adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
46.101.137.113301 Moved Permanently 280 B URL HTTP/1.1 adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 41f81d4d8a451fee96ef18ef55c765e0
9333c8319a388f72212cbaa561d29cc9282600c5
c105ee6f61fcd29c522d969071085fbc5003097d5a3317528a82141d1a8977a6
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /books/detail.php?hash=42bbbb05ac699d83977f76478140266e HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
Location: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 280
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5717
Expires: Sun, 05 Feb 2023 13:01:38 GMT
Date: Sun, 05 Feb 2023 11:26:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9667
Expires: Sun, 05 Feb 2023 14:07:28 GMT
Date: Sun, 05 Feb 2023 11:26:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20374
Expires: Sun, 05 Feb 2023 17:05:55 GMT
Date: Sun, 05 Feb 2023 11:26:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 10:36:17 GMT
content-type: application/json
age: 3004
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +j0Q0AAexMinmTwBtRzmFxdYV8erJ2GV9z/pqKF6K+X/2SaKu/zj+yrBtcGEuAksfMOItDuuDJc=
x-amz-request-id: YK6T4B8V6ENMRGST
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 11:24:27 GMT
age: 114
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:21 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8199f88c2dfd146350c93c5db858ae48
844236d3ba2fcc01e8705bd6ea2b8794eb347dce
a1f4fea61f225be376adbb214d23a7d5c4332ecb2b08e560c370975fafb285a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1F4FEA61F225BE376ADBB214D23A7D5C4332ECB2B08E560C370975FAFB285A6"
Last-Modified: Sun, 05 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Sun, 05 Feb 2023 17:26:00 GMT
Date: Sun, 05 Feb 2023 11:26:21 GMT
Connection: keep-alive
adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
46.101.137.113200 OK 4.1 kB URL HTTP/1.1 adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1b914573b308d5e3d903fa54140c4ce4
95b78819569ebca9a15e0a955745fef926451ae1
185bab3070f5f1e9de9b12d3fc69ede2b1b5ba6cd24fb58bd5c5d0e05f8e0737
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /books/detail.php?hash=42bbbb05ac699d83977f76478140266e HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.45-0+deb7u14
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4068
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 11:07:20 GMT
age: 1141
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
adroa.top/new/css/bootstrap.min.css
46.101.137.113200 OK 20 kB URL HTTP/1.1 adroa.top/new/css/bootstrap.min.css
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65371)
Hash 79584c9bddd1f361c6343962b5aeee7e
94347f845113fb79f4215603f21e6f111b6a42f6
0b7f981dde93ddde95bf899801373b68d301c7e25448db65e1d1b85f4a1daf9d
GET /new/css/bootstrap.min.css HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be284-1d94f-5851b5b1c1ea3"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19738
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/css
adroa.top/new/css/modern-business.css
46.101.137.113200 OK 640 B URL HTTP/1.1 adroa.top/new/css/modern-business.css
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
Hash 18e3bb0f7dbf6a5b5903ca8495a958fe
458065164383242e2fa5624ef87bab6d3a8e08c6
199aa0e6fd50f8f000d0906c7378bcd7ffffa306b67a14b7df9fc93b5be6db17
GET /new/css/modern-business.css HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be283-57a-5851b5b1c0f03"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 640
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css
adroa.top/new/font-awesome/css/font-awesome.min.css
46.101.137.113200 OK 5.0 kB URL HTTP/1.1 adroa.top/new/font-awesome/css/font-awesome.min.css
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (21822)
Hash 5fc680fa1d13940a1a9cba6f89965f74
98a85daaf67d23ff264953e583c68315f76f5549
0f61bee70c4eca1d92acdfd8ad8285206bced50ef37af0ad2c846d1e5cbc3534
GET /new/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be28f-55e0-5851b5b1c2e43"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5042
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css
adroa.top/includes/script.js
46.101.137.113200 OK 3.0 kB URL HTTP/1.1 adroa.top/includes/script.js
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (359)
Hash 7703c131e04123869c3a55f7869c5710
4b6f321f49eea247af74f4ee89de4405f5201316
c9caf9606487f96a6c88f1fd1bb41f9b8895b1f003e87444bf3c86c100d6a603
GET /includes/script.js HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Thu, 04 Apr 2019 13:01:03 GMT
ETag: "2be1eb-2615-585b3f671f511"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3030
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript
adroa.top/new/js/bootstrap.min.js
46.101.137.113200 OK 9.8 kB URL HTTP/1.1 adroa.top/new/js/bootstrap.min.js
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32003)
Hash da6fb4b64d1f22f682dcaa0433b4dec7
56493cb828703ebeb1e9fbefc163793613b65e7f
7d59f0296a0b229f7d0ffc0b4f02930d6a7b56070167c7429004d6b1649c9d64
GET /new/js/bootstrap.min.js HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be2cb-9004-5851b5b1cf963"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9765
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 750d09d73e2aa811609b5299aac8af18
88400855392331d5db92a9d3cbd6bfb7cd908f78
dd6ed4fddff1b4483b1bd432f61df8c082a5b0dfbf673afb179cee0779c8fd0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD6ED4FDDFF1B4483B1BD432F61DF8C082A5B0DFBF673AFB179CEE0779C8FD0F"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12503
Expires: Sun, 05 Feb 2023 14:54:44 GMT
Date: Sun, 05 Feb 2023 11:26:21 GMT
Connection: keep-alive
adroa.top/template/img/no_photo_100.png
46.101.137.113200 OK 460 B URL HTTP/1.1 adroa.top/template/img/no_photo_100.png
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 100 x 76, 4-bit colormap, non-interlaced\012- data
Hash 8d30e02b017c85294fe5a467ce7b9049
4fd18a42245ee5674673a351db7291b191ce5a2d
8201d4ea0365fb8276afbdeaa18227a73deebdc5454eb9d918bdd84f41f122aa
GET /template/img/no_photo_100.png HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be3a4-1cc-5851b5b1e60c3"
Accept-Ranges: bytes
Content-Length: 460
Cache-Control: max-age=2592000, public
Expires: Mon, 05 Feb 2024 11:25:33 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a60383416cc95452fab5f8975dd1138a
e9e0ae73f85ef923e1a779518376cfd95fcea44a
ef9a0f01292a453cf3d99eac87c8020104c3e55b0e225bc0b3c4cf35f2ad8b61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF9A0F01292A453CF3D99EAC87C8020104C3E55B0E225BC0B3C4CF35F2AD8B61"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12023
Expires: Sun, 05 Feb 2023 14:46:44 GMT
Date: Sun, 05 Feb 2023 11:26:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adroa.top/new/js/jquery.js
46.101.137.113200 OK 36 kB URL HTTP/1.1 adroa.top/new/js/jquery.js
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32086)
Hash 584713193b1468cac7ce067743a2506f
d27bbcad83451718e31f0cc1ab9b573e17b527c0
1e59d84e7ae5ea8fa988021fa541fccb82a4b0f096e00ab906091eb4a362c031
GET /new/js/jquery.js HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:33 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be2ca-18d5b-5851b5b1cf963"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35640
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtag/js?id=UA-139166507-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-139166507-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash f9748f36ee79ea939aced3c83f062eab
463c9f3e54015987869915dfcdd25f85d14feb57
55947a4fc4ff08f1bb1bfdc9fddc7f5b42ec5df1c29f84844ce757a4c617d77e
GET /gtag/js?id=UA-139166507-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 11:26:21 GMT
expires: Sun, 05 Feb 2023 11:26:21 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8843
Expires: Sun, 05 Feb 2023 13:53:44 GMT
Date: Sun, 05 Feb 2023 11:26:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0975be8061dfd1775643166c67731c43
0940971f57a94f9ec538306b17e7665cd696e88e
781655f83e0717e13044483e22a5726f60e030fa9cc15dd16acf6662f07f56a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "781655F83E0717E13044483E22A5726F60E030FA9CC15DD16ACF6662F07F56A5"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12639
Expires: Sun, 05 Feb 2023 14:57:00 GMT
Date: Sun, 05 Feb 2023 11:26:21 GMT
Connection: keep-alive
push.services.mozilla.com/
34.211.126.51101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.126.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AK0Yg84vWEYdD76mfq25Ow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iEnR5lNrIVd/541L9uS6ySdKjw8=
www.effectivedisplayformats.com/7b941d13f05616bb591ff5da8e934209/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformats.com/7b941d13f05616bb591ff5da8e934209/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 990fbac6b8d016949385de77ff446621
68b8c9e4324bbf5fb36751a9a0f84a0b15bc2fe5
6bae774b7ada50e3f4427ac41ad0732e65499dbd251ac28094e4983cf3024cfb
Analyzer Verdict Alert quad9 Sinkholed
GET /7b941d13f05616bb591ff5da8e934209/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 11:26:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de04613363f4bbc9d3b13f776b009a38
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivedisplayformats.com/7b941d13f05616bb591ff5da8e934209/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformats.com/7b941d13f05616bb591ff5da8e934209/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash fbf37c28ac43aa7c9edeab354c41002c
c4ae0d52cb4b3888f87d4370f49dfcca91a08894
499e4c6fa89c65218060f07d0f2102782c45874d2c04c022099c8af0e7869f7b
Analyzer Verdict Alert quad9 Sinkholed
GET /7b941d13f05616bb591ff5da8e934209/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 11:26:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 885980db7051fc75e4ca054ccfe24376
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash dccebcfaad6c97d820364ec92d4a511b
a1adef127bad0f85751b5a7b47025c33d40083c4
6be12cee36873a68c71f277876470b5a3807acf44b39a92b575595e9aa95c973
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94464
Date: Sun, 05 Feb 2023 11:26:22 GMT
Etag: "63de5e16-1d7"
Expires: Mon, 06 Feb 2023 13:40:46 GMT
Last-Modified: Sat, 04 Feb 2023 13:31:02 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DUvfhby4BpuuweWQ-02kv18FDwtGAKxzx06yiYAE394wSRtq13FgMA==
Age: 584
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash a442c4ec38a048c0b1c000c142c511dd
94d9323a929d9740ef5238561e2dd4d7b1595e43
666a5339d8f497944a075c6f425a6d135cd9d5edf009def42c46538e9078019a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
set-cookie: uid_id2=a05d660b-be74-403a-b5a9-f59531406d39:3:1; expires=Wed, 02 Feb 2033 11:26:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 184ee681855ea6241cd1d99372af303b
aec9a1c919feaed5dad0ea1efe377820da3a5e21
642b6e9fa068e7102b044d886ba11b7b387416c2debea49f0dbe77b171cdc8b6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
set-cookie: uid_id2=3d35816c-c3e8-4a21-90ee-5d39f3dbb576:1:1; expires=Wed, 02 Feb 2033 11:26:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.effectivedisplayformats.com/7b941d13f05616bb591ff5da8e934209/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformats.com/7b941d13f05616bb591ff5da8e934209/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash fbf37c28ac43aa7c9edeab354c41002c
c4ae0d52cb4b3888f87d4370f49dfcca91a08894
499e4c6fa89c65218060f07d0f2102782c45874d2c04c022099c8af0e7869f7b
Analyzer Verdict Alert quad9 Sinkholed
GET /7b941d13f05616bb591ff5da8e934209/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 11:26:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5c495f802ef994e314570310de169eaa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 184ee681855ea6241cd1d99372af303b
aec9a1c919feaed5dad0ea1efe377820da3a5e21
642b6e9fa068e7102b044d886ba11b7b387416c2debea49f0dbe77b171cdc8b6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: uid_id2=3d35816c-c3e8-4a21-90ee-5d39f3dbb576:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2d89a95c6886cf1ab645d2c8a5b1b894
2129758f360093eecfa2761a8cfadb9420f3a858
336ef21b4f1d77db7e62a414a451b5010f82f720650745adb2d6e8944b6f5152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5233
Cache-Control: max-age=115310
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:22 GMT
Etag: "63de9d5b-117"
Expires: Mon, 06 Feb 2023 19:28:12 GMT
Last-Modified: Sat, 04 Feb 2023 18:00:59 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
inklinkor.com/tag.min.js
172.67.211.29200 OK 25 kB IP 172.67.211.29:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash db8882a739f3c0e99675e60473825528
9e547e7893fe5efa38fcfbd15c3121858378fdf7
7f3bfae52526525bd3731bda1bba14ba23026051038ff1059a96aced806fa5b0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 0f73bd6b90686c75aca2af9cc72a9ffa
cache-control: max-age=86400
last-modified: Fri, 03 Feb 2023 10:48:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 06 Feb 2023 10:41:32 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4cB5rkf89LLhDFdfSGQ6%2FAbFwQSgoMQewqdn3mnQ4PQ4n6lTUP7knsOLhqaspeGosqxLJFVenDIEH%2BCaNjYSzvQ2qAku52XQHnCg9k%2FFbb8KV4hw6ReNXcsWsFYAVeV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794b4a6e9afcfabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 08785cf5095b20557d88b83f13ab2c12
7e3049bb2511fd5c9608d7c3a5395bd77125c8cf
d906987e13f4e3b6b0080b2216ab3b1e7573e12ec0ae78d3070cb6dd787fc781
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D906987E13F4E3B6B0080B2216AB3B1E7573E12EC0AE78D3070CB6DD787FC781"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13980
Expires: Sun, 05 Feb 2023 15:19:22 GMT
Date: Sun, 05 Feb 2023 11:26:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f4acb3207e9e8ebb2beaba21c58d5966
4b8b6d9478317c72465c1bb16dbab1f9d92a217e
ece15c1cc85d2b5a8432292fb35e8c795e9a8615e4d999f85b6628192cf76312
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE15C1CC85D2B5A8432292FB35E8C795E9A8615E4D999F85B6628192CF76312"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Sun, 05 Feb 2023 12:09:15 GMT
Date: Sun, 05 Feb 2023 11:26:22 GMT
Connection: keep-alive
adroa.top/includes/fancybox/jquery.fancybox-1.3.4.css
46.101.137.113200 OK 1.8 kB URL HTTP/1.1 adroa.top/includes/fancybox/jquery.fancybox-1.3.4.css
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 9e2712d6367686fcd968061b693e44ff
c969eba1eb38adf0d99105aee9ac172ec3c44071
9d0473a91c7bb7c6736a67e6da149761b81ab6bb0956267146090c1d5117ce4d
GET /includes/fancybox/jquery.fancybox-1.3.4.css HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:34 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be206-2294-5851b5b1b3443"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1814
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/css
adroa.top/template/css/style.css
46.101.137.113200 OK 1.8 kB URL HTTP/1.1 adroa.top/template/css/style.css
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
Hash 59d9e0e0f5f116190f605728a49de78e
1656411f2914fdc8651868b2d4aada50dd117714
33ba87c20590626a7a7541fbf7bbd7a5c08dae714aea27445617026f6562fd72
GET /template/css/style.css HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:34 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be3a2-1b9a-5851b5b1e60c3"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1756
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/css
frankfurt.apollo.olxcdn.com/v1/files/h2o4svy04p853-RO/image;s=644x461
143.204.55.51200 OK 54 kB URL HTTP/2 frankfurt.apollo.olxcdn.com/v1/files/h2o4svy04p853-RO/image;s=644x461
IP 143.204.55.51:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 616x461, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed415be22271bc3a83b2e6fa6d48b44b
699f828913866baa642922425022283a5c2d0baa
b304f452812d391a73c7a0ba26cfe086093635f63aca3ec7209df4d500c89769
GET /v1/files/h2o4svy04p853-RO/image;s=644x461 HTTP/1.1
Host: frankfurt.apollo.olxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 54406
date: Sun, 05 Feb 2023 11:25:28 GMT
x-trace: 4c84518a-28da-420a-9197-c2492afb2c58
last-modified: Sun, 5 Feb 2023 11:25:28 GMT
cache-control: public,max-age=604800
etag: "h2o4svy04p853-RO"
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 65trwvGe1hs5UTxUlxldhMa2SUxJXo2iHZMnFwnLAOUSquXLH_WvhA==
age: 54
X-Firefox-Spdy: h2
frankfurt.apollo.olxcdn.com/v1/files/f4qkd2bub6vb-RO/image;s=644x461
143.204.55.51200 OK 28 kB URL HTTP/2 frankfurt.apollo.olxcdn.com/v1/files/f4qkd2bub6vb-RO/image;s=644x461
IP 143.204.55.51:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 614x461, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd35d13133eeaab5fa89734ca2fca08b
3e89c185ef46a45ae6f472f1bf388947b486384d
ac3ae9e6d1d2243ced0ccdc36df7b2557e439ae1f7d2dc83ec6895e39392c7b2
GET /v1/files/f4qkd2bub6vb-RO/image;s=644x461 HTTP/1.1
Host: frankfurt.apollo.olxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 27596
date: Sun, 05 Feb 2023 11:25:28 GMT
x-trace: d320ed6a-64a9-4303-b20a-1227a87f1547
last-modified: Sun, 5 Feb 2023 11:25:28 GMT
cache-control: public,max-age=604800
etag: "f4qkd2bub6vb-RO"
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YM7BR9udCotESUx3JpddC13SvrVZPY7n7ZBcEiYzRygUkJZkq-awiw==
age: 54
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de7c2061509949d95bb7713764346163
f93415b9d4dfcc5f4e02a18ac940c049f3133dcd
75f11cb347224a684fa840f2a198ccbdad17a9a3f61b515db92d165b7e992e88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75F11CB347224A684FA840F2A198CCBDAD17A9A3F61B515DB92D165B7E992E88"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10213
Expires: Sun, 05 Feb 2023 14:16:35 GMT
Date: Sun, 05 Feb 2023 11:26:22 GMT
Connection: keep-alive
frankfurt.apollo.olxcdn.com/v1/files/ghw3q5oa8em-RO/image;s=644x461
143.204.55.51200 OK 45 kB URL HTTP/2 frankfurt.apollo.olxcdn.com/v1/files/ghw3q5oa8em-RO/image;s=644x461
IP 143.204.55.51:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 644x362, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fff9ad2592cc9436d706ea83ccf5781f
4c897b7f8b29b2792e33011c10b7faed2a9aef60
4ce794aabf862414c680ec33e8b9afe37c6d48cd7fafb79c74bad57fdf7d79ea
GET /v1/files/ghw3q5oa8em-RO/image;s=644x461 HTTP/1.1
Host: frankfurt.apollo.olxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 45040
date: Sun, 05 Feb 2023 11:25:28 GMT
x-trace: 4da09d82-40b2-40da-b67c-dff4799abdf1
last-modified: Sun, 5 Feb 2023 11:25:28 GMT
cache-control: public,max-age=604800
etag: "ghw3q5oa8em-RO"
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zz_ka2I6gGaBUpj3femSmKbRPgzud_-MmNlsV3BQYprrubllTNoJyQ==
age: 54
X-Firefox-Spdy: h2
adroa.top/template/img/mouse_icon.png
46.101.137.113200 OK 462 B URL HTTP/1.1 adroa.top/template/img/mouse_icon.png
IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 26 x 20, 8-bit colormap, non-interlaced\012- data
Hash d188f72003e6461752eb24b1585c2de5
661cded13bb4ce17ca4a79dacda69b433ff01ab8
f8d30a3ffab625092359995ea9a3a015b1403588ea0d9d4485755f83f352d3b4
GET /template/img/mouse_icon.png HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/template/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:35 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 27 Mar 2019 22:57:02 GMT
ETag: "2be3af-1ce-5851b5b1e8fa3"
Accept-Ranges: bytes
Content-Length: 462
Cache-Control: max-age=2592000, public
Expires: Mon, 05 Feb 2024 11:25:35 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bb0e1ff82ab6199f715e00974b7f6957
74edba6943c202d060b471c30a3c626542bfac84
d982aa0ae1b32ffba27f789ad265b594dfef0bc4c55a0d0489d38b0827e6a7e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D982AA0AE1B32FFBA27F789AD265B594DFEF0BC4C55A0D0489D38B0827E6A7E2"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17041
Expires: Sun, 05 Feb 2023 16:10:23 GMT
Date: Sun, 05 Feb 2023 11:26:22 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 20a43ead493ab165fa4c844d41f2f39e
b79472fa648e5600da860904a946028009fc53d5
a03e728ed669985f19907715eb3270c6a7f90060b7760e60a9dc11aff04d9c28
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=539bad8590124a028415ff964c8967eb; expires=Mon, 05 Feb 2024 11:26:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0042362c056c66d88e82782ad9b26669
84ff2f895a759e9be60cad8ff69c9d59b2e739d9
13f2260996b04204fe0457ca7fd88d701bac7d8194574014b2263ef45e1b41ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 03:49:37 GMT
Expires: Sun, 12 Feb 2023 03:49:36 GMT
Etag: "84ff2f895a759e9be60cad8ff69c9d59b2e739d9"
Cache-Control: max-age=576792,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794b4a71c8c7b506-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1527
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 05 Feb 2023 11:26:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://adroa.top
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
adroa.top/favicon.ico
46.101.137.113302 Found 230 B IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 22ef84ed56c929cc4108d6b3d627f44e
df534d8fffbc49c8c9f336b266cdbcb852de2a23
003b663281d5e5305d31b439fc194585b4ed5c6e15d714b9cbbc7d121940bac1
GET /favicon.ico HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Sun, 05 Feb 2023 11:25:35 GMT
Server: Apache/2.2.22 (Debian)
Location: https://adroa.top/
Cache-Control: max-age=604800
Expires: Sun, 12 Feb 2023 11:25:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 230
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 09:45:20 GMT
expires: Sun, 05 Feb 2023 11:45:20 GMT
cache-control: public, max-age=7200
age: 6063
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash f46a3b8b0659070e1f8e2f7b5a8596b2
3b6e36e51615ea62d880ae903eca0482269bce8e
67ac7c3a9e3f4f66a8abc59aac41d3bc81c6102d2d7e19ba1661e5acfab2322a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 09 Feb 2023 09:35:07 GMT
ETag: "3b6e36e51615ea62d880ae903eca0482269bce8e"
Last-Modified: Sun, 05 Feb 2023 09:35:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1467
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b4a72bcb9b517-OSL
adroa.top/
46.101.137.113200 OK 3.3 kB IP 46.101.137.113:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash e1a01254801cbb7e22fa54593b15a830
402abf8c27f36dd4658cafc8b37ab588bfc35f8d
038d977511d595fa036359c7a33354773882d365beac87c934652908a4fe54b9
GET / HTTP/1.1
Host: adroa.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adroa.top/books/detail.php?hash=42bbbb05ac699d83977f76478140266e
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:25:35 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.45-0+deb7u14
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3308
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF8
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.226200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.226:0
File type ASCII text, with very long lines (3642)
Hash 12b60e96234580c1ce014b32fadfad86
d30d63d25a1cd5226a384cf87b9961128e56fdd1
a671ea86d4398cc3324587165d68d94a28b371ac89342c08ad3b5fb84a41528d
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Feb 2023 11:26:23 GMT
expires: Sun, 05 Feb 2023 11:26:23 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16940587700965097477
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=382939819&t=pageview&_s=1&dl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&ul=en-us&de=UTF-8&dt=Vand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=463564112&gjid=1077225530&cid=1835408711.1675596423&tid=UA-139166507-1&_gid=1700017402.1675596423&_r=1&_slc=1>m=457e3210&z=1883231955
142.250.74.46200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=382939819&t=pageview&_s=1&dl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&ul=en-us&de=UTF-8&dt=Vand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=463564112&gjid=1077225530&cid=1835408711.1675596423&tid=UA-139166507-1&_gid=1700017402.1675596423&_r=1&_slc=1>m=457e3210&z=1883231955
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=382939819&t=pageview&_s=1&dl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&ul=en-us&de=UTF-8&dt=Vand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=463564112&gjid=1077225530&cid=1835408711.1675596423&tid=UA-139166507-1&_gid=1700017402.1675596423&_r=1&_slc=1>m=457e3210&z=1883231955 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://adroa.top
date: Sun, 05 Feb 2023 11:26:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t38.2;r;s1280*1024*24;uhttps%3A//adroa.top/books/detail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e;hVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa;0.8367000742795936
88.212.202.52200 OK 444 B URL HTTP/1.1 counter.yadro.ru/hit?t38.2;r;s1280*1024*24;uhttps%3A//adroa.top/books/detail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e;hVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa;0.8367000742795936
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 31 x 31\012- data
Hash 25955e52e736b29c26e3e73c7780589b
7d42d955c452b669db1a111bbaaea456a9827f96
4ab95e2ca68737e4ba97aff5565c867df4b7214bbe2bd9c0da649553e8119431
GET /hit?t38.2;r;s1280*1024*24;uhttps%3A//adroa.top/books/detail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e;hVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa;0.8367000742795936 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 11:26:23 GMT
Content-Type: image/gif
Content-Length: 444
Connection: keep-alive
Expires: Fri, 04 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash de9c4346801ea3636fb506b54c394b32
f998f9464013582483778132d544fbd106c6d9a1
c9a9f4cbaaf63148dbafd70126d101548d61884ac369c0b35b0e4efa244a9670
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73853
date: Sun, 05 Feb 2023 11:26:23 GMT
access-control-allow-origin: *
etag: "63c93a4b-1207d"
expires: Sun, 05 Feb 2023 12:26:23 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4036
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 11:26:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4036
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 11:26:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4036
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 11:26:23 GMT
Connection: keep-alive
frankfurt.apollo.olxcdn.com/v1/files/0jd1xjorn8sl3-RO/image;s=644x461
143.204.55.51404 Not Found 31 kB URL HTTP/2 frankfurt.apollo.olxcdn.com/v1/files/0jd1xjorn8sl3-RO/image;s=644x461
IP 143.204.55.51:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash b036ac6ada5c16b7dc0f4ab97958fe73
7dee81bdbca77472eadb3064a1d81a99cf9b60b5
8e6791688f9038ed611428b474f6a5ad14d3032d1a3c98b2d303391e8dd61a97
GET /v1/files/0jd1xjorn8sl3-RO/image;s=644x461 HTTP/1.1
Host: frankfurt.apollo.olxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: image/png
date: Sun, 05 Feb 2023 11:26:22 GMT
x-trace: 36f025e0-30d2-4614-b87e-0c863da8526c
cache-control: no-cache
x-cache: Error from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FUWay6dr98RglBkBbuBJrYXBjtRd4Af94cMr6NUyJUPmqUDck2cX-Q==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 47657
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 73958
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 27975
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
agaenteitor.com/400/5305379
139.45.197.239200 OK 39 kB URL HTTP/2 agaenteitor.com/400/5305379
IP 139.45.197.239:0
Hash 40e82fc8431fdb23e271dd0f194dd543
0631c4c8c5dbe67e1b7323d1738f0e361569bc2c
4f6f5d45f626862fc06335217c1f0d3780a9b92b27cc03e5ccabf60c5acb734d
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5305379 HTTP/1.1
Host: agaenteitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: application/javascript
x-trace-id: 5221a6dd4409c10dd9b23aaa199c5081
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a04ca49105d146a9a3527769b0192f2a; expires=Mon, 05 Feb 2024 11:26:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 80437
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 49351
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b8174c62878b9b40e41cb80b22769a90
aea7396890795d53f6557559296ed34836717190
c146c0612bea2c3c672f135096c673c1da16092a5d4c3033b6f6c96e0e4f40f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C146C0612BEA2C3C672F135096C673C1DA16092A5D4C3033B6F6C96E0E4F40F4"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15216
Expires: Sun, 05 Feb 2023 15:39:59 GMT
Date: Sun, 05 Feb 2023 11:26:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fb1495442167a14a49ba788fefe4ce9
a16c69f4c65a9cd5749f26493d440b5dc32be878
2bff389795848a07abc28a725001d87aab31efde2356ed22ce132c9808602cea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BFF389795848A07ABC28A725001D87AAB31EFDE2356ED22CE132C9808602CEA"
Last-Modified: Sun, 05 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17690
Expires: Sun, 05 Feb 2023 16:21:13 GMT
Date: Sun, 05 Feb 2023 11:26:23 GMT
Connection: keep-alive
frankfurt.apollo.olxcdn.com/v1/files/wrpw773o24jr3-RO/image;s=644x461
143.204.55.51404 Not Found 31 kB URL HTTP/2 frankfurt.apollo.olxcdn.com/v1/files/wrpw773o24jr3-RO/image;s=644x461
IP 143.204.55.51:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash dc7a2e509cb3a5e0e5a4c5b92dddac2c
e7352585392ecf995321b0be645eb2aae0cd8285
3d69e1cfd29c8d10b42fd017b18645d5d3c5ea34988993f87fdf4ddb7948d3da
GET /v1/files/wrpw773o24jr3-RO/image;s=644x461 HTTP/1.1
Host: frankfurt.apollo.olxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: image/png
date: Sun, 05 Feb 2023 11:26:22 GMT
x-trace: 8f54eb28-5dcc-4371-96e3-e441c4a90503
cache-control: no-cache
x-cache: Error from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nffnV_ipzRMfe_kXQPyuWdC7RHTXwf5FX5cgbyBY5L5XnddOORizFQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=adroa.top
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=adroa.top
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=adroa.top HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 11:26:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=adroa.top
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=adroa.top
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=adroa.top HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 11:26:23 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5305380&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=x0ef873255ps614996876c9w7ssji437
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5305380&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=x0ef873255ps614996876c9w7ssji437
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5305380&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=x0ef873255ps614996876c9w7ssji437 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://adroa.top/
Origin: https://adroa.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 11:26:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=x0ef873255ps614996876c9w7ssji437
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=x0ef873255ps614996876c9w7ssji437
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 20a43ead493ab165fa4c844d41f2f39e
b79472fa648e5600da860904a946028009fc53d5
a03e728ed669985f19907715eb3270c6a7f90060b7760e60a9dc11aff04d9c28
GET /gid.js?userId=x0ef873255ps614996876c9w7ssji437 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: ID=539bad8590124a028415ff964c8967eb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=539bad8590124a028415ff964c8967eb; expires=Mon, 05 Feb 2024 11:26:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
agaenteitor.com/500/5305379?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 agaenteitor.com/500/5305379?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5305379?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: agaenteitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://adroa.top/
Origin: https://adroa.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:23 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://adroa.top
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
oaphoace.net/500/5305381?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5305381?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5305381?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://adroa.top/
Origin: https://adroa.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:23 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://adroa.top
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
utilitypresent.com/watch.1191436851037.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 utilitypresent.com/watch.1191436851037.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1191436851037.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid= HTTP/1.1
Host: utilitypresent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 11:26:23 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://adroa.top
Access-Control-Allow-Origin: https://adroa.top
Access-Control-Allow-Credentials: true
Location: https://utilitypresent.com/watch.1191436851037.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=1a9fc6b02421a2938cdf95c145e13e5aced81092406315e345929701f2d2290ef3e21c0ba12fe327a73f42b98f70c6173a57925bb9821238c5495e55f5a0c1e39bd450851800193845a510e94769c8e81b77ebd4&pst=1675596443&rmtc=t
Set-Cookie: u_pl=17038415; expires=Mon, 06 Feb 2023 11:26:23 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzODQxNSwiayI6IjdiOTQxZDEzZjA1NjE2YmI1OTFmZjVkYThlOTM0MjA5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4ODIzLCJwaWQiOjQzODc2OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRid252ZTc1YmsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hZHJvYS50b3AvYm9va3MvZGV0YWlsLnBocD9oYXNoPTQyYmJiYjA1YWM2OTlkODM5NzdmNzY0NzgxNDAyNjZlIn19.DPNSraf8b_gC9ZpS5hcgGmDhOBfJNR9yjBUgUi-0S38; expires=Sun, 05 Feb 2023 11:27:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98666f9a2bccc3e92d9d46cc3c76a3bd
Strict-Transport-Security: max-age=0; includeSubdomains
subscribestormyapprobation.com/watch.1064148150522.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 subscribestormyapprobation.com/watch.1064148150522.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1064148150522.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid= HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 11:26:23 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://adroa.top
Access-Control-Allow-Origin: https://adroa.top
Access-Control-Allow-Credentials: true
Location: https://subscribestormyapprobation.com/watch.1064148150522.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=b8e4dadf69356217476a70138dc604187f96bbe43e4e58502d19720ddf21e39f36c78b66921712fd5895fd0904b2f20fc9057b5b2ac8c356386c953bb0a9dfe4d05d6491d03845c7dabdcf7e5e7b0c737e465db7&pst=1675596443&rmtc=t
Set-Cookie: u_pl=17038415; expires=Mon, 06 Feb 2023 11:26:23 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzODQxNSwiayI6IjdiOTQxZDEzZjA1NjE2YmI1OTFmZjVkYThlOTM0MjA5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4ODIzLCJwaWQiOjQzODc2OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRid252ZTc1YmsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hZHJvYS50b3AvYm9va3MvZGV0YWlsLnBocD9oYXNoPTQyYmJiYjA1YWM2OTlkODM5NzdmNzY0NzgxNDAyNjZlIn19.DPNSraf8b_gC9ZpS5hcgGmDhOBfJNR9yjBUgUi-0S38; expires=Sun, 05 Feb 2023 11:27:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6e66faa748f0e44e97eecb89432682a7
Strict-Transport-Security: max-age=0; includeSubdomains
utilitypresent.com/watch.1191436851037.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=1a9fc6b02421a2938cdf95c145e13e5aced81092406315e345929701f2d2290ef3e21c0ba12fe327a73f42b98f70c6173a57925bb9821238c5495e55f5a0c1e39bd450851800193845a510e94769c8e81b77ebd4&pst=1675596443&rmtc=t
192.243.59.20200 OK 2.0 kB URL HTTP/1.1 utilitypresent.com/watch.1191436851037.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=1a9fc6b02421a2938cdf95c145e13e5aced81092406315e345929701f2d2290ef3e21c0ba12fe327a73f42b98f70c6173a57925bb9821238c5495e55f5a0c1e39bd450851800193845a510e94769c8e81b77ebd4&pst=1675596443&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2476)
Hash 0415cc61adf3f14bc6eb44fe9950698c
d694455b2ba4cc0670ee6ebd8dc300122bf8f52f
397532afe5819eb5923aa003f017fbe98a4d288001f6459748c9c08d7215e685
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1191436851037.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=1a9fc6b02421a2938cdf95c145e13e5aced81092406315e345929701f2d2290ef3e21c0ba12fe327a73f42b98f70c6173a57925bb9821238c5495e55f5a0c1e39bd450851800193845a510e94769c8e81b77ebd4&pst=1675596443&rmtc=t HTTP/1.1
Host: utilitypresent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Referer: https://adroa.top/
Connection: keep-alive
Cookie: u_pl=17038415; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzODQxNSwiayI6IjdiOTQxZDEzZjA1NjE2YmI1OTFmZjVkYThlOTM0MjA5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4ODIzLCJwaWQiOjQzODc2OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRid252ZTc1YmsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hZHJvYS50b3AvYm9va3MvZGV0YWlsLnBocD9oYXNoPTQyYmJiYjA1YWM2OTlkODM5NzdmNzY0NzgxNDAyNjZlIn19.DPNSraf8b_gC9ZpS5hcgGmDhOBfJNR9yjBUgUi-0S38
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 11:26:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://adroa.top
Access-Control-Allow-Origin: https://adroa.top
Access-Control-Allow-Credentials: true
Set-Cookie: pdhtkv=true; expires=Mon, 06 Feb 2023 11:26:23 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 11:26:23 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 06 Feb 2023 11:26:23 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 06 Feb 2023 11:26:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 12c688e93ba0db18831a76c62d9113e5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
subscribestormyapprobation.com/watch.606364075121.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 subscribestormyapprobation.com/watch.606364075121.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.606364075121.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid= HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 11:26:23 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://adroa.top
Access-Control-Allow-Origin: https://adroa.top
Access-Control-Allow-Credentials: true
Location: https://subscribestormyapprobation.com/watch.606364075121.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=e83e290b26dfabe90a238ed3a904dcd052dca1ac741a2efe6c3f78b18a0ba2619b7924e6936535ccb17b91041dacffd837b00c1ac887e8e57ff0eced1691ae1f1f5fa13b657ce682f165068b2e054782dde8a090&pst=1675596443&rmtc=t
Set-Cookie: u_pl=17038415; expires=Mon, 06 Feb 2023 11:26:23 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzODQxNSwiayI6IjdiOTQxZDEzZjA1NjE2YmI1OTFmZjVkYThlOTM0MjA5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4ODIzLCJwaWQiOjQzODc2OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRid252ZTc1YmsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hZHJvYS50b3AvYm9va3MvZGV0YWlsLnBocD9oYXNoPTQyYmJiYjA1YWM2OTlkODM5NzdmNzY0NzgxNDAyNjZlIn19.DPNSraf8b_gC9ZpS5hcgGmDhOBfJNR9yjBUgUi-0S38; expires=Sun, 05 Feb 2023 11:27:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2bb7ec3f80b426aecdf5f5db21ed6adb
Strict-Transport-Security: max-age=0; includeSubdomains
oaphoace.net/500/5305381?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 3.2 kB URL HTTP/2 oaphoace.net/500/5305381?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (2483)
Hash f794033bab04abfe806662da9afd5ce8
e4c06892fb7fdb7ce3682bd0e36791d6e4cba0e6
9a85633e253f979426c695395f04971c6e61eb5f82330154a73af21c90f6555a
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5305381?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: OAID=e8ef1f36a27640b8bb0292402be21ff1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:23 GMT
content-type: application/javascript
x-trace-id: 3f328d60c28378e49badfc6e848e2f1b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://adroa.top
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=x0ef873255ps614996876c9w7ssji437; expires=Mon, 05 Feb 2024 11:26:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
subscribestormyapprobation.com/watch.606364075121.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=e83e290b26dfabe90a238ed3a904dcd052dca1ac741a2efe6c3f78b18a0ba2619b7924e6936535ccb17b91041dacffd837b00c1ac887e8e57ff0eced1691ae1f1f5fa13b657ce682f165068b2e054782dde8a090&pst=1675596443&rmtc=t
192.243.59.12200 OK 2.0 kB URL HTTP/1.1 subscribestormyapprobation.com/watch.606364075121.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=e83e290b26dfabe90a238ed3a904dcd052dca1ac741a2efe6c3f78b18a0ba2619b7924e6936535ccb17b91041dacffd837b00c1ac887e8e57ff0eced1691ae1f1f5fa13b657ce682f165068b2e054782dde8a090&pst=1675596443&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2442)
Hash 54b3b4c8fb3b221302c84725dd6234f1
e70507872fd9ede4304f935fc9be99dfb855ede8
eef1bbd07dc16129a7022cca12da6d09bfcca06a2857272cc0e278aa087238f3
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.606364075121.js?key=7b941d13f05616bb591ff5da8e934209&kw=%5B%22vand%22%2C%22disc%22%2C%22pick-up%22%2C%22valsuri%22%2C%22vieneze-%22%2C%22strauss%22%2C%22adroa%22%5D&refer=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&tz=0&dev=e&res=12.1055&uuid=&shu=e83e290b26dfabe90a238ed3a904dcd052dca1ac741a2efe6c3f78b18a0ba2619b7924e6936535ccb17b91041dacffd837b00c1ac887e8e57ff0eced1691ae1f1f5fa13b657ce682f165068b2e054782dde8a090&pst=1675596443&rmtc=t HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Referer: https://adroa.top/
Connection: keep-alive
Cookie: u_pl=17038415; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzODQxNSwiayI6IjdiOTQxZDEzZjA1NjE2YmI1OTFmZjVkYThlOTM0MjA5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzk4ODIzLCJwaWQiOjQzODc2OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRid252ZTc1YmsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hZHJvYS50b3AvYm9va3MvZGV0YWlsLnBocD9oYXNoPTQyYmJiYjA1YWM2OTlkODM5NzdmNzY0NzgxNDAyNjZlIn19.DPNSraf8b_gC9ZpS5hcgGmDhOBfJNR9yjBUgUi-0S38
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 11:26:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://adroa.top
Access-Control-Allow-Origin: https://adroa.top
Access-Control-Allow-Credentials: true
Set-Cookie: pdhtkv=true; expires=Mon, 06 Feb 2023 11:26:24 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 11:26:24 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 06 Feb 2023 11:26:24 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 06 Feb 2023 11:26:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e7d19f21947e11d0e0116f43a63649fe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 05 Feb 2023 11:26:24 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sun, 05 Feb 2023 12:26:24 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
bedrapiona.com/5/5305372/?oo=1&js_build=iclick-v1.479.0
139.45.197.234200 OK 1.8 kB URL HTTP/2 bedrapiona.com/5/5305372/?oo=1&js_build=iclick-v1.479.0
IP 139.45.197.234:0
Hash 08bdc17f487f6d2b0899b2bd9d120580
e83343bb81d0a37322b593e0ae3498bc927288ae
ce84bd1020b9aaddba5aec84eea0338a77f4f7226c2d07e9a195810cbd4e6573
GET /5/5305372/?oo=1&js_build=iclick-v1.479.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: application/json
x-trace-id: c746c8d2d9fb0d7f6bc18f45c80129da
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=42f43ac0dadf47ba85f519289bf8afe2; expires=Mon, 05 Feb 2024 11:26:22 GMT; path=/; secure; SameSite=None
oaidts=1675596382; expires=Mon, 05 Feb 2024 11:26:22 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dfcdbf455580029a0c665fe5215ac927
e5fa1eb26e208c7599a07f327dd46356b7c5e806
b118c64c81b215c1379a81a9e64aa28eb647893870c0aaae293bf6adfa311f7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
agaenteitor.com/500/5305379?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 1.2 kB URL HTTP/2 agaenteitor.com/500/5305379?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash 002429e52443dd34ecd677c3f0d41746
cacd8d9275f76012a5f1841d324c6d61ba83dd83
78d819c92f5b7fecac0f1fc8da42aba0ddf55dc3350ddca0432c0903b0fb9b3d
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5305379?excludes=&oaid=x0ef873255ps614996876c9w7ssji437&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: agaenteitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: OAID=a04ca49105d146a9a3527769b0192f2a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:23 GMT
content-type: application/javascript
x-trace-id: 5480895b9c6b5f3d9f748c0260e2b685
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://adroa.top
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=x0ef873255ps614996876c9w7ssji437; expires=Mon, 05 Feb 2024 11:26:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=x0ef873255ps614996876c9w7ssji437
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=x0ef873255ps614996876c9w7ssji437
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 20a43ead493ab165fa4c844d41f2f39e
b79472fa648e5600da860904a946028009fc53d5
a03e728ed669985f19907715eb3270c6a7f90060b7760e60a9dc11aff04d9c28
GET /gid.js?userId=x0ef873255ps614996876c9w7ssji437 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: ID=539bad8590124a028415ff964c8967eb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:24 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=539bad8590124a028415ff964c8967eb; expires=Mon, 05 Feb 2024 11:26:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
upgulpinon.com/121?rnd=1408629547&z=5305380&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&bag=xcB8gTmGOpdRqaPb5ulum-fSI7VuX52p&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1
139.45.197.242302 Found 0 B URL HTTP/2 upgulpinon.com/121?rnd=1408629547&z=5305380&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&bag=xcB8gTmGOpdRqaPb5ulum-fSI7VuX52p&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /121?rnd=1408629547&z=5305380&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&bag=xcB8gTmGOpdRqaPb5ulum-fSI7VuX52p&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=x0ef873255ps614996876c9w7ssji437; oaidts=1675596381
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 05 Feb 2023 11:26:24 GMT
content-length: 0
location: https://mediasama.com/starharem/01/s/index_rt.html
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: dda0a00f3bcd192ee977b19dc658eacb
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=2630371984&z=5305380&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=603
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=2630371984&z=5305380&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=603
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=2630371984&z=5305380&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=603 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: scm=1; OAID=x0ef873255ps614996876c9w7ssji437; oaidts=1675596381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:24 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: e3aa30c8f19674ca3b5d441e51997304
access-control-expose-headers: X-Sc
set-cookie: OAID=x0ef873255ps614996876c9w7ssji437; expires=Mon, 05 Feb 2024 11:26:24 GMT; secure; SameSite=None
oaidts=1675596381; expires=Mon, 05 Feb 2024 11:26:24 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=2630371984&z=5305380&b=16466421&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=2630371984&z=5305380&b=16466421&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=2630371984&z=5305380&b=16466421&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: scm=1; OAID=x0ef873255ps614996876c9w7ssji437; oaidts=1675596381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:24 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 35db34ba010e4a8ed593c32090a53700
access-control-expose-headers: X-Sc
set-cookie: OAID=x0ef873255ps614996876c9w7ssji437; expires=Mon, 05 Feb 2024 11:26:24 GMT; secure; SameSite=None
oaidts=1675596381; expires=Mon, 05 Feb 2024 11:26:24 GMT; secure; SameSite=None
oaidvc=1; expires=Mon, 05 Feb 2024 11:26:24 GMT; secure; SameSite=None
CNT=1_v1_9UH7AAEAAADBSwAA; expires=Sun, 05 Feb 2023 12:26:24 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
offerimage.com/www/images/b89a854cfb66584b3f5fef24e571e8b5.png
172.67.22.216200 OK 93 kB URL HTTP/2 offerimage.com/www/images/b89a854cfb66584b3f5fef24e571e8b5.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b89a854cfb66584b3f5fef24e571e8b5
9bb5f94bcc641c8cfbc2e24f0a2af5bd07a3a1ea
7228a1274993f4e608b4f0952b2197db136917df3d8ae95ea16a9a34769945e7
GET /www/images/b89a854cfb66584b3f5fef24e571e8b5.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:24 GMT
content-type: image/png
content-length: 92662
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-169f6"
expires: Mon, 06 Feb 2023 07:19:28 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 14816
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 794b4a7a1caab521-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98f0950ed03ec36f411e972a9c167b2a
f5da8f3faa05536769ce459ed3028a1f0bec4fb0
9db298b3908012b0310ffc50ae948424d0ec38a8f1f9b6ae09c36a64f596e91b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4051
Expires: Sun, 05 Feb 2023 12:33:55 GMT
Date: Sun, 05 Feb 2023 11:26:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 98f0950ed03ec36f411e972a9c167b2a
f5da8f3faa05536769ce459ed3028a1f0bec4fb0
9db298b3908012b0310ffc50ae948424d0ec38a8f1f9b6ae09c36a64f596e91b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4051
Expires: Sun, 05 Feb 2023 12:33:55 GMT
Date: Sun, 05 Feb 2023 11:26:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 556f5c7a9f240b687e6d8cab038146f7
09d07a0951991372674b19cc77f9e92d7a651bd3
67b80a1039965b4122197b7c6d7fc5d1c89c408ce27cd1ffaa8ec7d42fcdf0a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67B80A1039965B4122197B7C6D7FC5D1C89C408CE27CD1FFAA8EC7D42FCDF0A5"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17042
Expires: Sun, 05 Feb 2023 16:10:26 GMT
Date: Sun, 05 Feb 2023 11:26:24 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/50/9d/3b/509d3b7e020ef91d65e037f53352f87c/1631285267.jpg
45.133.44.10200 OK 113 kB URL HTTP/2 cdn.cloudimagesb.com/bi/50/9d/3b/509d3b7e020ef91d65e037f53352f87c/1631285267.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:07:26 12:34:57], baseline, precision 8, 300x250, components 3\012- data
Size 113 kB (112654 bytes)
Hash 2b8ea0a1c926c6650dda9cf96eb65505
721ff17c7c712afc2fc58e0c9e14051bda91367d
54c020c811452a01bab3d9a3884284a23d17460117894d4c70fe9d7e22e271b5
GET /bi/50/9d/3b/509d3b7e020ef91d65e037f53352f87c/1631285267.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:24 GMT
content-type: image/jpeg
content-length: 112654
server: nginx/1.17.6
last-modified: Fri, 10 Sep 2021 14:47:59 GMT
etag: "613b701f-1b80e"
expires: Tue, 07 Feb 2023 11:26:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/watch/53473582/1?wmode=7&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1449149186283%3Ahid%3A374156204%3Az%3A0%3Ai%3A20230205112703%3Aet%3A1675596423%3Ac%3A1%3Arn%3A424670979%3Arqn%3A1%3Au%3A1675596423411186398%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C251%2C75%2C0%2C330%2C0%2C%2C1012%2C6%2C%2C%2C%2C1698%3Aco%3A0%3Ans%3A1675596420766%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675596424%3At%3AVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/53473582/1?wmode=7&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1449149186283%3Ahid%3A374156204%3Az%3A0%3Ai%3A20230205112703%3Aet%3A1675596423%3Ac%3A1%3Arn%3A424670979%3Arqn%3A1%3Au%3A1675596423411186398%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C251%2C75%2C0%2C330%2C0%2C%2C1012%2C6%2C%2C%2C%2C1698%3Aco%3A0%3Ans%3A1675596420766%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675596424%3At%3AVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 759c085422acc826994095bceeb26d0e
be1b37bc1699fe1aa2ce5b90ef44de0a90f96b7f
44b9d09000f97ca7710b235d83810d15db8d99823238265ccd559a1ef1b4df87
GET /watch/53473582/1?wmode=7&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1449149186283%3Ahid%3A374156204%3Az%3A0%3Ai%3A20230205112703%3Aet%3A1675596423%3Ac%3A1%3Arn%3A424670979%3Arqn%3A1%3Au%3A1675596423411186398%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C251%2C75%2C0%2C330%2C0%2C%2C1012%2C6%2C%2C%2C%2C1698%3Aco%3A0%3Ans%3A1675596420766%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675596424%3At%3AVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Referer: https://adroa.top/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sun, 05 Feb 2023 11:26:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 05-Feb-2023 11:26:24 GMT
last-modified: Sun, 05-Feb-2023 11:26:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7d70322f4f6af3289d4d7f4c22a4c179
f2abd2a7c1575ab0b362920699143dce3ff60d75
0e5b166c8e8d91421e0122ab3863a9cdd88ca4dffa1d9beb9cdf61aca0ac95f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/cti/4a/73/9a/4a739ae3337782d6f0857c15107ef3da/1663334721.png
45.133.44.10200 OK 43 kB URL HTTP/2 cdn.cloudimagesb.com/cti/4a/73/9a/4a739ae3337782d6f0857c15107ef3da/1663334721.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 43893a3257a410b3a4b589e870af60f3
9ea4647756d691daf7c3eddb37edecc5ca474b8c
95b1410fd0574179bb1266eef2996feb3a3796665454b3b6df4f5f95c58fa15a
GET /cti/4a/73/9a/4a739ae3337782d6f0857c15107ef3da/1663334721.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:24 GMT
content-type: image/png
content-length: 43431
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:25:29 GMT
etag: "63247949-a9a7"
expires: Tue, 07 Feb 2023 11:26:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/21/36/8c/21368cfd3bd87429f35209612ffb15ef/1668177353.gif
45.133.44.10200 OK 156 kB URL HTTP/2 cdn.cloudimagesb.com/bi/21/36/8c/21368cfd3bd87429f35209612ffb15ef/1668177353.gif
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 300 x 250\012- data
Size 156 kB (156304 bytes)
Hash d699eae0d8e7df3c924ffc8f52b04e9e
10607ae43cb8975304e65d5eb45dcebdfc505836
b6ec5d7c75f1abe4005e7c1e66a1345a97e44c5a14d2662e9594acc53e3f9e4c
GET /bi/21/36/8c/21368cfd3bd87429f35209612ffb15ef/1668177353.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:24 GMT
content-type: image/gif
content-length: 156304
server: nginx/1.17.6
last-modified: Fri, 11 Nov 2022 14:36:01 GMT
etag: "636e5dd1-26290"
expires: Tue, 07 Feb 2023 11:26:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9c5c11780ee80e72a075b277535c3b30
4fe30781393f99b7de8a4286f60d696d5e4215fc
9c145a49b36a974fcbd39ca35ac71270e34026212707afd1d0478a566879ccc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C145A49B36A974FCBD39CA35AC71270E34026212707AFD1D0478A566879CCC4"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2734
Expires: Sun, 05 Feb 2023 12:11:58 GMT
Date: Sun, 05 Feb 2023 11:26:24 GMT
Connection: keep-alive
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 05 Feb 2023 11:26:24 GMT
expires: Sun, 05 Feb 2023 11:26:24 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=WjMTIsx1ksJhXp2Uuk9QyMYUO-SQ35zPIpqGH-fpm2D-lgWL55Jx7OHcPisXDm0Qk_tDnWOwpnBEhCfZorEysMJBvUh-4ePSZ8OtIlYEztWZBOItMAgBRNylLrjEK8cHWMW8m94sBUY404EukiJd0mGfJ9gldRIfqP4h0UbrzK0TuP7YvQwqnMTvsJGFiPD7vq1qGx7leSFVfm4j2_4ckDl80pfWyBHJsotiXA%3D%3D&request_ab2=0&zoneid=5305372&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=23b9f4c2-844e-4182-9a9a-e7472c00f58d&userId=x0ef873255ps614996876c9w7ssji437&m=link
139.45.197.243200 OK 6.7 kB URL HTTP/2 onmarshtompor.com/?rb=WjMTIsx1ksJhXp2Uuk9QyMYUO-SQ35zPIpqGH-fpm2D-lgWL55Jx7OHcPisXDm0Qk_tDnWOwpnBEhCfZorEysMJBvUh-4ePSZ8OtIlYEztWZBOItMAgBRNylLrjEK8cHWMW8m94sBUY404EukiJd0mGfJ9gldRIfqP4h0UbrzK0TuP7YvQwqnMTvsJGFiPD7vq1qGx7leSFVfm4j2_4ckDl80pfWyBHJsotiXA%3D%3D&request_ab2=0&zoneid=5305372&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=23b9f4c2-844e-4182-9a9a-e7472c00f58d&userId=x0ef873255ps614996876c9w7ssji437&m=link
IP 139.45.197.243:0
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2218)
Hash 2b6d08618861bc841d325d64b8df5544
d6ab6c270a3f8c869fd3a8780c363999e020d2b5
b4417811b6bb45ef20db5893636ce8671f79c067c4b80cc8508fda65967e0730
GET /?rb=WjMTIsx1ksJhXp2Uuk9QyMYUO-SQ35zPIpqGH-fpm2D-lgWL55Jx7OHcPisXDm0Qk_tDnWOwpnBEhCfZorEysMJBvUh-4ePSZ8OtIlYEztWZBOItMAgBRNylLrjEK8cHWMW8m94sBUY404EukiJd0mGfJ9gldRIfqP4h0UbrzK0TuP7YvQwqnMTvsJGFiPD7vq1qGx7leSFVfm4j2_4ckDl80pfWyBHJsotiXA%3D%3D&request_ab2=0&zoneid=5305372&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=23b9f4c2-844e-4182-9a9a-e7472c00f58d&userId=x0ef873255ps614996876c9w7ssji437&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adroa.top/
Origin: https://adroa.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:24 GMT
content-type: application/json
x-trace-id: 096ffc70874259e92cc3470d58263a36
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=x0ef873255ps614996876c9w7ssji437; expires=Mon, 05 Feb 2024 11:26:24 GMT; path=/; secure; SameSite=None
oaidts=1675596384; expires=Mon, 05 Feb 2024 11:26:24 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 12 Feb 2023 11:26:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash cdca657a539b317a54fba0339bd93784
2b8daa836a2eef31971f8aa77ce86bd3f7878a14
4ebe5dcc44431b471a624a4555e8371167fa6f32972a06b7a79b6fa1cc1c5b1b
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 05 Feb 2023 11:26:24 GMT
date: Sun, 05 Feb 2023 11:26:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-Cr69ZNzglGF-hjEj3U62dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/index_rt.html
149.56.38.113200 OK 1.5 kB URL HTTP/1.1 mediasama.com/starharem/01/s/index_rt.html
IP 149.56.38.113:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 30597b59f3cb1eadf603fcfb21952340
baca3a552764959edd4fc56947acc9a4f33822de
6ac92da5b37d94c53f231a18bb88be006ae20f1724a63151a97ed918d86cb25d
GET /starharem/01/s/index_rt.html HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:24 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 09:11:51 GMT
ETag: "17a0-5e438fdce23c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 305854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/styles.css
149.56.38.113200 OK 2.4 kB URL HTTP/1.1 mediasama.com/starharem/01/s/styles.css
IP 149.56.38.113:0
File type ASCII text, with very long lines (420)
Hash 8e7117f5f47cb6cde0a8e8eb38b16dbb
617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98
GET /starharem/01/s/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:24 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:29 GMT
ETag: "2638-5dc0be6400e82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mediasama.com/starharem/01/s/js/main.js
149.56.38.113200 OK 549 B URL HTTP/1.1 mediasama.com/starharem/01/s/js/main.js
IP 149.56.38.113:0
Hash d8fa8e233a4db9fbce0c20d9a57a06fe
2366b2969771aa164bfdca6b5baf916806f6758a
f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932
GET /starharem/01/s/js/main.js HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:24 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:50 GMT
ETag: "516-5dc0be78000b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 425839
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Hash 70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a
GET /s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 01:14:36 GMT
expires: Thu, 01 Feb 2024 01:14:36 GMT
cache-control: public, max-age=31536000
age: 382309
last-modified: Tue, 19 Apr 2022 18:58:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upgulpinon.com/15?rnd=2320856525&z=5305380&var=&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A2.419%2C%22location%22%3A%22https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/15?rnd=2320856525&z=5305380&var=&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A2.419%2C%22location%22%3A%22https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15?rnd=2320856525&z=5305380&var=&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A2.419%2C%22location%22%3A%22https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: scm=1; OAID=x0ef873255ps614996876c9w7ssji437; oaidts=1675596381; oaidvc=1; CNT=1_v1_9UH7AAEAAADBSwAA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 11:26:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 045a4b11cbf866045b70e994ab8213d5
access-control-expose-headers: X-Sc
set-cookie: OAID=x0ef873255ps614996876c9w7ssji437; expires=Mon, 05 Feb 2024 11:26:25 GMT; secure; SameSite=None
oaidts=1675596381; expires=Mon, 05 Feb 2024 11:26:25 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/audio/btn_1.mp3
149.56.38.113206 Partial Content 20 kB URL HTTP/1.1 mediasama.com/starharem/01/s/audio/btn_1.mp3
IP 149.56.38.113:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Hash d857acaef2cdf5ec88ea6128c1ceb7b3
5f67419243f34232a4da8cb1a1eaecfc192ff1a7
df83bc888086ae84b5d532a39023b0db17e8f3ccd3ffdcd6f35c8d4f39558d24
GET /starharem/01/s/audio/btn_1.mp3 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:31 GMT
ETag: "4f61-5dc0be65fcb81"
Accept-Ranges: bytes
Content-Length: 20321
Content-Range: bytes 0-20320/20321
Content-Type: audio/mpeg
mediasama.com/starharem/01/s/img/2.jpg
149.56.38.113200 OK 369 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/2.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 369 kB (369239 bytes)
Hash b7d3bd4ae3d5f8477e040e6410517866
2b255c9583c47e5da4069d9c055d3430a0c1e03a
7bb68d5a9a92a500956397e156beb117a0ef605b6747800cacf9c9440b6fc7e4
GET /starharem/01/s/img/2.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5a257-5dc622e1424eb"
Accept-Ranges: bytes
Content-Length: 369239
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/1.jpg
149.56.38.113200 OK 397 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/1.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 397 kB (397097 bytes)
Hash 43c140ec16ce96d582782ea93eeaa4fe
3390bf8e8708620fc0a851455e4729cb4f0248a2
3e176a04debe08dd522e7f0fbc9f7530880a92fb9845afd7391bbaa764a4ad55
GET /starharem/01/s/img/1.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "60f29-5dc622dfac0e8"
Accept-Ranges: bytes
Content-Length: 397097
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/7.jpg
149.56.38.113200 OK 327 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/7.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 327 kB (326553 bytes)
Hash c67c9fb0268eea7d188c4c9bc54a0bf4
216b83374ba6f011041b31dd381f22e99ea7a8c1
95ae6eba3fad2ff05cadc95b27fc79a198a9e873371ab5fb7bb97c1661cd4654
GET /starharem/01/s/img/7.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:45 GMT
ETag: "4fb99-5dc622e5033f2"
Accept-Ranges: bytes
Content-Length: 326553
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/9.jpg
149.56.38.113200 OK 342 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/9.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 342 kB (341673 bytes)
Hash a3a888cf217de9be2aa727dd1cc64757
b7bd361dfdceecfc5775d0ed32e5798abd271d5e
2fd4025336ad8a5edd704651a216cf6b9739089ad1c204bd1ea8e114d11770b9
GET /starharem/01/s/img/9.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "536a9-5dc622e6fb276"
Accept-Ranges: bytes
Content-Length: 341673
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/8.jpg
149.56.38.113200 OK 682 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/8.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-3584, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 211035008.000000\012- data
Size 682 kB (682050 bytes)
Hash cedcd46e956dee6a28f87198962b0477
7b38f1de654971e436983fb6a34a71540ba526c9
08c08ef6f1ed9da65259719bbcc97e9aec700d3b486a9f0a741cb5800be34db5
GET /starharem/01/s/img/8.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "a6842-5dc622e757ed6"
Accept-Ranges: bytes
Content-Length: 682050
Content-Type: image/jpeg
mc.yandex.ru/watch/53473582?wmode=7&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1449149186283%3Ahid%3A374156204%3Az%3A0%3Ai%3A20230205112703%3Aet%3A1675596423%3Ac%3A1%3Arn%3A424670979%3Arqn%3A1%3Au%3A1675596423411186398%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C251%2C75%2C0%2C330%2C0%2C%2C1012%2C6%2C%2C%2C%2C1698%3Aco%3A0%3Ans%3A1675596420766%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675596424%3At%3AVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 325 kB URL HTTP/2 mc.yandex.ru/watch/53473582?wmode=7&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1449149186283%3Ahid%3A374156204%3Az%3A0%3Ai%3A20230205112703%3Aet%3A1675596423%3Ac%3A1%3Arn%3A424670979%3Arqn%3A1%3Au%3A1675596423411186398%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C251%2C75%2C0%2C330%2C0%2C%2C1012%2C6%2C%2C%2C%2C1698%3Aco%3A0%3Ans%3A1675596420766%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675596424%3At%3AVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 325 kB (325446 bytes)
Hash ec18d276822ab5772f3458da7dbedfbc
f7a38f944aaba3e6b848f496bf4b8fee50b58161
da6b7082767f0ddffbec031c7f84b859c7a1f20624445bb26aa93895b75d7c09
GET /watch/53473582?wmode=7&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1449149186283%3Ahid%3A374156204%3Az%3A0%3Ai%3A20230205112703%3Aet%3A1675596423%3Ac%3A1%3Arn%3A424670979%3Arqn%3A1%3Au%3A1675596423411186398%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C251%2C75%2C0%2C330%2C0%2C%2C1012%2C6%2C%2C%2C%2C1698%3Aco%3A0%3Ans%3A1675596420766%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675596424%3At%3AVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/53473582/1?wmode=7&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1449149186283%3Ahid%3A374156204%3Az%3A0%3Ai%3A20230205112703%3Aet%3A1675596423%3Ac%3A1%3Arn%3A424670979%3Arqn%3A1%3Au%3A1675596423411186398%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C251%2C75%2C0%2C330%2C0%2C%2C1012%2C6%2C%2C%2C%2C1698%3Aco%3A0%3Ans%3A1675596420766%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675596424%3At%3AVand%20disc%20pick-up%20Valsuri%20Vieneze-%20Strauss%20%7C%20adroa&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 05 Feb 2023 11:26:24 GMT
access-control-allow-origin: https://adroa.top
set-cookie: yabs-sid=378423131675596384; Path=/; SameSite=None; Secure
i=UTGFZ9FLn5PeXB16spEJ/QNwpjhdUuO+frVSbVF+25zooHjvGO8hZwQI4BkSFgDF13ZVBY+oIonGr3fD9798NkXW/4w=; Expires=Wed, 02-Feb-2033 11:26:24 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1832943741675596384; Expires=Mon, 05-Feb-2024 11:26:24 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1832943741675596384; Expires=Mon, 05-Feb-2024 11:26:24 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1707132384.yc.1675596384#1707132384.yrts.1675596384#1707132384.yrtsi.1675596384; Expires=Mon, 05-Feb-2024 11:26:24 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 05-Feb-2023 11:26:24 GMT
last-modified: Sun, 05-Feb-2023 11:26:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/img/3.jpg
149.56.38.113200 OK 375 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/3.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 375 kB (375159 bytes)
Hash 84c5f704120f28ad7bcde2ebab7442a0
fd2745300ba7ad59ff8044c7e9f76b1326ddd120
6227de9cf2198a85639d3808c134b85dc1e6a5ee5ee5709189c5e58d1b91b7c2
GET /starharem/01/s/img/3.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5b977-5dc622e17edac"
Accept-Ranges: bytes
Content-Length: 375159
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/6.jpg
149.56.38.113200 OK 261 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/6.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 261 kB (261364 bytes)
Hash 4b7cf78d93f3f009f850bedb6829d7f6
cc55cad898df47a2f089946aee9398fea7fa2ae6
44d0a6f8e7f7fe0354c05417445137070431686d671c51e9f3d3869867f2448f
GET /starharem/01/s/img/6.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:44 GMT
ETag: "3fcf4-5dc622e471bd1"
Accept-Ranges: bytes
Content-Length: 261364
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/10.jpg
149.56.38.113200 OK 237 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/10.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 237 kB (236974 bytes)
Hash e0046cc1f34ff0701ec4874a0a8c5d43
c6a46db14dfc50d67307a9855f4dd2688d576a01
8589d73053f4bb258d888488403564bdcc94fb2d87c7388f943bf06fb85865a1
GET /starharem/01/s/img/10.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "39dae-5dc622df755e8"
Accept-Ranges: bytes
Content-Length: 236974
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/5.jpg
149.56.38.113200 OK 461 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/5.jpg
IP 149.56.38.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 461 kB (461412 bytes)
Hash 42ad3cffde2e4081df94ded8a30a1dc5
7b064f0fcb96e5b5c498c0c03bcbb9ab15e999b0
be788428faee6157125228734e5510d4f49212766eff23a1a1b178e456f153d1
GET /starharem/01/s/img/5.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "70a64-5dc622e35f52f"
Accept-Ranges: bytes
Content-Length: 461412
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/11.jpg
149.56.38.113200 OK 403 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/11.jpg
IP 149.56.38.113:0
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 403 kB (402740 bytes)
Hash c10654a068f849e614885c983ac9ab02
8d69da78045560f1c2de7bafc47b2c8a12e86424
3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2
GET /starharem/01/s/img/11.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 11:26:25 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 09:18:06 GMT
ETag: "62534-5dc5d6c134c3d"
Accept-Ranges: bytes
Content-Length: 402740
Content-Type: image/jpeg
mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=584366193&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596427%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112706%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596427&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=584366193&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596427%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112706%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596427&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/53473582?wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=584366193&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596427%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112706%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596427&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 53188
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 05 Feb 2023 11:26:27 GMT
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 05-Feb-2023 11:26:27 GMT
last-modified: Sun, 05-Feb-2023 11:26:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
upgulpinon.com/15?rnd=2320856525&z=5305380&var=&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A4.421%2C%22location%22%3A%22https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/15?rnd=2320856525&z=5305380&var=&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A4.421%2C%22location%22%3A%22https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15?rnd=2320856525&z=5305380&var=&rb=w0ASB_9Bftfu2B-c7Y1JlLyozmelXWqD-yJBCpB4Vwl5WakdRCn1wjm41VWRaDRrW5Cc7lcZVRVgqXVw6u374MqvNfcsB3wdRbAYV_10F9LpU8-A8FrG9XgEdG-qbEQwxO7rli7tUaECmpB8XyvQIWBW6oA87ixroAdJ_OM3WPcNi4LT4biQxbof3eGVRxY6Gswzp3vq2SL8R1vEYjhKXyW3dVHYejnBlLzVKwlpUCbuQT6rn2E65O-3VGcJ_tCURF-PWEPG5UasYQHOi48VMIHJQk4e1rpXDbq13ov9pt7o1fvGjUoAbgxZ7l0phhYmR6z4DYpO5sjMnU-6UNLb95IVi8XIF0QUgzFwLZ9edYJj8V2gQYJeo_tKpV55_TQWNkHqi0d6qQmOJPVZMQE505u37SFBTZQgm-ZLGg7eQq_Qn-0N2BQGKloD5EJDbumUFODQY1-Cp3JoeiZj9-M56dV71LlAD9TXXormyHoT1zysJlRac2rGipd0zuehpQZAmz5_0sc7lyysLTxnqw_Ctfk8ZPlL6AFotF77U7yt6NRBrNhmPRre5zvE6izefwsQrAs9asAGMqZPuYVyjszgkBbfMkEs43tlwZuZxPVppT4frg2rwy3RdVi7rB9B7aC8XsPBUibn5sEXZWGVIqvV2hD1khy_zrZtm1dtbKuclRWnhb2wREFT8FHam9WWicXL0LiOgUcRnlG9YAFdYteyrQ==&ruid=9c909ceb-fe06-4b4c-bec2-dd504250e7d1&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A4.421%2C%22location%22%3A%22https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: scm=1; OAID=x0ef873255ps614996876c9w7ssji437; oaidts=1675596381; oaidvc=1; CNT=1_v1_9UH7AAEAAADBSwAA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 11:26:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: e1dc4c9d8dcbc1b8136f15dd9d9e9de7
access-control-expose-headers: X-Sc
set-cookie: OAID=x0ef873255ps614996876c9w7ssji437; expires=Mon, 05 Feb 2024 11:26:27 GMT; secure; SameSite=None
oaidts=1675596381; expires=Mon, 05 Feb 2024 11:26:27 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=438204365&wv-type=3&browser-info=we%3A1%3Aet%3A1675596427%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112707%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596427&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=438204365&wv-type=3&browser-info=we%3A1%3Aet%3A1675596427%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112707%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596427&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/53473582?wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=438204365&wv-type=3&browser-info=we%3A1%3Aet%3A1675596427%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112707%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596427&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 05 Feb 2023 11:26:27 GMT
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 05-Feb-2023 11:26:27 GMT
last-modified: Sun, 05-Feb-2023 11:26:27 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
oaphoace.net/impression/L0Ulwf96uyeFR6P1yBagK4DyhYiS3nOlG12ApWFSL7EZI9gH5JzdFVmI5pqYSy-LJxwQvRray6TKQnqUAXtkQ3iSV6tpaXzmvhL1UXTSrX3iYV1F388qESJKn9Vi8VqFtJs6eC2j1EoiVEBp9LXLP360SyG4dQUNvNpxGUoERzDFrhHyvmDwzTG28I_mvJoV6Sa9yXmxmecyLSAVxYg_3vMPYBj1pwMzLKjpvZzpEs7zzkkooZoURqxo3bfp6yC47s7WDOyD-uva_EJ8iB8pyw70iHZxtM78ltWSG3VM6wXa134yGfixG23dQre9wCT_Cg-wha4TNmT3ZKIv5Rm0J7drKgvfRgIVmO38_dDIgZtre0U0Lg5QppCYhCkIfnZJboydExRsVRJwi-DZN2oRSmSn74hOPSbWZegMmq0eN8UjzS0dcUZVJLKYK6Kir2j_nfvWE00OK5IEhYfCwSy7Lfyp9IG1daInJFLCjWk67VtsBt1-wWJ8NSTT9qOIMNaBIB6cu8giRSfA8OukmnXOo9NnEgRjkA9CPwDzavPaZJOE_sGQ5Ez6aUVUo5S9WWfNdRmqUIF_R51DV9glr2zQboOe3WE=?_z=5305381&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 oaphoace.net/impression/L0Ulwf96uyeFR6P1yBagK4DyhYiS3nOlG12ApWFSL7EZI9gH5JzdFVmI5pqYSy-LJxwQvRray6TKQnqUAXtkQ3iSV6tpaXzmvhL1UXTSrX3iYV1F388qESJKn9Vi8VqFtJs6eC2j1EoiVEBp9LXLP360SyG4dQUNvNpxGUoERzDFrhHyvmDwzTG28I_mvJoV6Sa9yXmxmecyLSAVxYg_3vMPYBj1pwMzLKjpvZzpEs7zzkkooZoURqxo3bfp6yC47s7WDOyD-uva_EJ8iB8pyw70iHZxtM78ltWSG3VM6wXa134yGfixG23dQre9wCT_Cg-wha4TNmT3ZKIv5Rm0J7drKgvfRgIVmO38_dDIgZtre0U0Lg5QppCYhCkIfnZJboydExRsVRJwi-DZN2oRSmSn74hOPSbWZegMmq0eN8UjzS0dcUZVJLKYK6Kir2j_nfvWE00OK5IEhYfCwSy7Lfyp9IG1daInJFLCjWk67VtsBt1-wWJ8NSTT9qOIMNaBIB6cu8giRSfA8OukmnXOo9NnEgRjkA9CPwDzavPaZJOE_sGQ5Ez6aUVUo5S9WWfNdRmqUIF_R51DV9glr2zQboOe3WE=?_z=5305381&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/L0Ulwf96uyeFR6P1yBagK4DyhYiS3nOlG12ApWFSL7EZI9gH5JzdFVmI5pqYSy-LJxwQvRray6TKQnqUAXtkQ3iSV6tpaXzmvhL1UXTSrX3iYV1F388qESJKn9Vi8VqFtJs6eC2j1EoiVEBp9LXLP360SyG4dQUNvNpxGUoERzDFrhHyvmDwzTG28I_mvJoV6Sa9yXmxmecyLSAVxYg_3vMPYBj1pwMzLKjpvZzpEs7zzkkooZoURqxo3bfp6yC47s7WDOyD-uva_EJ8iB8pyw70iHZxtM78ltWSG3VM6wXa134yGfixG23dQre9wCT_Cg-wha4TNmT3ZKIv5Rm0J7drKgvfRgIVmO38_dDIgZtre0U0Lg5QppCYhCkIfnZJboydExRsVRJwi-DZN2oRSmSn74hOPSbWZegMmq0eN8UjzS0dcUZVJLKYK6Kir2j_nfvWE00OK5IEhYfCwSy7Lfyp9IG1daInJFLCjWk67VtsBt1-wWJ8NSTT9qOIMNaBIB6cu8giRSfA8OukmnXOo9NnEgRjkA9CPwDzavPaZJOE_sGQ5Ez6aUVUo5S9WWfNdRmqUIF_R51DV9glr2zQboOe3WE=?_z=5305381&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Cookie: OAID=x0ef873255ps614996876c9w7ssji437
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:27 GMT
content-type: image/gif
content-length: 43
x-trace-id: d5bff3f89785239c2139b10802687866
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=2&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=1020310129&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596429%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112708%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596429&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=2&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=1020310129&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596429%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112708%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596429&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/53473582?wmode=0&wv-part=2&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=1020310129&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596429%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112708%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596429&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7556
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 05 Feb 2023 11:26:28 GMT
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 05-Feb-2023 11:26:28 GMT
last-modified: Sun, 05-Feb-2023 11:26:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75caf9549ac23c827c10d6baabb84884
e8391e4046acb91cd4a6113974fda1c44dcd3865
a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: e3e457e7-b73a-4b5f-a7bb-9a643cde2760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwAv_GI1oAMFbIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcae66-6793e5e054a709881bb2d191;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 06:49:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6LeXkwyELIc_XykRxsfDIBu7Kda_3OHFDiteX0rKwDt-315catmvKw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 47747
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/53473582?wv-check=23583&wv-type=0&wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=329907822&browser-info=we%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/53473582?wv-check=23583&wv-type=0&wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=329907822&browser-info=we%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/53473582?wv-check=23583&wv-type=0&wmode=0&wv-part=1&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=329907822&browser-info=we%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 05 Feb 2023 11:26:30 GMT
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 05-Feb-2023 11:26:30 GMT
last-modified: Sun, 05-Feb-2023 11:26:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=2&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=896395572&wv-type=3&browser-info=we%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=2&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=896395572&wv-type=3&browser-info=we%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/53473582?wmode=0&wv-part=2&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=896395572&wv-type=3&browser-info=we%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 05 Feb 2023 11:26:30 GMT
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 05-Feb-2023 11:26:30 GMT
last-modified: Sun, 05-Feb-2023 11:26:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=3&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=1007650860&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/53473582?wmode=0&wv-part=3&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=1007650860&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/53473582?wmode=0&wv-part=3&wv-hit=374156204&page-url=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&rn=1007650860&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1675596430%3Aw%3A1280x939%3Av%3A960%3Az%3A0%3Ai%3A20230205112710%3Au%3A1675596423411186398%3Avf%3Asm0gggw3usgug1h33hqlj%3Ast%3A1675596430&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4650
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 05 Feb 2023 11:26:30 GMT
access-control-allow-origin: https://adroa.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 05-Feb-2023 11:26:30 GMT
last-modified: Sun, 05-Feb-2023 11:26:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
upgulpinon.com/1?z=5305380
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/1?z=5305380
IP 139.45.197.242:0
GET /1?z=5305380 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:21 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 18eac8f9aa8f14f0dd510f16ec7e3656
access-control-expose-headers: X-Sc
x-sc: Dj9mPt0dCaHH2JKQ-8PkjHILVgLHPQlcKoq59BZtYmmD0i8vuezJy6RjhCjSRIXHsc1K1-Q6xQnvT_dS-Oglm1Qn0Tk=
set-cookie: scm=1; expires=Mon, 05 Feb 2024 11:26:21 GMT; secure; SameSite=None
OAID=3f95872d29ab4b4ab1261fe413d92052; expires=Mon, 05 Feb 2024 11:26:21 GMT; secure; SameSite=None
oaidts=1675596381; expires=Mon, 05 Feb 2024 11:26:21 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/27/843a9f1226eda0484b879504742bc6d9
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/27/843a9f1226eda0484b879504742bc6d9
IP 139.45.197.242:0
GET /27/843a9f1226eda0484b879504742bc6d9 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Cookie: scm=1; OAID=3f95872d29ab4b4ab1261fe413d92052; oaidts=1675596381
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 03 Feb 2023 06:00:36 GMT
expires: Fri, 05 Mar 2083 06:00:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
oaphoace.net/401/5305381
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5305381 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: application/javascript
x-trace-id: ffd10fd2f82a9619f19b034c287bdfda
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=e8ef1f36a27640b8bb0292402be21ff1; expires=Mon, 05 Feb 2024 11:26:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5305380&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=x0ef873255ps614996876c9w7ssji437
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/9?z=5305380&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=x0ef873255ps614996876c9w7ssji437
IP 139.45.197.242:0
POST /9?z=5305380&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fadroa.top%2Fbooks%2Fdetail.php%3Fhash%3D42bbbb05ac699d83977f76478140266e&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=x0ef873255ps614996876c9w7ssji437 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 93
Origin: https://adroa.top
Connection: keep-alive
Referer: https://adroa.top/
Cookie: scm=1; OAID=3f95872d29ab4b4ab1261fe413d92052; oaidts=1675596381
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:23 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://adroa.top
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 5604478eb1f1bfb5e8cd6161f50da65b
access-control-expose-headers: X-Sc
set-cookie: OAID=x0ef873255ps614996876c9w7ssji437; expires=Mon, 05 Feb 2024 11:26:23 GMT; secure; SameSite=None
oaidts=1675596381; expires=Mon, 05 Feb 2024 11:26:23 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.141.224200 OK 0 B IP 172.67.141.224:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:26:22 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:52 GMT
etag: W/"63dd36bc-43b7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2904
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nwahv5qDPbBnpaI2as7WC5q5XOWq8cTEe3LllwvIXj634xhBaC48IDmv719KNXiIUfj6FmvDTiuiYFBI0vSrOEQS%2FPUpe7zv1ZDwZu2MuTwH5HvG9akLwoiuxxWGUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794b4a704c17fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
clicktimes.bid/?pu=gnstiylehe5ha3ddf42tkmq
185.177.94.76200 OK 0 B URL HTTP/2 clicktimes.bid/?pu=gnstiylehe5ha3ddf42tkmq
IP 185.177.94.76:0
ASN #39572 DataWeb Global Group B.V.
GET /?pu=gnstiylehe5ha3ddf42tkmq HTTP/1.1
Host: clicktimes.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adroa.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:26:19 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=1fb160b4-ead8-447c-8f80-4efccc29310e; expires=Tue, 07-Mar-2023 11:26:21 GMT; Max-Age=2592000; path=/; SameSite=None; domain=clicktimes.bid; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2