia.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.eu; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.eu; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance.org; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance.org; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.my; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.my; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-thailand.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-thailand.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.pl; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.pl; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.br.com; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.br.com; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.pt; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.pt; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.es; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.es; secure uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.ae; secure tmp_uid=322652589; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.ae; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.lite.forex; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.id-liteforex.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-id.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-indo.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.ir-litefinance.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-vi.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-vi.org; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinancevn.org; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.indo-liteforex.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefx-indo.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.indo-litefx.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance-indonesia.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.eu; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.litefinance.org; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.my; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex-thailand.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.pl; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.br.com; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.pt; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.es; secure cid=211397; expires=Sat, 01-Jun-2024 11:34:15 GMT; Max-Age=31536000; path=/; domain=.liteforex.ae; secure PHPSESSID=7cher5k1hccd1p6k1698qm318o; path=/; HttpOnly _csrf=527ffbfad30686ca4e3fb70b160185f302329ac971cca023a5aa9e0b9bda2a94a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22DVQp8bfcjfRpfuyKcuhzHMt-UKJf1i-H%22%3B%7D; path=/; HttpOnly; SameSite=Lax expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: SAMEORIGIN cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62db8cdfb4fd-OSL content-encoding: gzip X-Firefox-Spdy: h2

	login.aliexpress.com/join/login_page_config.htm	104.110.21.4	200 OK	1.1 kB
URL GET HTTP/2 login.aliexpress.com/join/login_page_config.htm IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (1230), with no line terminators Size 1.1 kB (1100 bytes) Hash 6dd1c43f385f3b7a342de0637cc28888 3ab1f95a14b46aff591dc7fa6d9412ea255359a7 fb02bee5063b56822414bf01ed3c0ade8ee4c704596b12e52c38e05ef53a4962 HTTP Headers GET /join/login_page_config.htm HTTP/1.1 Host: login.aliexpress.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Cookie: af_ss_a=1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/json;charset=utf-8 vary: Accept-Encoding server: Apache-Coyote/1.1 p3p: CP="CAO PSA OUR" access-control-allow-credentials: true content-language: en-US eagleeye-traceid: 21038ede16857056567204804e1a63 strict-transport-security: max-age=31536000 timing-allow-origin: * content-encoding: gzip content-length: 528 date: Fri, 02 Jun 2023 11:34:16 GMT set-cookie: ali_apache_id=33.3.142.222.1685705656722.387791.4; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_l=0&acs_rt=12db2f45e24944f1b315ef3862a890af; Domain=.aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:23 GMT; Path=/ xman_t=PHMjomjkmh/p8j2wHhCenkap5ChnTS+Eh9sZIKOwc8v2/IZ3asHl+J3ITlKUMqqN; Domain=.aliexpress.com; Expires=Thu, 31-Aug-2023 11:34:16 GMT; Path=/; HttpOnly acs_usuc_t=acs_rt=12db2f45e24944f1b315ef3862a890af&x_csrf=1503blvaag6hr; Domain=.aliexpress.com; Path=/ xman_f=iHQfoZKeWH0YXLe4McZkx3/jFhw75PhR7eAYLBYmQDUCrn2RCJl2pGlb7+t454Zzyn1Qo0bLrp+qs/HInhIRm+Ak5CkZY88xbUejsN5qAoseeexY6vTagw==; Domain=.aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:23 GMT; Path=/; HttpOnly ali_apache_track=; Domain=.aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:23 GMT; Path=/ ali_apache_tracktmp=; Domain=.aliexpress.com; Path=/ xman_us_f=x_l=0&acs_rt=12db2f45e24944f1b315ef3862a890af; Domain=.aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:23 GMT; Path=/ xman_t=lg+LcOAs2UP8MC7xHHLuxpwQDyGLOgqSz8bTHhgkyGFF+N37enFKD88SQR6nP0Ox; Domain=.aliexpress.com; Expires=Thu, 31-Aug-2023 11:34:16 GMT; Path=/; HttpOnly acs_usuc_t=acs_rt=12db2f45e24944f1b315ef3862a890af&x_csrf=1503blvaag6hr; Domain=.aliexpress.com; Path=/ xman_f=sikImeRoZ5C28fv8Fx12vUic87jO9CL3xOsVsS2GFOcpB7d7ce06aOg/RXwIbi5ZFdIgOu6HGS9LWyNHy24LVIOcgqyiTdgVqLyYEymX2ZaxS6UNq/aJhQ==; Domain=.aliexpress.com; Expires=Wed, 20-Jun-2091 14:48:23 GMT; Path=/; HttpOnly e_id=pt50; Expires=Mon, 30 May 2033 11:34:16 GMT; Path=/; Domain=.aliexpress.com server-timing: ak_p; desc="468251_388255175_167398611_4806_1165_18_0";dur=1 X-Firefox-Spdy: h2

	www.xm.com/ru/?utm_source=hlmiq.com&utm_content=1104887&utm_medium=affiliate	0.0.0.0		0 B
URL GET www.xm.com/ru/?utm_source=hlmiq.com&utm_content=1104887&utm_medium=affiliate IP 0.0.0.0:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subjecttrading-point.com FingerprintA9:94:C6:37:A4:48:46:89:4E:72:EA:A3:FE:6B:28:31:92:44:6E:A2 ValidityTue, 30 Aug 2022 00:00:00 GMT - Wed, 30 Aug 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ru/?utm_source=hlmiq.com&utm_content=1104887&utm_medium=affiliate HTTP/1.1 Host: www.xm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: Apache link: <https://www.xm.com/ru/wp-json/>; rel="https://api.w.org/" x-frame-options: SAMEORIGIN access-control-allow-methods: GET, OPTIONS access-control-allow-headers: Authorization, X-Requested-With, Content-Type, Origin, Accept, Cookie access-control-allow-credentials: true content-type: text/html; charset=UTF-8 x-akamai-transformed: 9 - 0 pmb=mTOE,5mRUM,2 vary: Accept-Encoding content-encoding: gzip expires: Fri, 02 Jun 2023 11:34:17 GMT cache-control: max-age=0, no-cache, no-store pragma: no-cache date: Fri, 02 Jun 2023 11:34:17 GMT server-timing: cdn-cache; desc=REVALIDATE, edge; dur=63, origin; dur=801, ak_p; desc="468251_388255508_1434156231_86267_9311_10_0";dur=1 strict-transport-security: max-age=15768000 set-cookie: APPSESSID=o33kutg9jkoeo83bl3eac207pgco10quga5ov5248r6c4u2dl2sbgj1c687vru37shipeov03qi1qijult0hnbcqqbg7ll57l36k0at; expires=Fri, 02-Jun-2023 19:34:16 GMT; Max-Age=28800; path=/; domain=.xm.com; secure; HttpOnly; SameSite=None _abck=022633A183ABF214A6120053881FC1B7~-1~YAAQFE8kFyA14m+IAQAAsQ3jewm4E5jDtHD/LXPsqjqHIjzW5pj2uOQ5384NQOCg5Jp6nvB1Sl1s27tmTtXSc1t+e8flU2az+F8BBiaZ/gRgjZtmczs/eepKMQGcfjYJ0xnB1L03DlwyIZg0HyjRCblVceMDDT+qDI7teM9w57pLQBhOsU0s2mrFxbTlp0cv9KdbCL3/ov6DbrZsXw+uY9dgodQCYh2TLwt5ewYMj07G7TrgwDg6+Au7FKh2CwdG37/85Z9bIQ5HfKtxYfj702KGPdF4DY2+JdtB2ZdqQYcYHLsoE1yQrOdXI+W6ldpJJKO8ugqmvlxIys7XniFjueBxDLVIQkgzzOssDWlzlETdbygY6uHkFw==~-1~-1~-1; Domain=.xm.com; Path=/; Expires=Sat, 01 Jun 2024 11:34:17 GMT; Max-Age=31536000; Secure ak_bmsc=4F463641FE4FAA1489D5FB43090604FD~000000000000000000000000000000~YAAQFE8kFyE14m+IAQAAsQ3jexMd7k4cIArnusVfRzxZrbiYp/0OxTKJfam1/qzYm88f2i7xQfM8MR32cBetQ1+6GXObAMVPccIqzqphWlvmkBYYAUq+ZPohCHs7TFnx9lB6vm2/clS8kYhOgoodCSqsbPSslb7dgaNv5FydrY9Jzh84pq3I4iF40quQocnn7HNJGbk4hmpavEwt/WHwZfFa3mCvsBJ6MYBJvib7GNzv6vkqMG7Nolc4+cqyEN6ia8t4ciD8Mc+vPpRqzBiBNSymYuxbgqd9zgZJP04hg1a2qguO96I5DYTkrwqG6WKV4is+w2A/kEE1D9IY98j0zq/mB/z7GNstOLnBeoEhHx5/Mq1zO5he9/8tG+gHon0ynJM=; Domain=.xm.com; Path=/; Expires=Fri, 02 Jun 2023 13:34:16 GMT; Max-Age=7199; HttpOnly bm_mi=C8E32D7122DDE51CD0A5D1BEADD4B80B~YAAQFE8kFyI14m+IAQAAsQ3jexP5YFftCsnkYde3koMg/2bgJW9Ok7hvjuUKwOZE0EA3xUguLsrYfV6gTWKBcHvAGbNgo5dbDsEdWNZMWzplVlH15zE6TqYOv+TysPtC54aMzXN9WT3tzS48xAJhiDqY8w1aA/nVyU032VtzpoFa5hpFKY19Vbax9Dj4EHmgSCR6mvlq6MjbzuTM3SXuWqZ0NFyEY6aPpnKUpqyJYG7vZB7EJ8qyF8IMQi+SXiKc/M7R/o9GFqyKKlaB8FkKShb7t/z4UGnIDFwdFfT7+Fa9pQck7bGjeYfyLPMV~1; Domain=.xm.com; Path=/; Expires=Fri, 02 Jun 2023 11:34:17 GMT; Max-Age=0; Secure bm_sz=D9187776A7A16A1C43F4337435129A53~YAAQFE8kFyM14m+IAQAAsQ3jexPFJE4on1OY6M4XTxapYSDd6ZD95wKBWh3d0VzbQQ+ZQgWJJVSGsoj4xRAlaFyz11eeSbiYOqDcqZwv67oSocTvabjYzr4fDt7Oyhnaykhmuff5vVMzepCDI21QTeguoTExUd0xRGz/uLSiH+ZIvf2TqFWKXMZX4pby3lquUwrruJ8azB9Q70YdX3+xf7Sp/OeTZH70xHriWSKFk6y5XK+7+nVLzq5Dvdkdjt0HHu2rp64dHVk8D6nhUreuwrQojfyIO0Ar4TMsLx3VAA==~3227956~4535107; Domain=.xm.com; Path=/; Expires=Fri, 02 Jun 2023 15:34:16 GMT; Max-Age=14399 X-Firefox-Spdy: h2

	betwinner1.com/pwapp/?register=1&btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS&$reg_link=undefined	94.241.134.4	200 OK	0 B
URL GET HTTP/2 betwinner1.com/pwapp/?register=1&btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS&$reg_link=undefined IP 94.241.134.4:443 ASN #201936 Redstart Group Holding Ltd Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectbetwinner1.com FingerprintE4:21:6A:BE:E7:0C:DE:28:84:EF:66:9A:4A:EC:1F:B0:52:01:B1:22 ValidityMon, 24 Apr 2023 07:52:38 GMT - Sun, 23 Jul 2023 07:52:37 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /pwapp/?register=1&btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS&$reg_link=undefined HTTP/1.1 Host: betwinner1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=utf-8 x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 vary: Accept-Encoding, User-Agent set-cookie: lang=en; Path=/; Expires=Sat, 01 Jun 2024 11:34:16 GMT; SameSite=Lax btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS; Max-Age=2592000; Path=/ content-security-policy: default-src 'self'; manifest-src 'self' .cdn-svc.com cdn-svc.com .bw-ng-cdn.com bw-ng-cdn.com bw-ke-cdn.com .bw-ke-cdn.com .cloudfront.net cloudfront.net admaxium.com; img-src 'self' https: data: www.googletagmanager.com https://www.google-analytics.com www.google-analytics.com livetex.ru .livetex.ru .livetex.me suphelper.com connect.facebook.net a.mgid.com; font-src 'self' .cdn-svc.com cdn-svc.com .bw-ng-cdn.com bw-ng-cdn.com bw-ke-cdn.com .bw-ke-cdn.com .cloudfront.net cloudfront.net admaxium.com livetex.ru .livetex.ru .livetex.me suphelper.com connect.facebook.net a.mgid.com; style-src 'self' 'unsafe-inline' .cdn-svc.com cdn-svc.com .bw-ng-cdn.com bw-ng-cdn.com bw-ke-cdn.com .bw-ke-cdn.com .cloudfront.net cloudfront.net admaxium.com hcaptcha.com .hcaptcha.com livetex.ru .livetex.ru .livetex.me suphelper.com connect.facebook.net a.mgid.com; script-src 'sha256-2D++9qXq5gp5HwhmHdA/uE17/kUSHBP4nloMGYDylVI=' 'self' 'self' 'unsafe-eval' .curacao-egaming.com sentry.io .sentry-cdn.com .cdn-svc.com cdn-svc.com .bw-ng-cdn.com bw-ng-cdn.com bw-ke-cdn.com .bw-ke-cdn.com .cloudfront.net cloudfront.net admaxium.com https://www.googletagmanager.com https://www.google-analytics.com hcaptcha.com .hcaptcha.com livetex.ru .livetex.ru .livetex.me suphelper.com connect.facebook.net a.mgid.com; media-src 'self' https:; object-src 'self'; form-action 'self' https:; frame-ancestors 'self' .cdn.ampproject.org; connect-src 'self' sentry.io https: livetex.ru .livetex.ru .livetex.me suphelper.com connect.facebook.net a.mgid.com; frame-src 'self' https: hcaptcha.com .hcaptcha.com livetex.ru .livetex.ru .livetex.me suphelper.com connect.facebook.net a.mgid.com; report-uri https://sentry.io/api/2526531/security/?sentry_key=5427214683814771b4822946cf61ba3b etag: W/"82e4-1nds/wV/D7u+Q5L90t8MBSIwQmg" link: <https://cdn-svc.com/a4b6626b/f24509d46ced70fe6c4e_pwa.js>; rel=preload; crossorigin=anonymous; as=script, <https://cdn-svc.com/a4b6626b/dcc2baddd4502353550d_pwa.js>; rel=preload; crossorigin=anonymous; as=script, <https://cdn-svc.com/a4b6626b/169252265afec85c0c22_pwa.css>; rel=preload; crossorigin=anonymous; as=style, <https://cdn-svc.com/a4b6626b/64ab3459ada5dc6a630f_pwa.js>; rel=preload; crossorigin=anonymous; as=script, <https://cdn-svc.com/a4b6626b/0071980ffc797e4b6610_pwa.js>; rel=preload; crossorigin=anonymous; as=script, <https://cdn-svc.com/a4b6626b/bff5942e4657d5c26a34_pwa.css>; rel=preload; crossorigin=anonymous; as=style, <https://cdn-svc.com/a4b6626b/b6d6e1e39f7848306c91_pwa.js>; rel=preload; crossorigin=anonymous; as=script content-encoding: br strict-transport-security: max-age=63072000; includeSubDomains; preload X-Firefox-Spdy: h2

	ntvpwpush.com/dl/cookies	157.90.84.246	200 OK	620 B
URL GET HTTP/2 ntvpwpush.com/dl/cookies IP 157.90.84.246:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectnotification.tubecup.net FingerprintC3:3A:0A:7D:9C:4B:21:97:39:A7:AD:B8:87:47:F1:35:32:D9:84:53 ValidityFri, 28 Apr 2023 11:39:09 GMT - Thu, 27 Jul 2023 11:39:08 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (656), with no line terminators Size 620 B (620 bytes) Hash 0f28ac8b62710210d8c20200cb32caf2 e5cf4c2df4e48eff5fe877531dd3f12351c0c37d 2e6743f06e4cc09ff077b579b75511eaaf5ccf370f70fd2075d74725bf5b872c HTTP Headers `GET /dl/cookies HTTP/1.1 Host: ntvpwpush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:14 GMT content-type: text/html vary: Origin cache-control: no-transform, no-cache, no-store, must-revalidate pragma: no-cache access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: * content-encoding: gzip X-Firefox-Spdy: h2`

	hlmiq.com/vu/a/	142.132.202.70	200 OK	187 B
URL GET HTTP/1.1 hlmiq.com/vu/a/ IP 142.132.202.70:443 ASN #24940 Hetzner Online GmbH Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjecthlmiq.com Fingerprint76:F7:2B:47:FA:82:52:97:1D:77:80:F9:6D:9F:88:93:BD:70:EB:A4 ValidityTue, 04 Apr 2023 03:48:54 GMT - Mon, 03 Jul 2023 03:48:53 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators Size 187 B (187 bytes) Hash 6446fcd95ea9e02c979088c4d5c887bc d4e833be7b648a0d219a0625dd7dc19301768241 8910a4e0a0c73ca3f8c4051a34e42ff732eff74681bf315dddda645dcbc098d7 HTTP Headers `GET /vu/a/ HTTP/1.1 Host: hlmiq.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip`

	my28.roboforex.org/ru/?a=zkeb	104.26.15.104	403 Forbidden	0 B
URL GET HTTP/2 my28.roboforex.org/ru/?a=zkeb IP 104.26.15.104:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectroboforex.org FingerprintF4:98:37:67:26:86:06:BD:11:DE:2A:32:A5:9B:4C:22:9F:4A:42:64 ValiditySat, 15 Apr 2023 00:55:10 GMT - Fri, 14 Jul 2023 00:55:09 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ru/?a=zkeb HTTP/1.1 Host: my28.roboforex.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 403 Forbidden date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html x-app-rbfx: LK cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWGX2qhRpvn8qGrsC3rH8OsCAt%2BzC4dYwPq1%2BjWGZo1RnlWh%2BPISBM2Vzj3JDarTC1qze8m7pryaXXgQ5IQ8yyI9j%2B7t43kNvFX8tE%2FKaxILsHpy4XaWZZNjfQ4VmVMFAGz5SA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62de4e6cb4ed-OSL content-encoding: br X-Firefox-Spdy: h2

	js.cabnnr.com/banner-admanager/build.m.js	45.133.44.53	200 OK	54 kB
URL GET HTTP/2 js.cabnnr.com/banner-admanager/build.m.js IP 45.133.44.53:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.cabnnr.com Fingerprint36:64:A7:26:E0:BB:1A:27:75:7D:18:C4:87:7F:E1:73:E9:FD:84:CE ValiditySun, 23 Apr 2023 23:02:02 GMT - Sat, 22 Jul 2023 23:02:01 GMT File type Size 54 kB (53707 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /banner-admanager/build.m.js HTTP/1.1 Host: js.cabnnr.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Thu, 18 May 2023 10:52:31 GMT etag: W/"6466036f-d1cb" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:14 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	javmec.me/assets/js/vendor/bootstrap.min.js	188.114.96.1	200 OK	36 kB
URL GET HTTP/3 javmec.me/assets/js/vendor/bootstrap.min.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type ASCII text, with very long lines (32087) Size 36 kB (35601 bytes) Hash 2616d3564578d8f845813483352802a9 5ada7c103fc1deabc925cc1fdbbb6e451c21fc70 f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0 HTTP Headers `GET /assets/js/vendor/bootstrap.min.js HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: application/javascript vary: Accept-Encoding, Accept-Encoding last-modified: Fri, 30 Nov 2018 23:09:16 GMT etag: W/"5c01c31c-8b11" expires: Sun, 02 Jul 2023 02:54:27 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29015 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5Rs8qyyiE2eMUBmG3Q8IGrtmeg84Isit20mBMKZJ7nQS0OKUGPMm4GLlKXepDnOI7CQfv2YY3BmS9cXdevyKRwwFIEmfr2TlCr%2FRfXnDXgioJRQNIVSl5Akas4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c90f080b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	www.exness.uk/?utm_source=partners&_8f4x=1	45.60.78.64	200 OK	0 B
URL GET HTTP/2 www.exness.uk/?utm_source=partners&_8f4x=1 IP 45.60.78.64:443 ASN #19551 INCAPSULA Requested by https://hlmiq.com/vu/a/? Certificate IssuerSectigo Limited Subjectwww.exness.uk Fingerprint82:44:51:89:A2:7A:88:A2:84:A1:53:83:35:C2:B2:8B:40:87:3B:75 ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?utm_source=partners&_8f4x=1 HTTP/1.1 Host: www.exness.uk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:17 GMT content-type: text/html last-modified: Thu, 25 May 2023 10:09:22 GMT etag: W/"646f33d2-14419" x-frame-options: DENY x-xss-protection: 1; mode=block referrer-policy: same-origin link: </82d7070de4c7762d/webpack-runtime-ec2f5bac28deda05b3af.js>; rel=preload; as=script, </82d7070de4c7762d/framework-16dc2c5e427df4006897.js>; rel=preload; as=script, </82d7070de4c7762d/app-abd151c66dd295e23d53.js>; rel=preload; as=script, </82d7070de4c7762d/48082c80baf34f4866388fc0f831a7e153b96cc0-8cac36cf75830b5c0bd5.js>; rel=preload; as=script, </82d7070de4c7762d/component---src-templates-page-home-js-81ba6af23527f15dbe79.js>; rel=preload; as=script, </82d7070de4c7762d/page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </82d7070de4c7762d/page-data/index/page-data.json>; rel=preload; as=fetch; crossorigin x-router-node: pw-uk-m9x85 x-robots-tag: noindex, nofollow strict-transport-security: max-age=15724800; includeSubDomains cache-control: no-cache, private x-content-type-options: nosniff set-cookie: language=en;Path=/;Max-Age=2628000 nlbi_1243376=3W0KPNIBBkOWdX/DhB7R3QAAAABdCH+MPUVtJzOAfeXGG6+8; path=/; Domain=.exness.uk visid_incap_1243376=zdd7qMWnTz2utrmrM+2/QbjTeWQAAAAAQUIPAAAAAAAKGmdh3VEuNKBTuXxeRuuM; expires=Fri, 31 May 2024 22:36:05 GMT; HttpOnly; path=/; Domain=.exness.uk incap_ses_633_1243376=lBK9KvuYAElt/Rhuwd7ICLjTeWQAAAAAYpizMfumbrUdAILrFT8DnA==; path=/; Domain=.exness.uk x-cdn: Imperva content-encoding: gzip x-iinfo: 4-2410300-2409664 pNYN RT(1685705656508 22) q(0 0 0 0) r(0 0) U12 X-Firefox-Spdy: h2

	javmec.me/android-icon-192x192.png	188.114.96.1	200 OK	22 kB
URL GET HTTP/3 javmec.me/android-icon-192x192.png IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Size 22 kB (21985 bytes) Hash 8bfd0764b49303b82e19b965c0c21359 a1fb60eafee0623acf9e1031ba6499a32259a89d 05c65c6122bd0e32a1d03e0d45e5f3de5fecd8cd4c59af0c04038de300e487e4 HTTP Headers GET /android-icon-192x192.png HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Cookie: _ga_DWFRX28KB5=GS1.1.1685705653.1.0.1685705653.0.0.0; _ga=GA1.1.558492202.1685705654 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: image/png content-length: 21985 last-modified: Thu, 27 Dec 2018 12:44:20 GMT etag: "5c24c924-55e1" expires: Sun, 02 Jul 2023 10:58:04 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofoLsu%2F8cQCmKPs1pCFqTA0ZNBM2Y823zgy7mNLx9feRlmXci%2FOiNhfDwZovthgG7WaMAckmHkH4LWN7%2BXOxvzfHwTFXXkfNgGGkKN7x13nh7oOL0MES6WAI8m4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62d469140b02-OSL alt-svc: h3=":443"; ma=86400

	ae.mmstat.com/eg.js?t=1685705657854	47.246.110.45	200 OK	91 B
URL GET HTTP/2 ae.mmstat.com/eg.js?t=1685705657854 IP 47.246.110.45:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.mmstat.com Fingerprint83:82:5E:98:AF:9B:FD:4C:C4:44:4F:11:F3:FD:7B:23:75:3C:57:7D ValidityMon, 18 Jul 2022 09:01:03 GMT - Sat, 19 Aug 2023 09:01:02 GMT File type ASCII text, with no line terminators Size 91 B (91 bytes) Hash a9e25f1df3242e6bfe26c0be18bbbdbe 0094fb0433752d081bc2e6b26c913d376b46188a fef32b17acf702886268137fa2e32fa90c61efba6a814055b72d9c051abdb9a6 HTTP Headers `GET /eg.js?t=1685705657854 HTTP/1.1 Host: ae.mmstat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://login.aliexpress.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Fri, 02 Jun 2023 11:34:19 GMT content-type: application/javascript content-length: 91 etag: "u8EAHeg59woCAVtaKppkpDK9" stag: 2 set-cookie: cna=u8EAHeg59woCAVtaKppkpDK9; expires=Mon, 30-May-33 11:34:19 GMT; path=/; domain=.mmstat.com; expires: Thu, 01 Jan 1970 00:00:01 GMT cache-control: no-cache X-Firefox-Spdy: h2`

	betwinner1.com/pwapp/registration/?btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS	94.241.134.4	302 Found	0 B
URL GET HTTP/2 betwinner1.com/pwapp/registration/?btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS IP 94.241.134.4:443 ASN #201936 Redstart Group Holding Ltd Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectbetwinner1.com FingerprintE4:21:6A:BE:E7:0C:DE:28:84:EF:66:9A:4A:EC:1F:B0:52:01:B1:22 ValidityMon, 24 Apr 2023 07:52:38 GMT - Sun, 23 Jul 2023 07:52:37 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /pwapp/registration/?btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS HTTP/1.1 Host: betwinner1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found server: nginx date: Fri, 02 Jun 2023 11:34:16 GMT x-dns-prefetch-control: off expect-ct: max-age=0 x-frame-options: SAMEORIGIN x-download-options: noopen x-content-type-options: nosniff x-permitted-cross-domain-policies: none referrer-policy: no-referrer x-xss-protection: 0 vary: User-Agent set-cookie: lang=en; Path=/; Expires=Sat, 01 Jun 2024 11:34:16 GMT; SameSite=Lax btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS; Max-Age=2592000; Path=/ location: /pwapp/?register=1&btag=d_57802m_454194c_bw_AHahRpiEadi9x3Cg4WqVSS&$reg_link=undefined strict-transport-security: max-age=63072000; includeSubDomains; preload X-Firefox-Spdy: h2

	accounts.binance.com/ru/register?ref=KZTDOPQP	54.230.111.67	200 OK	0 B
URL GET HTTP/2 accounts.binance.com/ru/register?ref=KZTDOPQP IP 54.230.111.67:443 ASN #16509 AMAZON-02 Requested by https://hlmiq.com/vu/a/? Certificate IssuerDigiCert Inc Subject.binance.com Fingerprint87:DB:96:18:E5:97:9F:DF:5C:02:21:42:BF:53:F3:D6:28:80:19:DA ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 16 Feb 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ru/register?ref=KZTDOPQP HTTP/1.1 Host: accounts.binance.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html date: Fri, 02 Jun 2023 11:33:44 GMT server: Tengine cache-control: no-store, max-age=0, must-revalidate last-modified: Thu, 01 Jun 2023 13:06:28 GMT x-cluster-info: fe-com-r1 x-envoy-upstream-service-time: 2 x-gateway: traefik x-trace-id: eb299574a6104542b266b6d277857770 x-traefik-duration: 4.00 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubdomains content-encoding: gzip etag: W/"647897d4-43fa" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: UkX-Zmk0wlYeGO5WLa68HnzXBEQJXGAePY0ZogjjutqAprpQWCmG-Q== age: 32 X-Firefox-Spdy: h2

	i.cdnkimg.com/auto/192/q85/image/vk/88/88/625d6a307cfaft1650289200r2729.jpg.webp	45.133.44.37	200 OK	2.2 kB
URL GET HTTP/2 i.cdnkimg.com/auto/192/q85/image/vk/88/88/625d6a307cfaft1650289200r2729.jpg.webp IP 45.133.44.37:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjecti.cdnkimg.com Fingerprint11:A1:5D:69:E8:26:71:29:09:57:82:59:82:D4:39:0B:D4:78:ED:B7 ValidityMon, 29 May 2023 00:04:38 GMT - Sun, 27 Aug 2023 00:04:37 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 2.2 kB (2240 bytes) Hash 346a2da2e6e7c00e54b7372a2e224298 0cba18a8ccb644b14a868fb4a0cdb2f3f1f7b03d e182117821423dde290c9dd9377fef6c226a5b23cf9954939c24cfd25b0b4f96 HTTP Headers `GET /auto/192/q85/image/vk/88/88/625d6a307cfaft1650289200r2729.jpg.webp HTTP/1.1 Host: i.cdnkimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:17 GMT content-type: image/webp content-length: 2240 server: nginx/1.23.2 cache-control: max-age=1209600 x-cache-status: HIT expires: Fri, 16 Jun 2023 11:34:17 GMT x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	na.nawpush.com/tags/27219?version_name=c	45.133.44.24	200 OK	6.6 kB
URL GET HTTP/2 na.nawpush.com/tags/27219?version_name=c IP 45.133.44.24:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectna.nawpush.com Fingerprint06:8A:2E:29:09:91:41:F0:6E:1C:15:DE:41:23:FB:9C:E4:5B:47:B0 ValidityMon, 03 Apr 2023 01:01:43 GMT - Sun, 02 Jul 2023 01:01:42 GMT File type troff or preprocessor input, ASCII text, with very long lines (7475), with no line terminators Size 6.6 kB (6617 bytes) Hash c9328ed28854e6b9e034db313b6a5b90 022df3a98a19c058559488dc9af74a86f5c4f632 7c83bac698f721b8f9145e7c4122a5c0d1da3b29f77ae1fd8b0a72d74022d661 HTTP Headers `GET /tags/27219?version_name=c HTTP/1.1 Host: na.nawpush.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://javmec.me DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/json server: nginx/1.18.0 cache-control: max-age=300, public x-proxy-cache: EXPIRED access-control-allow-origin: * X-Firefox-Spdy: h2`

	js.wpshsdk.com/npc/sdk/wp-banners.js	45.133.44.52	200 OK	0 B
URL GET HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js IP 45.133.44.52:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.wpshsdk.com FingerprintC6:79:B3:47:76:9F:50:8D:16:89:5C:EF:0E:BB:24:99:45:66:B6:C2 ValidityFri, 26 May 2023 02:01:30 GMT - Thu, 24 Aug 2023 02:01:29 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /npc/sdk/wp-banners.js HTTP/1.1 Host: js.wpshsdk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/javascript; charset=utf-8 content-length: 0 server: nginx/1.18.0 last-modified: Fri, 20 Aug 2021 15:14:31 GMT etag: "611fc6d7-0" expires: Fri, 02 Jun 2023 11:39:14 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * accept-ranges: bytes X-Firefox-Spdy: h2`

	js.natsdk.com/npc/sdk/native.m.js	45.133.44.52	200 OK	43 kB
URL GET HTTP/2 js.natsdk.com/npc/sdk/native.m.js IP 45.133.44.52:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectjs.natsdk.com FingerprintC7:2B:6B:5B:E1:2F:DE:26:23:34:F1:97:BE:F1:93:B7:75:EF:B9:45 ValidityFri, 26 May 2023 02:03:23 GMT - Thu, 24 Aug 2023 02:03:22 GMT File type ASCII text, with very long lines (42758), with no line terminators Size 43 kB (42758 bytes) Hash 1cfa2835e248b1d07d937744cc5bb534 97d9f3dc7885dc49afee52a2a27c61e7bd271a22 7a1cba3c835d01a3fa5b216181efb871f9984a7b50b1828fe6357fefa8c2b5e9 HTTP Headers `GET /npc/sdk/native.m.js HTTP/1.1 Host: js.natsdk.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:14 GMT content-type: application/javascript; charset=utf-8 server: nginx/1.18.0 last-modified: Wed, 31 May 2023 11:05:25 GMT etag: W/"647729f5-a706" content-encoding: gzip expires: Fri, 02 Jun 2023 11:39:14 GMT cache-control: max-age=300 x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	kinsta.com/?kaid=ARRPTWYMWIMC	104.18.42.131	403 Forbidden	0 B
URL GET HTTP/2 kinsta.com/?kaid=ARRPTWYMWIMC IP 104.18.42.131:443 ASN #13335 CLOUDFLARENET Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoogle Trust Services LLC Subjectkinsta.com FingerprintE9:66:84:C0:7D:5C:C0:60:A6:09:10:E7:61:32:F5:1C:B9:05:42:91 ValidityThu, 18 May 2023 12:28:54 GMT - Wed, 16 Aug 2023 13:26:46 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?kaid=ARRPTWYMWIMC HTTP/1.1 Host: kinsta.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 403 Forbidden date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html; charset=UTF-8 cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin x-frame-options: SAMEORIGIN cf-mitigated: challenge cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62da5fc2b50f-OSL content-encoding: gzip X-Firefox-Spdy: h2

	stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727	0.0.0.0		0 B
URL GET stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727 IP 0.0.0.0:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectstripchat.com FingerprintC0:02:7B:8A:1C:D4:CF:03:00:4A:76:E5:EE:AD:2C:13:CC:2D:4E:6A ValidityTue, 31 Jan 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727 HTTP/1.1 Host: stripchat.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html; charset=utf-8 x-cache-status: EXPIRED x-backend: golf-ssr-application-7b64477dcb-g4cms x-geoip: NO content-security-policy-report-only: default-src 'self' .stripchat.com data: blob: .amplitude.com .google-analytics.com .googletagmanager.com .googleapis.com .gstatic.com .lovense.club: .lovense.com .lovense-api.com .stripcdn.com .stripst.com .stripst.dev .strpst.com .strwst.com .doppiocdn.com .doppiocdn.net .doppiocdn.org .trafficjunky.net main.exoclick.com tsyndicate.com .hotjar.com .hotjar.io;img-src 'self' data: blob: android-webview-video-poster:;script-src 'self' .stripchat.com data: 'unsafe-inline' 'unsafe-eval' blob: .amplitude.com .google-analytics.com .googletagmanager.com .googleapis.com .gstatic.com .hpyrdr.dev .hytto.com .lovense.club: .lovense.com .lovense-api.com .stripst.com .stripst.dev .strpst.com .strwst.com .trafficjunky.net .google.com platform.twitter.com main.exoclick.com tsyndicate.com wss://.sc-apps.com www.googleadservices.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.2/fingerprint2.min.js .hotjar.com .crowdin.com cdntechone.com .nktrdr.com .ktkjmp.com .xhamster.com .llyjmp.com .lxzrdr.com .mgdjmp.com .rdfxgo.com .smljmp.com .stripcash.com .xxxjmp.com .xxxivjmp.com .xxxvjmp.com .xxxviijmp.com .xxxviiijmp.com .xlrdr.com .xlirdr.com .xliirdr.com .xlivrdr.com .xlvrdr.com .xlviirdr.com .xlviiirdr.com .zybrdr.com .bbrdbr.com .dmsktmld.com .fxmnba.com;connect-src 'self' .stripchat.com .amplitude.com .doubleclick.net .flixstorage.com .google-analytics.com .googletagmanager.com .googleapis.com .hytto.com .lovense.club: .lovense.com .lovense-api.com .stripcdn.com .xhamsterlive.com .xlivesex.com .stripst.com .stripst.dev .strpst.com .strwst.com .doppiocdn.com .doppiocdn.net .doppiocdn.org syndication.twitter.com wss://.stripchat.com wss://.stripcdn.com wss://.stripcdn.com:8090 wss://.stripst.com wss://.stripst.dev wss://.strpst.com wss://.strwst.com wss://.doppiocdn.com wss://.doppiocdn.org wss://.lovense.com wss://.lovense-api.com wss://.sc-apps.com .crowdin.com crowdin.com datatechone.com stquality.org accounts.google.com .nktrdr.com .ktkjmp.com .xhamster.com .llyjmp.com .lxzrdr.com .mgdjmp.com .rdfxgo.com .smljmp.com .stripcash.com .xxxjmp.com .xxxivjmp.com .xxxvjmp.com .xxxviijmp.com .xxxviiijmp.com .xlrdr.com .xlirdr.com .xliirdr.com .xlivrdr.com .xlvrdr.com .xlviirdr.com .xlviiirdr.com .zybrdr.com .bbrdbr.com .dmsktmld.com .fxmnba.com;media-src 'self' .stripchat.com data: blob: .ahcdn.com .lovense.club: .lovense.com .lovense-api.com .stripcdn.com .stripst.com .stripst.dev .strpst.com .strwst.com .doppiocdn.com .doppiocdn.net .doppiocdn.org;style-src 'self' .stripchat.com 'unsafe-inline' .googleapis.com .hytto.com .lovense.club:* .lovense.com .lovense-api.com .stripcdn.com .stripst.com .stripst.dev .strpst.com .strwst.com .tagmanager.google.com .crowdin.com accounts.google.com;frame-src data:;report-uri /_csp strict-transport-security: max-age=15768000 x-frame-options: deny cf-cache-status: DYNAMIC set-cookie: ABTest_ab_15_vs_30_days_old_users_promo_v2_key=B_467; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT ABTest_ab_discovery_navigation_bar_on_mobile_v3_key=B_467; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT ABTest_ab_elapsed_show_time_key=B_467; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT ABTest_ab_goal_progressbar_key=A_467; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT ABTest_ab_my_favorites_section_sort_key=B_467; path=/; domain=stripchat.com; expires=Thu, 07 Sep 2023 00:00:00 GMT ABTest_ab_no_biller_shown_key=B_467; path=/; domain=stripchat.com; expires=Wed, 15 Jan 2025 00:00:00 GMT ABTest_ab_onboarding_dialog_key=A_467; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT ABTest_ab_private_modal_activities_key=A_467; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT ABTest_ab_quick_buy_buttons_key=B_467; path=/; domain=stripchat.com; expires=Tue, 15 Jul 2025 00:00:00 GMT __cf_bm=QyE.2UICrv.LnuCXhwPsrUDL88PQroGCOMDt9dOjJ9s-1685705655-0-ATDd8qhiBNapI5D4XsSIN9MOimKxGUb0SfRTji41uvXNj10kT9HeyqASdSYj0cNp+EN+WPY7wpIg23MQkSZzy7k=; path=/; expires=Fri, 02-Jun-23 12:04:15 GMT; domain=.stripchat.com; HttpOnly; Secure; SameSite=None __cflb=02DiuFntVtrkFMde1diEnoSRbsV8z684NPo2bLZdMkweL; SameSite=None; Secure; path=/; expires=Sat, 03-Jun-23 10:34:15 GMT; HttpOnly server: cloudflare cf-ray: 7d0f62daca85b500-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	no.bongacams.com/?bcs=aWNhbDc5MGI3OTEzOWExZmNkMDJhOGJmMzhmMjg2MzI2MjMxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow	195.85.23.95	200 OK	0 B
URL GET HTTP/2 no.bongacams.com/?bcs=aWNhbDc5MGI3OTEzOWExZmNkMDJhOGJmMzhmMjg2MzI2MjMxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow IP 195.85.23.95:443 ASN #209242 Cloudflare London, LLC Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoGetSSL Subject.bongacams.com FingerprintD8:5F:95:AA:A0:73:63:73:18:46:DC:8F:4A:5F:D1:BA:94:17:B0:68 ValidityMon, 03 Apr 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?bcs=aWNhbDc5MGI3OTEzOWExZmNkMDJhOGJmMzhmMjg2MzI2MjMxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP/1.1 Host: no.bongacams.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Cookie: __cf_bm=OuGrrI.593_aD9g.FL3KV.dklr34tslEjPWxbJGL68g-1685705656-0-AXn8KEQoUHqYGfQaO7PJ/0W55UzssLL9kFtX8PgM1hKvKIX+8B/BHIXCJkzFAn0/wjyjYgUczwBFYDeD1wxwRKU=; bonga20120608=c2994e22f4195e33bb8812b6d9cefbff Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:17 GMT content-type: text/html; charset=utf-8 x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains referrer-policy: origin-when-cross-origin x-ua-compatible: IE=edge,chrome=1 cache-control: no-cache, no-store, must-revalidate x-zone: 5a-web54 set-cookie: ts_type2=1; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com fv=AmH2AGN3AGt2ZD==; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com uh=nKWJraMTAyAApRL3HHR0rGyjBSAMIj==; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com ratr=183346%3A%3A287325%3A%3A2023-06-02%2014%3A34%3A17%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A; expires=Sat, 20-May-2073 11:34:17 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com; HttpOnly BONGAH_HIT=790b79139a1fcd02a8bf38f286326231%3A%3A183346%3A%3Ahttps%3A%2F%2Fhlmiq.com%2F%3A%3A%3A%3A%3A%3A287325%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2023-06-02%2014%3A34%3A17; expires=Wed, 29-Nov-2023 11:34:17 GMT; Max-Age=15552000; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None BONGA_REF=https%3A%2F%2Fhlmiq.com%2F; expires=Wed, 29-Nov-2023 11:34:17 GMT; Max-Age=15552000; path=/; domain=.bongacams.com; HttpOnly reg_ver2=3; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com sg=843; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com; secure; SameSite=None warning18=%5B%22no_NO%22%5D; expires=Sat, 01-Jun-2024 11:34:17 GMT; Max-Age=31536000; path=/; domain=.bongacams.com; secure; SameSite=None __ti=H4sIAAAAAAACAyWIPQ6AIAxGr2K6k7Slwfj1NCQyMGtwINxdxOn9jOG0CyzCZFMOiUNUVsIhuJxOwuJTaiPYp_e_FNWpLe-IyJ54rj47v_D56-tUAAAA; expires=Fri, 09-Jun-2023 11:34:17 GMT; Max-Age=604800; path=/; domain=.bongacams.com cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62e8dcd1069b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	javmec.me/assets/js/main.js	188.114.96.1	200 OK	3.9 kB
URL GET HTTP/3 javmec.me/assets/js/main.js IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type HTML document, ASCII text, with very long lines (4132), with no line terminators Size 3.9 kB (3915 bytes) Hash 08666f2891a468ef21c42a454d66608f aa5ab699786dad064c5aca23fe609ec29027fb4b f56811a31941bc9be9845be04c810ed9b8bc4ef610672812701e7ea49d7353f9 HTTP Headers `GET /assets/js/main.js HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:12 GMT content-type: application/javascript vary: Accept-Encoding, Accept-Encoding last-modified: Sun, 07 Jul 2019 10:57:23 GMT etag: W/"5d21d013-f4b" expires: Sun, 02 Jul 2023 02:54:27 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: HIT age: 29015 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzkrsAyXqUXpF0B6mA4QPUFEkNQBuwMgAct9CG9VT155CyDddBUnSyx%2FlLFNIGp95QUFqG16kU0uE%2BcWOd3di%2F%2BOqgyyXJacLvwCnHef%2BGMXnp%2Bsu7TQfLiGmPY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62c90f0d0b02-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	iplogger.com/2QMvr5	148.251.234.93	302 Found	0 B
URL GET HTTP/2 iplogger.com/2QMvr5 IP 148.251.234.93:443 ASN #24940 Hetzner Online GmbH Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subject02ip.ru FingerprintBB:20:48:54:1D:9E:F1:23:7C:28:FE:B9:B9:0B:06:07:F1:27:B2:74 ValidityThu, 01 Jun 2023 21:19:42 GMT - Wed, 30 Aug 2023 21:19:41 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /2QMvr5 HTTP/1.1 Host: iplogger.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found server: nginx date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html; charset=UTF-8 location: https://bongacams.com/track?c=287325 set-cookie: clhf03028ja=91.90.42.154; expires=Sun, 02-Jun-2024 11:34:15 GMT; Max-Age=31622400; path=/; secure; HttpOnly; SameSite=Strict 447875711532635802=2; expires=Sun, 02-Jun-2024 11:34:15 GMT; Max-Age=31622400; path=/; secure; HttpOnly; SameSite=Strict expires: Fri, 02 Jun 2023 11:34:15 +0000 cache-control: no-store, no-cache, must-revalidate strict-transport-security: max-age=604800 content-security-policy: img-src https: data:; upgrade-insecure-requests x-frame-options: SAMEORIGIN X-Firefox-Spdy: h2

	cex.io/r/0/up111785894/0/	0.0.0.0		0 B
URL GET cex.io/r/0/up111785894/0/ IP 0.0.0.0:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerSectigo Limited Subjectcex.io Fingerprint65:B3:50:7E:A8:CD:D7:1C:F7:27:ED:D5:DF:0C:33:48:81:E5:B1:3A ValidityMon, 05 Sep 2022 00:00:00 GMT - Tue, 05 Sep 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /r/0/up111785894/0/ HTTP/1.1 Host: cex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Fri, 02 Jun 2023 11:34:15 GMT location: https://cex.io x-app-version: master.0ca0ce18.9e1ef03e6aeb61e5c055c76e61521020afbcd7865632e7a4294c8fbc0b527b78 content-security-policy-report-only: default-src 'self';connect-src 'self' https://maps.googleapis.com https://cex.io wss://cex.io/ws/;frame-src 'self' * ext.cex.io;font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://static.cex.io;img-src 'self' data: https://static.cex.io;media-src 'self' https://static.cex.io;style-src 'self' 'unsafe-inline' https://.googleapis.com https://code.jquery.com https://static.cex.io;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cex.io;report-uri https://cex.io/cspr; x-frame-options: DENY vary: Accept-Encoding access-control-allow-origin: access-control-allow-methods: POST, GET, OPTIONS set-cookie: cex-session=s%3Adg66WT2dQOG3H3rOGfImF5MF.xwMACHbw2eAk0NjnZAHNIGzgEMEAfi3Ib7WOdgMrgdQ; Path=/; HttpOnly; Secure; SameSite=None ref=up111785894%3A0; Max-Age=2592000; Domain=.cex.io; Path=/ strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62dbc9770b55-OSL X-Firefox-Spdy: h2

	adsexample.com/to2/monday3.com/	0.0.0.0		0 B
URL GET adsexample.com/to2/monday3.com/ IP 0.0.0.0:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerLet's Encrypt Subjectadsexample.com Fingerprint43:14:AB:48:30:2A:28:CC:9B:95:A8:D5:59:AD:8A:6C:38:2E:82:D7 ValidityThu, 06 Apr 2023 03:43:28 GMT - Wed, 05 Jul 2023 03:43:27 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /to2/monday3.com/ HTTP/1.1 Host: adsexample.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 307 Temporary Redirect Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jun 2023 11:34:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Referrer-Policy: no-referrer Location: https://monday.com/lp/management/general/?gspk=YWxsYWtob3ppdHNrYXlhOTEzMw&gsxid=Q0GlR4ODkQv7&sid=14330&sid1=6479bceff1e7630001058d13&sub_id=6479bceff1e7630001058d13&utm_adgroup=allakhozitskaya9133&utm_campaign=ww-multi-prm-workos-multi-generic-desktop-network-core&utm_medium=affiliates&utm_source=partnerstack

	freebitco.in/?r=3669689	0.0.0.0		0 B
URL GET freebitco.in/?r=3669689 IP 0.0.0.0:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectfreebitco.in FingerprintB0:69:AA:58:57:1F:EA:E5:6B:4F:8A:C0:02:A7:E7:66:8F:C1:38:B7 ValidityTue, 05 Jul 2022 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?r=3669689 HTTP/1.1 Host: freebitco.in User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=iso-8859-1 location: https://freebitco.in/signup/?op=s&r=3669689 cache-control: max-age=0 expires: Fri, 02 Jun 2023 11:34:15 GMT cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d0f62dd5dcb0b51-OSL X-Firefox-Spdy: h2`

	accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube	142.250.74.109	302 Found	0 B
URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://javmec.me/ Certificate IssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint6C:C9:34:01:32:00:11:F3:7A:E2:AA:FC:7C:E3:13:17:3D:17:71:8A ValidityMon, 08 May 2023 08:25:19 GMT - Mon, 31 Jul 2023 08:25:18 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found set-cookie: __Host-GAPS=1:TGBJ62V9LEakqOsDzxf_DWT4SdaJjQ:mi5MKott6C39SuJ3; Expires=Sun, 01-Jun-2025 11:34:16 GMT; Path=/; Secure; HttpOnly; Priority=HIGH cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Fri, 02 Jun 2023 11:34:16 GMT location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&ffgf=1&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneHHHt6iH_ECV6xlvhcas6c02Fdeq6HGvvwg1hSjqrqoEwPj2n0UnuiskvIaQ_0Cy7BtN6arsA strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-51mMwMm9m_-CeiPt_Fdu2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport cross-origin-resource-policy: cross-origin permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factor=, ch-ua-platform=, ch-ua-platform-version=* accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy: unsafe-none content-type: application/binary report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} x-content-type-options: nosniff x-xss-protection: 1; mode=block server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	bngtrak.com/hit.php?c=287325	31.192.112.221	302 Found	0 B
URL GET HTTP/2 bngtrak.com/hit.php?c=287325 IP 31.192.112.221:443 ASN #48684 Viking Host B.V. Requested by https://hlmiq.com/vu/a/? Certificate IssuerGoGetSSL Subjectbngtrak.com Fingerprint71:C1:59:50:B8:85:95:3D:29:4B:34:D1:12:86:AA:3B:85:E9:FC:51 ValidityFri, 14 Apr 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /hit.php?c=287325 HTTP/1.1 Host: bngtrak.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hlmiq.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found server: nginx date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * set-cookie: BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngdin.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngtrk.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngtrak.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com BCH_H=790b79139a1fcd02a8bf38f286326231%7C2023-06-02; expires=Sat, 20-May-2073 11:34:16 GMT; Max-Age=1576800000; path=/; domain=.bngprm.com location: https://bongacams.com?bcs=aWNhbDc5MGI3OTEzOWExZmNkMDJhOGJmMzhmMjg2MzI2MjMxOjoxODMzNDY6Omh0dHBzOi8vaGxtaXEuY29tLzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow expires: Fri, 02 Jun 2023 11:34:15 GMT x-bcs: ded7724 strict-transport-security: max-age=0; cache-control: no-cache, public x-bc-bl: 102 X-Firefox-Spdy: h2

	i.cdnkimg.com/auto/492x328/q85/image/vk/88/88/rect_625d6a307cfaft1650289200r2729.jpg.webp	45.133.44.37	200 OK	23 kB
URL GET HTTP/2 i.cdnkimg.com/auto/492x328/q85/image/vk/88/88/rect_625d6a307cfaft1650289200r2729.jpg.webp IP 45.133.44.37:443 ASN #39572 DataWeb Global Group B.V. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjecti.cdnkimg.com Fingerprint11:A1:5D:69:E8:26:71:29:09:57:82:59:82:D4:39:0B:D4:78:ED:B7 ValidityMon, 29 May 2023 00:04:38 GMT - Sun, 27 Aug 2023 00:04:37 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 23 kB (22808 bytes) Hash 43d88b0b0274df71dde1f210fd7adc10 18e72d0881181fe99ec50e3c3b26cc159b22f56e 3ffddd9d995beb7c5e7ff649dc6b738eee2c974688e81cd43ffce3a7025fc30a HTTP Headers `GET /auto/492x328/q85/image/vk/88/88/rect_625d6a307cfaft1650289200r2729.jpg.webp HTTP/1.1 Host: i.cdnkimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:16 GMT content-type: image/webp content-length: 22808 server: nginx/1.23.2 cache-control: max-age=1209600 x-cache-status: MISS expires: Fri, 16 Jun 2023 11:34:16 GMT x-proxy-cache: HIT access-control-allow-origin: * X-Firefox-Spdy: h2`

	javmec.me/assets/fonts/strawberryicon.ttf?ayv2mh	188.114.96.1	200 OK	62 kB
URL GET HTTP/3 javmec.me/assets/fonts/strawberryicon.ttf?ayv2mh IP 188.114.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://javmec.me/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint8B:5C:24:34:56:74:92:34:20:00:11:BA:F6:5E:F8:B2:C1:FE:DB:C8 ValidityWed, 26 Oct 2022 00:00:00 GMT - Thu, 26 Oct 2023 23:59:59 GMT File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, strawberryicon\012- data Size 62 kB (61688 bytes) Hash 037fcd749b3b1ef1fb7f6303d9b922d7 de399e50e910b3a8ac092afcee07796a8748637a e34b7ece927cd881305fdd19fa121b15dde87e084c5f82544bbeb225ef82ae27 HTTP Headers `GET /assets/fonts/strawberryicon.ttf?ayv2mh HTTP/1.1 Host: javmec.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://javmec.me/assets/css/main.css?v=1685697450 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 02 Jun 2023 11:34:13 GMT content-type: application/octet-stream content-length: 61688 last-modified: Fri, 30 Nov 2018 23:09:09 GMT etag: "5c01c315-f0f8" expires: Sun, 02 Jul 2023 10:58:02 GMT cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmEgUg%2FVd786iQDO01HDjQ613wHMStFXFLqe4LSURE%2BkdFmTfzBipxpSZjU6AlCAysOR4OAaRVjSAqu%2BjEsS1PGSxJMadxxFMvjV2VVB0HvTYEgPnrEaqxXXB9c%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7d0f62cc39d90b02-OSL alt-svc: h3=":443"; ma=86400

	assets.alicdn.com/g/alilog/??s/8.15.21/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.21/aplus_int.js,s/8.15.21/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20230530155041	104.110.21.4	200 OK	121 kB
URL GET HTTP/2 assets.alicdn.com/g/alilog/??s/8.15.21/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.21/aplus_int.js,s/8.15.21/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20230530155041 IP 104.110.21.4:443 ASN #16625 AKAMAI-AS Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerDigiCert Inc Subjectru.aliexpress.com FingerprintB0:CC:5C:84:CD:0B:FC:82:E1:6A:C4:16:F5:B5:1E:D9:13:45:6C:3F ValidityMon, 19 Dec 2022 00:00:00 GMT - Tue, 19 Dec 2023 23:59:59 GMT File type Size 121 kB (121314 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /g/alilog/??s/8.15.21/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.21/aplus_int.js,s/8.15.21/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20230530155041 HTTP/1.1 Host: assets.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.aliexpress.com/ Origin: https://login.aliexpress.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: Tengine content-type: application/javascript content-length: 46255 x-oss-request-id: 6475AD646BA8D1313608CDE1 x-oss-object-type: Normal x-oss-hash-crc64ecma: 2785021216015343907 x-oss-storage-class: Standard content-md5: 7UCU22izLmNjuwSn2FwdUA== x-oss-server-time: 10 access-control-allow-origin: * x-source-scheme: https content-encoding: gzip ali-swift-global-savetime: 1685433701 x-swift-savetime: Tue, 30 May 2023 08:27:59 GMT x-swift-cachetime: 84822 timing-allow-origin: * eagleid: 2ff62c9616854352792796690e served-from: 23.36.79.134 cache-control: max-age=2320138, s-maxage=86400 date: Fri, 02 Jun 2023 11:34:18 GMT vary: Accept-Encoding network_info: NO_OSLO_50304 X-Firefox-Spdy: h2

	faucetpay.io/?r=612200	0.0.0.0		0 B
URL GET faucetpay.io/?r=612200 IP 0.0.0.0:0 ASN #0 Requested by https://hlmiq.com/vu/a/? Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint47:07:25:AC:2C:74:EF:DB:40:D0:F4:1D:84:8D:06:D2:15:90:65:51 ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?r=612200 HTTP/1.1 Host: faucetpay.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding x-powered-by: Express access-control-allow-origin: * cache-control: public, max-age=0 last-modified: Mon, 22 May 2023 11:00:54 GMT cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBXB%2FZSUsjDyQmSJWVNy8Wplq7mB8V%2BY2cDITb5vw21DM%2FbIqeM0vBxQpUhTk59R9NDfFk193nhBT3KfjOh46IiiCNap5luli%2Fnc8dAMjnZy%2Fbo4PClv3xHElgdw4A%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7d0f62db58adb521-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	kwork.com/?ref=323288	93.171.200.41	302 Found	0 B
URL GET HTTP/2 kwork.com/?ref=323288 IP 93.171.200.41:443 ASN #262254 DDOS-GUARD CORP. Requested by https://hlmiq.com/vu/a/? Certificate IssuerGlobalSign nv-sa Subject.kwork.com Fingerprint4F:AE:EF:39:3C:7E:E5:21:04:0E:C4:41:4A:2E:D7:25:10:25:8B:FC ValidityWed, 24 May 2023 12:27:32 GMT - Mon, 24 Jun 2024 12:27:31 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?ref=323288 HTTP/1.1 Host: kwork.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://hlmiq.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 302 Found server: ddos-guard date: Fri, 02 Jun 2023 11:34:16 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding, User-Agent content-security-policy: frame-ancestors 'self' https://webvisor.com https://awards.ratingruneta.ru set-cookie: __ddg1_=m6erNP2KxfevjQduiJCr; Domain=.kwork.com; HttpOnly; Path=/; Expires=Sat, 01-Jun-2024 11:34:16 GMT _kmid=37b453386dc59b4a323c6b095af82605; expires=Mon, 30-May-2033 11:34:16 GMT; Max-Age=315360000; path=/; secure; HttpOnly _kmfvt=1685705656; expires=Mon, 30-May-2033 11:34:16 GMT; Max-Age=315360000; path=/; secure; HttpOnly ref=323288; expires=Fri, 09-Jun-2023 11:34:16 GMT; Max-Age=604800; path=/; secure; HttpOnly ref_redirect_save=323288; expires=Fri, 02-Jun-2023 12:34:16 GMT; Max-Age=3600; path=/; secure; HttpOnly location: / strict-transport-security: max-age=15552000 x-content-type-options: nosniff X-Firefox-Spdy: h2

	ae01.alicdn.com/kf/H625cd629fe984c719391fc7289edb4a72.png	47.246.44.251	200 OK	2.7 kB
URL GET HTTP/2 ae01.alicdn.com/kf/H625cd629fe984c719391fc7289edb4a72.png IP 47.246.44.251:443 ASN #24429 Zhejiang Taobao Network Co.,Ltd Requested by https://login.aliexpress.com/?af=a&2321&cn=oslo&cv=867834&dp=91.90.42.154&aff_fcid=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&tt=CPS_NORMAL&aff_fsk=_DEQI9az&aff_platform=portals-tool&sk=_DEQI9az&aff_trace_key=05311d09b93c4691b07709220644c006-1685705655077-03509-_DEQI9az&terminal_id=9f39fdb27b484234b0b785968f1f176a Certificate IssuerGlobalSign nv-sa Subject.tbcdn.cn Fingerprint62:88:3B:F1:01:21:46:73:DD:01:B6:4D:D1:6A:68:18:8A:B4:B6:B1 ValidityFri, 22 Jul 2022 07:30:04 GMT - Sun, 06 Aug 2023 03:46:01 GMT File type PNG image data, 332 x 80, 8-bit colormap, non-interlaced\012- data Size 2.7 kB (2677 bytes) Hash 6d9bd66a9cfd43b38460a488aa3791e6 aa59fb2aa9c18c1a189c8a09c368b075be6c6208 762a540cc32fb868a998ff86b01c08de4e608410e07494d91c9f99af654663ad HTTP Headers `GET /kf/H625cd629fe984c719391fc7289edb4a72.png HTTP/1.1 Host: ae01.alicdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://assets.alicdn.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: Tengine content-type: image/png content-length: 2677 date: Mon, 15 Aug 2022 08:53:50 GMT traceid: 4f85b09d16605536306331135e last-modified: Wed, 30 Mar 2022 09:50:43 GMT cache-control: max-age=86400000 access-control-allow-origin: * eagleeye-traceid: 4f85b09d16605536306331135e strict-transport-security: max-age=0 timing-allow-origin: , ali-swift-global-savetime: 1660553630 via: cache29.l2us1[0,0,200-0,H], cache8.l2us1[1,0], cache4.se1[0,0,200-0,H], cache7.se1[6,0] age: 25152028 x-cache: HIT TCP_MEM_HIT dirn:4:268466334 x-swift-savetime: Fri, 26 May 2023 04:35:16 GMT x-swift-cachetime: 61877914 cdn-type: alibaba eagleid: 2ff62c9b16857056580606750e X-Firefox-Spdy: h2

	vast.yomeno.xyz/wrapper?katds_ep=7kwYBJmwZ7gLAPWQiRTZBrtqd0LIe9RTThOGXRVXfWpMX3OnXj65nzs49a8d7Q1R58GPZNmReuln0jY-NeXQC62MkuOC2vZUtm_KhdF9y_bzqiKYGN5a3JQ-sl4UgcHb6Fu3ParPMsfig8fDxjnPEzMOgjcuxvL-BDfZZpToEMofXmaUlv1S6SMh6R0apYRfdYI-LTSoIW4mnvDdCC1AiLmd4KSMNnZGHGPmwj5QHGxBgpyMwF6AQeEhM3jdKEOhVB4U1eHmjCvLJLZ7vTAK3b_P6SQJfqUdE_nRYPDV33sWBkP0zXhstd-CdnKwn74i4L9ldnoFRHB36jV7GXHulzRoUiZq467a2_kt1IgsetswBbLC6dFfbRGHdyENJogpEJMxaj3TiQ6UWq8k3hKJZaM_NNrWOlmh4nSoJHkz69I2f5GFC42vJlmJAG2h2XDxYbAT_DPIV7nkXyhiSEnClSP10CYBncECxqsCnJAPjSHoGvwvW2lxwAWCwNdYFagObX9gDSivzv1Xxe1HXXsM9PG3TdN-aWIVqZs-KidS9Ltz7KhzwZ_8DrIuCW3SE9vCe_ir6Z8FkogfT4XEJdqc6HWZBNinsb0rvW0flM0m6iAkZpj5O0HdmIFnxQHAh3PZPORyxQ-qsawasRzqbAWZi94owR8axn3rVQPpfGC9irejcKzL6i-EuZhAGd-vG8tob8USEiFDRhWXgvh3X8aOADWrVP1yIcTJmMp6lWGQD_w63IVAvOjU2nesW_2AY_i0_bFpcj7KrII7WNrif2C7YVX2FACB9Whlo-SEDmZCqafOAD_qO8VhHJSPDoh8IKjKNXTAidmMHkrovsnW0FVDPDGvUHTUW05jk34tCg1oFzCFpdSPtUIyNUFWEFvhP8YrxbXdeFgv56Q31XdQOBDPH4h7OnKuNL2fCP3bU0L5D3qIwKv_NzGvqyN-cKyxsT6dJ-lGifOHjC3kBm5RFR0aQcjlt7bydIboWecQ0bw_HbpiIgsOr3ch6y4ridzTWkEDemcsWPjoCcQcLt37Go-aysilUz_9oQrk_utmeX47	109.206.175.85	200 OK	3.4 kB
URL GET HTTP/2 vast.yomeno.xyz/wrapper?katds_ep=7kwYBJmwZ7gLAPWQiRTZBrtqd0LIe9RTThOGXRVXfWpMX3OnXj65nzs49a8d7Q1R58GPZNmReuln0jY-NeXQC62MkuOC2vZUtm_KhdF9y_bzqiKYGN5a3JQ-sl4UgcHb6Fu3ParPMsfig8fDxjnPEzMOgjcuxvL-BDfZZpToEMofXmaUlv1S6SMh6R0apYRfdYI-LTSoIW4mnvDdCC1AiLmd4KSMNnZGHGPmwj5QHGxBgpyMwF6AQeEhM3jdKEOhVB4U1eHmjCvLJLZ7vTAK3b_P6SQJfqUdE_nRYPDV33sWBkP0zXhstd-CdnKwn74i4L9ldnoFRHB36jV7GXHulzRoUiZq467a2_kt1IgsetswBbLC6dFfbRGHdyENJogpEJMxaj3TiQ6UWq8k3hKJZaM_NNrWOlmh4nSoJHkz69I2f5GFC42vJlmJAG2h2XDxYbAT_DPIV7nkXyhiSEnClSP10CYBncECxqsCnJAPjSHoGvwvW2lxwAWCwNdYFagObX9gDSivzv1Xxe1HXXsM9PG3TdN-aWIVqZs-KidS9Ltz7KhzwZ_8DrIuCW3SE9vCe_ir6Z8FkogfT4XEJdqc6HWZBNinsb0rvW0flM0m6iAkZpj5O0HdmIFnxQHAh3PZPORyxQ-qsawasRzqbAWZi94owR8axn3rVQPpfGC9irejcKzL6i-EuZhAGd-vG8tob8USEiFDRhWXgvh3X8aOADWrVP1yIcTJmMp6lWGQD_w63IVAvOjU2nesW_2AY_i0_bFpcj7KrII7WNrif2C7YVX2FACB9Whlo-SEDmZCqafOAD_qO8VhHJSPDoh8IKjKNXTAidmMHkrovsnW0FVDPDGvUHTUW05jk34tCg1oFzCFpdSPtUIyNUFWEFvhP8YrxbXdeFgv56Q31XdQOBDPH4h7OnKuNL2fCP3bU0L5D3qIwKv_NzGvqyN-cKyxsT6dJ-lGifOHjC3kBm5RFR0aQcjlt7bydIboWecQ0bw_HbpiIgsOr3ch6y4ridzTWkEDemcsWPjoCcQcLt37Go-aysilUz_9oQrk_utmeX47 IP 109.206.175.85:443 ASN #50245 Serverel Inc. Requested by https://javmec.me/ Certificate IssuerLet's Encrypt Subjectvast.yomeno.xyz Fingerprint13:5C:08:D5:3E:F3:37:AC:41:C6:11:A5:10:49:63:DF:DB:41:C5:5E ValiditySun, 28 May 2023 03:08:58 GMT - Sat, 26 Aug 2023 03:08:57 GMT File type Unicode text, UTF-8 text, with very long lines (3391), with no line terminators Size 3.4 kB (3375 bytes) Hash 3379a646aaa76d5ddfac20bce146e45a 12eea07c0585645292134951995e487798bf9bd6 bc65d981d526243aef6d22595a451d6103aefa64e4d0b292cb56531433568b14 HTTP Headers GET /wrapper?katds_ep=7kwYBJmwZ7gLAPWQiRTZBrtqd0LIe9RTThOGXRVXfWpMX3OnXj65nzs49a8d7Q1R58GPZNmReuln0jY-NeXQC62MkuOC2vZUtm_KhdF9y_bzqiKYGN5a3JQ-sl4UgcHb6Fu3ParPMsfig8fDxjnPEzMOgjcuxvL-BDfZZpToEMofXmaUlv1S6SMh6R0apYRfdYI-LTSoIW4mnvDdCC1AiLmd4KSMNnZGHGPmwj5QHGxBgpyMwF6AQeEhM3jdKEOhVB4U1eHmjCvLJLZ7vTAK3b_P6SQJfqUdE_nRYPDV33sWBkP0zXhstd-CdnKwn74i4L9ldnoFRHB36jV7GXHulzRoUiZq467a2_kt1IgsetswBbLC6dFfbRGHdyENJogpEJMxaj3TiQ6UWq8k3hKJZaM_NNrWOlmh4nSoJHkz69I2f5GFC42vJlmJAG2h2XDxYbAT_DPIV7nkXyhiSEnClSP10CYBncECxqsCnJAPjSHoGvwvW2lxwAWCwNdYFagObX9gDSivzv1Xxe1HXXsM9PG3TdN-aWIVqZs-KidS9Ltz7KhzwZ_8DrIuCW3SE9vCe_ir6Z8FkogfT4XEJdqc6HWZBNinsb0rvW0flM0m6iAkZpj5O0HdmIFnxQHAh3PZPORyxQ-qsawasRzqbAWZi94owR8axn3rVQPpfGC9irejcKzL6i-EuZhAGd-vG8tob8USEiFDRhWXgvh3X8aOADWrVP1yIcTJmMp6lWGQD_w63IVAvOjU2nesW_2AY_i0_bFpcj7KrII7WNrif2C7YVX2FACB9Whlo-SEDmZCqafOAD_qO8VhHJSPDoh8IKjKNXTAidmMHkrovsnW0FVDPDGvUHTUW05jk34tCg1oFzCFpdSPtUIyNUFWEFvhP8YrxbXdeFgv56Q31XdQOBDPH4h7OnKuNL2fCP3bU0L5D3qIwKv_NzGvqyN-cKyxsT6dJ-lGifOHjC3kBm5RFR0aQcjlt7bydIboWecQ0bw_HbpiIgsOr3ch6y4ridzTWkEDemcsWPjoCcQcLt37Go-aysilUz_9oQrk_utmeX47 HTTP/1.1 Host: vast.yomeno.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://javmec.me/ Origin: https://javmec.me DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: nginx/1.20.1 date: Fri, 02 Jun 2023 11:34:15 GMT content-type: text/xml;charset=UTF-8 cache-control: no-cache, no-store, must-revalidate pragma: no-cache vary: Accept-Encoding, * report-to: {"url":"https://vast.yomeno.xyz/report?e_type=heavy-ad\u0026rep=video_events\u0026sid=46938\u0026feed_id=0\u0026stype=slider\u0026iab=IAB25\u0026uid=626171565fbbad99982b15f840fe3539\u0026auction_id=2048043521750164449\u0026score=18.646446\u0026response=json\u0026user_id=12887\u0026rchange=0\u0026p=0.014729","max_age":86401} access-control-allow-credentials: true access-control-allow-origin: https://javmec.me access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, access-control-expose-headers: Content-Length,Content-Range content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (54)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML