bobsvagene.club/pics/forbidden-older-family
172.67.144.166301 Moved Permanently 0 B URL HTTP/1.1 bobsvagene.club/pics/forbidden-older-family
IP 172.67.144.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pics/forbidden-older-family HTTP/1.1
Host: bobsvagene.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 08:13:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 09:13:52 GMT
Location: https://bobsvagene.club/pics/forbidden-older-family
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWC6J%2BHqPJy%2FV%2BsL8iV6QVXK3eR5R0OskCJdWHt4KP8h%2B6uibhdI49JPxCXsfOVLDlwbLKhzy4OSfP2hPhgYPwJjr%2F0b9STu4xTy4JIaD0%2BFNkiJpLD%2BZh66ODHCSyC0UjY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c75f06f86b4fa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2164
Expires: Tue, 04 Oct 2022 08:49:56 GMT
Date: Tue, 04 Oct 2022 08:13:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 07:29:42 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c8pykyU-yO6fmsmMk73taMgf2sCW3dUH4p-RMZx73eM5MODp9IYF4w==
Age: 2650
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zn8o4MGNKCCZWe4AquouUOGSgODWm6cJORP3J7CR4OnZUf9HzlHtHw==
age: 9925
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:13:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 08:26:00 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B6CiQTtDqg08T_5QHg2VQYcpz_hQuBbDL9MAPsGbbdzNcM5fTih4dA==
Age: 2659
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4453
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:13:53 GMT
Last-Modified: Tue, 04 Oct 2022 06:59:40 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Oswald&subset=latin%2Clatin-ext&ver=6.0.2
142.250.74.10200 OK 966 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald&subset=latin%2Clatin-ext&ver=6.0.2
IP 142.250.74.10:0
Hash d36435f054fad3522dad6d481bbb503e
eef7cc1caf26bb8e801e60ba6401555467a67b87
8de0291c7235c18066cb8d99305e95553436c20990639c9fe32d098ac2c40b16
GET /css?family=Oswald&subset=latin%2Clatin-ext&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:13:53 GMT
date: Tue, 04 Oct 2022 08:13:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.15.44101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.15.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3ULtN2wRrZW9W0Lu+IUx5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: joLU4qsGqYDfBBPr3Cny7GGMirw=
pfewuzbtkr.com/solid.gif?z=1874232&abvar=0
62.122.171.6200 OK 12 kB URL HTTP/2 pfewuzbtkr.com/solid.gif?z=1874232&abvar=0
IP 62.122.171.6:0
Hash d59fb2d186fc9e0c138571d500cfe432
928ed9b73a3a6634126e2c1aafb4953f9ee8e662
1760bffc1ff8eafafff60d24f8c25d4c8cea0799544eedc0edbd53b764067cdf
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1874232&abvar=0 HTTP/1.1
Host: pfewuzbtkr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:13:53 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.195200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:09:42 GMT
expires: Tue, 03 Oct 2023 21:09:42 GMT
cache-control: public, max-age=31536000
age: 39851
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:13:53 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://bobsvagene.club
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c75fc0c1bb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:13:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://bobsvagene.club
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
limurol.com/ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:13:54 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2210040313ea020892f18849278dd16b50aa; Path=/; Expires=Wed, 04 Oct 2023 08:13:53 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed99f70f6f70dd73982d974d3a0337f5
7bd95ccdd7a681aeb4c629bec5ed508f4245ebcb
bdd95a4891ec394f7fdd0e340d5014034cd9da175f8911f2e195b87fa1604ec9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDD95A4891EC394F7FDD0E340D5014034CD9DA175F8911F2E195B87FA1604EC9"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1362
Expires: Tue, 04 Oct 2022 08:36:36 GMT
Date: Tue, 04 Oct 2022 08:13:54 GMT
Connection: keep-alive
limurol.com/ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:13:54 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22100403133d4117fda3d54addb9dcf769e2; Path=/; Expires=Wed, 04 Oct 2023 08:13:54 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
j7o6wyorw2oq.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 j7o6wyorw2oq.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: j7o6wyorw2oq.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:13:54 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
limurol.com/ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1874232/?pb=7cd021d84add5947b86db408afb0239e1664878433&psp=mlJo1A0_utU8sWXUNEIRT2kMIeET24rYfSuyxpEqRZ7cGlBb3NUqE52Zo5hrH-5epajrTgMAGr5Rfpp8IC1WDMyc60wjteRZQoGQlBiUCI3VotlJpcDJ_N-15lrb8jK_ZNWrGnBpLvKamF9-kY2Z0rvbv9tHh4wbDs2NTzO8e-XMAGIJaNL3gcVk1GRu98s3ZH1Z7YwkQoPvpPdmTvEO_R-efpMhDwMv50Nh_yWVj0uWeU75gkCraa2PTbNYu-vaCdVAbL82bx8hrLPyahuy-CoMqtGS6XC-94cSu4uxvLMZ9OTdNccSzdzQZqrZ5ilzoBLFiJz7L0D1Ux9jdCybNDNkd7AztRnmL4omQmToRwnGo2svPCJeKbb_0TvmKXGHMcy_73Oe5g3vTSdlnuqQHOAO0faci6ydmyYhcDB0i5kZNmr9TjI418hrcsZFAV0-5DPE9437a1pQCsDPXh2ilyzmR0H6-D_f2ERezU0UzCN2qNDnvlrROsUGejissJEeCUcof5tLN_xduYxMWXcRr3WIrJssW9HEZKI8gqkDA9LXF3JaxEk169uncDQX9Mj025XJf_YHtori1WqnAW0FgvxXUpKOhUIJsJogOZjx17lHqd2DIuxTyqjqMTsPLkRO2dH65O1DA1DuRQ==&cb=_clsy2ahtrc7j0v43wg2lne&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Cookie: UID=2210040313ea020892f18849278dd16b50aa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:13:54 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 170 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash cc944f92ad62ef3706a24699bd949881
6791fce2e52c9cc4ec7926d09401e13f81946b7b
a3f9e4d9507938ef52d9b73d175b775e2c18a277d1a9c3d4b31e90775b9e105f
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1851
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:13:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://bobsvagene.club
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20132
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:13:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20132
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:13:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20132
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:13:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20132
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:13:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 12663
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59c6121e6f6cb833939e12585aca131e
5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df
88b8a458ad437bf40d154b21d844ba56530ae05c2f42b417cfb0e6cffcb294e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 35cc0acc-ac90-4f36-a976-c61c34cfe4fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqNXG3mIAMFujg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5722-112061742493dd5255c3fb00;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XKgAjOSBnAxpQtL7a0q2jUDfpzjybydP2ZBV7J1ypKVeuMdAzl-MXg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 37774
etag: "5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 37774
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5745f8e3528f481ae2acf05b4abd3d0
d830b94bea3b5698e5192a7ea05f90b25b2f9cc9
313e11915f0869a608c830637b9dfd236ff28a8fb3354c3cc8748816b0ee18b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481896f6-cdf2-442f-aea2-dfa2c7c45f77.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8738
x-amzn-requestid: ede4db78-f2ab-4226-a855-dc7373978dfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTFrBoAMFR3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-2776543e774f0016329ddade;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nKHkVE65lTlwb2EAe8mhhOmwqoTXGDOcWQu-RS1K2fMRV2_l7HT1IA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 37774
etag: "d830b94bea3b5698e5192a7ea05f90b25b2f9cc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34f2dfb2faff276db1d4a57739db2450
f5ce815082043a4efce28fc790ae7d8b3a8531f8
e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZFVTt0eV3kpIaS4KAIZlgaTJxHb2hPxyP4BBRAZCE-cCAWJM44fZxw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:38:28 GMT
age: 34526
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 37774
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b1914e702d9edf1b2f241cadd82026a
11d8599b1ffb646583ea9c2e58527a62099b9aca
a981de3a5425beba86b32a0900cd71c7fae780de6424d6789a57889ca91fac6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A981DE3A5425BEBA86B32A0900CD71C7FAE780DE6424D6789A57889CA91FAC6F"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1338
Expires: Tue, 04 Oct 2022 08:36:12 GMT
Date: Tue, 04 Oct 2022 08:13:54 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5620fb4e97b2ddc604d5e267a9b91b4e
f9e5a57c04400b37561cfeebea00f4de59cd143d
4e17e21e34225c010168c3c18663736072daebe8c5fb6f38c288b0e0a4936c7e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:13:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 13:12:44 GMT
Expires: Sat, 08 Oct 2022 13:12:43 GMT
Etag: "f9e5a57c04400b37561cfeebea00f4de59cd143d"
Cache-Control: max-age=362928,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c76019d54fac0-OSL
j7o6wyorw2oq.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 j7o6wyorw2oq.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: j7o6wyorw2oq.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:13:54 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
blockadsnot.com/NV.html?_=BAYAYzvrQgFjO-tCgAGBAsAAIM8w8zRrTDWh8hbBhU86T-SPbPm_oFL6KjNptVoLl7VBwQBGMEQCIFGHf7PGMKel8b1hTTIReESOryTFFIldVmshI96J3A6uAiBKuuX6lLZyCRm73rusLy5BKQYQaaOH4RuYJF23N8KU_A&v=4&gkMvPXFW=4681082&nSiQFUhy=&OXSPkrEa=0,0&tGUMWIav=&ZegvCHDX=&s=1280,1024,1,1280,1024,0
208.95.112.254200 OK 835 B URL HTTP/2 blockadsnot.com/NV.html?_=BAYAYzvrQgFjO-tCgAGBAsAAIM8w8zRrTDWh8hbBhU86T-SPbPm_oFL6KjNptVoLl7VBwQBGMEQCIFGHf7PGMKel8b1hTTIReESOryTFFIldVmshI96J3A6uAiBKuuX6lLZyCRm73rusLy5BKQYQaaOH4RuYJF23N8KU_A&v=4&gkMvPXFW=4681082&nSiQFUhy=&OXSPkrEa=0,0&tGUMWIav=&ZegvCHDX=&s=1280,1024,1,1280,1024,0
IP 208.95.112.254:0
File type ASCII text, with very long lines (1168), with no line terminators
Hash 148aab3ee81b4f143ad33ccbe2fa2966
fb26035bd1053b4942babbb9cf508b6377b1b3b5
4e937e20d50cc79d5d75bfed3619a22c89aba0ac051b8820860ee677d99d854f
GET /NV.html?_=BAYAYzvrQgFjO-tCgAGBAsAAIM8w8zRrTDWh8hbBhU86T-SPbPm_oFL6KjNptVoLl7VBwQBGMEQCIFGHf7PGMKel8b1hTTIReESOryTFFIldVmshI96J3A6uAiBKuuX6lLZyCRm73rusLy5BKQYQaaOH4RuYJF23N8KU_A&v=4&gkMvPXFW=4681082&nSiQFUhy=&OXSPkrEa=0,0&tGUMWIav=&ZegvCHDX=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Tue, 04-Oct-2022 09:13:55 GMT; Max-Age=3600
fraudcheck=68e3a710df1345779e49759d97739249; expires=Thu, 03-Nov-2022 08:13:55 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Tue, 04-Oct-2022 14:13:55 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 835
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 08:13:55 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47572f504bb62a1762471a3f9447650f
fa988ff02b3586596f821150521a3084f3bf042c
f0b6b2a70c44025a84cc30fd6eccd1786bc9cd5719660ddb479a82fd8f510d43
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0B6B2A70C44025A84CC30FD6ECCD1786BC9CD5719660DDB479A82FD8F510D43"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2903
Expires: Tue, 04 Oct 2022 09:02:18 GMT
Date: Tue, 04 Oct 2022 08:13:55 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47572f504bb62a1762471a3f9447650f
fa988ff02b3586596f821150521a3084f3bf042c
f0b6b2a70c44025a84cc30fd6eccd1786bc9cd5719660ddb479a82fd8f510d43
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0B6B2A70C44025A84CC30FD6ECCD1786BC9CD5719660DDB479A82FD8F510D43"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2903
Expires: Tue, 04 Oct 2022 09:02:18 GMT
Date: Tue, 04 Oct 2022 08:13:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash edec9323540293b99ece306037d35de7
e7540f9962a6c7ee91168eee1e0fe343d5f5406e
5cf16c168d74a28dc30c0edf93edd09366a8c8609ac36e352e056580f7b24a20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CF16C168D74A28DC30C0EDF93EDD09366A8C8609AC36E352E056580F7B24A20"
Last-Modified: Mon, 03 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12189
Expires: Tue, 04 Oct 2022 11:37:04 GMT
Date: Tue, 04 Oct 2022 08:13:55 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:07:03 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 945163889
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
adserver.juicyads.com/js/jads.js
185.94.237.101200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/js/jads.js
IP 185.94.237.101:0
File type ASCII text, with very long lines (3769), with no line terminators
Hash 65b1efdf55163b144c5018b8772765ad
509de5f40450f3cf05e0d8d1b939fed2bbb11cbe
cf23ab637d84de0eb1c1e67764e05ca0aa140e6ee932a60700fc35661644ee48
GET /js/jads.js HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 08:13:55 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 07 Jul 2022 14:07:12 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62c6e890-eb9"
Content-Encoding: gzip
s4.histats.com/stats/0.php?4210536&@f16&@g1&@h1&@i1&@j1664871235081&@k0&@l1&@mForbidden%20Older%20Family%20-%20Bobs%20and%20Vagene&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:15846242&@b3:1664871235&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbobsvagene.club%2Fpics%2Fforbidden-older-family&@w
192.99.0.58200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?4210536&@f16&@g1&@h1&@i1&@j1664871235081&@k0&@l1&@mForbidden%20Older%20Family%20-%20Bobs%20and%20Vagene&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:15846242&@b3:1664871235&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbobsvagene.club%2Fpics%2Fforbidden-older-family&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash a83158085a9f2eb04502c35f9e2d7e75
652def7630d965f6caf1c3ffdf05fd16d7da6881
c7ac318d0ea060ea261db6c3cd7906a4fd6f83398bcedde26e42212df1fc85ba
GET /stats/0.php?4210536&@f16&@g1&@h1&@i1&@j1664871235081&@k0&@l1&@mForbidden%20Older%20Family%20-%20Bobs%20and%20Vagene&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:15846242&@b3:1664871235&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbobsvagene.club%2Fpics%2Fforbidden-older-family&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:13:55 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
adserver.juicyads.com/adshow.php?adzone=735814
185.94.237.101200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=735814
IP 185.94.237.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1386), with CRLF, LF line terminators
Hash 5bb87aeaf9d538ba903bcf85ff20d0dc
25b99d978e310d009f7fbce421991c61882f1d91
ad55a5ea049c74928be6b7538189893d5a1f02b6c800210b047de361dbf2e988
GET /adshow.php?adzone=735814 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 08:13:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=340483f21176d57dad87007dccfcc1d0; expires=Wed, 04-Oct-2023 08:13:55 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
imps61=1; expires=Wed, 05-Oct-2022 08:13:56 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YToxOntpOjExOTY5Njc7aToxNjY1MTMwNDM1O30%3D; expires=Fri, 07-Oct-2022 08:13:55 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 07-Oct-2022 08:13:55 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
ads.juicyads.me/1x1.gif
69.16.175.42200 OK 43 B IP 69.16.175.42:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:13:57 GMT
etag: "1457030838"
cache-control: max-age=22354029
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1664871237.dop224.sk1.t,1664871237.cds251.sk1.hn,1664871237.cds217.sk1.c
X-Firefox-Spdy: h2
ads.juicyads.me/network/user1037/131-1573234879-0208013001573234879.gif
69.16.175.42200 OK 45 kB URL HTTP/2 ads.juicyads.me/network/user1037/131-1573234879-0208013001573234879.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 728 x 90\012- data
Hash d76d15d695c0be28cd2a89cd7bc9371a
e41dc114ca9c7c8790842c37980be6e5930d281d
dc4bdcd1e8abf09755dbb252018944d78619d6619e0fb88103596b614887fbdb
GET /network/user1037/131-1573234879-0208013001573234879.gif HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:13:57 GMT
etag: "1573234879"
cache-control: max-age=26979048
content-length: 45383
content-type: image/gif
last-modified: Fri, 08 Nov 2019 17:41:19 GMT
accept-ranges: bytes
x-hw: 1664871237.dop224.sk1.t,1664871237.cds251.sk1.hn,1664871237.cds220.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 168bbcb27009ac170d9016006024c57d
4b388270f736034f8292716152a6cd3595bfd51a
46690a2a1adbce63066a97071d33efe07c04ccd6ef7f89f8e4b257e004be1a39
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46690A2A1ADBCE63066A97071D33EFE07C04CCD6EF7F89F8E4B257E004BE1A39"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Tue, 04 Oct 2022 09:05:57 GMT
Date: Tue, 04 Oct 2022 08:13:57 GMT
Connection: keep-alive
d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499395:6,1499394:2,1187345:1,1132854:1,1499366:1&isct=1664669099&rfrr=https://bobsvagene.club/pics/amazon-jungle-tribes-sex/?s=Amazon%20Jungle%20Tribes%20Sex&iscs=NThmMWE2YjU4MjRhMDA0MGI0ZDU0YWRjNWIwMmRhZjliYWZmYjllNDAyOTAyYThmNGExOWI0ZTFjZjEyODdmN3wwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgNC40LjI7IFJDVDYyMDNXNDYpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84MS4wLjQwNDQuMTM4IFNhZmFyaS81MzcuMzZ8Mjk1OTY2fDE2NjQ2NjkwOTl8aWJhSFIwY0hNNkx5OWliMkp6ZG1GblpXNWxMbU5zZFdJdmNHbGpjeTloYldGNmIyNHRhblZ1WjJ4bExYUnlhV0psY3kxelpYZ3ZQM005UVcxaGVtOXVKVEl3U25WdVoyeGxKVEl3VkhKcFltVnpKVEl3VTJWNA==&width=730&reqc=1&ver=ea497da639218990.1664669099352&page=aHR0cHM6Ly9ib2JzdmFnZW5lLmNsdWIvcGljcy9mb3JiaWRkZW4tb2xkZXItZmFtaWx5
23.235.244.224200 OK 42 kB URL HTTP/1.1 d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499395:6,1499394:2,1187345:1,1132854:1,1499366:1&isct=1664669099&rfrr=https://bobsvagene.club/pics/amazon-jungle-tribes-sex/?s=Amazon%20Jungle%20Tribes%20Sex&iscs=NThmMWE2YjU4MjRhMDA0MGI0ZDU0YWRjNWIwMmRhZjliYWZmYjllNDAyOTAyYThmNGExOWI0ZTFjZjEyODdmN3wwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgNC40LjI7IFJDVDYyMDNXNDYpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84MS4wLjQwNDQuMTM4IFNhZmFyaS81MzcuMzZ8Mjk1OTY2fDE2NjQ2NjkwOTl8aWJhSFIwY0hNNkx5OWliMkp6ZG1GblpXNWxMbU5zZFdJdmNHbGpjeTloYldGNmIyNHRhblZ1WjJ4bExYUnlhV0psY3kxelpYZ3ZQM005UVcxaGVtOXVKVEl3U25WdVoyeGxKVEl3VkhKcFltVnpKVEl3VTJWNA==&width=730&reqc=1&ver=ea497da639218990.1664669099352&page=aHR0cHM6Ly9ib2JzdmFnZW5lLmNsdWIvcGljcy9mb3JiaWRkZW4tb2xkZXItZmFtaWx5
IP 23.235.244.224:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5788ef3daaf052c0917c6242c2b58c28
860ab5be4248f954ac687ba469035f230ff70c75
b2b045f67c957ef04a61a74c4f0f5ba93eaec8e931b1195b407996008426ada1
Analyzer Verdict Alert quad9 Sinkholed
GET /d/?resource=bundler&nada=1&widgets=1499395:6,1499394:2,1187345:1,1132854:1,1499366:1&isct=1664669099&rfrr=https://bobsvagene.club/pics/amazon-jungle-tribes-sex/?s=Amazon%20Jungle%20Tribes%20Sex&iscs=NThmMWE2YjU4MjRhMDA0MGI0ZDU0YWRjNWIwMmRhZjliYWZmYjllNDAyOTAyYThmNGExOWI0ZTFjZjEyODdmN3wwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgNC40LjI7IFJDVDYyMDNXNDYpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84MS4wLjQwNDQuMTM4IFNhZmFyaS81MzcuMzZ8Mjk1OTY2fDE2NjQ2NjkwOTl8aWJhSFIwY0hNNkx5OWliMkp6ZG1GblpXNWxMbU5zZFdJdmNHbGpjeTloYldGNmIyNHRhblZ1WjJ4bExYUnlhV0psY3kxelpYZ3ZQM005UVcxaGVtOXVKVEl3U25WdVoyeGxKVEl3VkhKcFltVnpKVEl3VTJWNA==&width=730&reqc=1&ver=ea497da639218990.1664669099352&page=aHR0cHM6Ly9ib2JzdmFnZW5lLmNsdWIvcGljcy9mb3JiaWRkZW4tb2xkZXItZmFtaWx5 HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 08:13:58 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"1ada9-l6nM1AZs2jxY9RA01QVSW1nRMNQ"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bobsvagene.club
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd40c1eba2ae2b6544640f2b6b050e26
bcee1c2a58333ea773d3e28e6e7b0eb9ff3d5388
b70232e87520e635189b3861ffa3900450a058ac42a8f971ae2276e4a5fc9458
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B70232E87520E635189B3861FFA3900450A058AC42A8F971AE2276E4A5FC9458"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1304
Expires: Tue, 04 Oct 2022 08:35:42 GMT
Date: Tue, 04 Oct 2022 08:13:58 GMT
Connection: keep-alive
s.pssy.xyz/prplugs/0/1227009/240x180.jpg
104.21.69.85200 OK 19 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1227009/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash 6ae5a187fdf5e19e561cb969876d7c26
90a3b0c276b1edd6aa4bbfdfc3472b63f68a4310
d698158b08a9fcc4991f688dcbdcbabea88a7c8be88c494617a0938262c7b793
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1227009/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:13:58 GMT
content-type: image/jpeg
content-length: 19085
last-modified: Mon, 03 Oct 2022 18:56:37 GMT
etag: "633b3065-4a8d"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFbMzyCZ1No85uGOoXugPRsRgauM1lTFvE%2Bgm5Bdaz6RRBrKXU6Tcy19sDm0iXhRhHXcfIv%2B0Ldi4ZdvO%2B9P8hMb4C7SzBNKzte2uldEDPOHbIUe1BfPJCxbQ2wO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c76196def0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.pssy.xyz/prbanners/2019/03/29/KtMS3Ui41xw9NUALEtNKcp7wnR2h2F.jpeg
104.21.69.85200 OK 36 kB URL HTTP/2 s.pssy.xyz/prbanners/2019/03/29/KtMS3Ui41xw9NUALEtNKcp7wnR2h2F.jpeg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 728x90, components 3\012- data
Hash fc5e89b16857dbaa50e987265c179fe9
a2c6121aa02473d8117eea7d117ebfedc32f32ef
1a7a2938b7667a1b90b41eb7c35c9630034cb624c2446240be504477bf068469
Analyzer Verdict Alert quad9 Sinkholed
GET /prbanners/2019/03/29/KtMS3Ui41xw9NUALEtNKcp7wnR2h2F.jpeg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:13:58 GMT
content-type: image/jpeg
content-length: 35890
last-modified: Fri, 29 Mar 2019 12:44:01 GMT
etag: "5c9e1311-8c32"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3502
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdyQ0B7Xv%2FBMSajUk6l9y9BqXjnaxlAxd5aCWOoitYmCi2awYk8qSjvtTEGnQMhlo9LV%2BmCalZbQeZ9YynJLCA3bnGGdOHmVC5uhbX8z4QAtGRqhd7NYhfh7XXgz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c76197e140b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
192.0.77.48200 OK 314 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (314), with no line terminators
Hash 6201ff6add4821014e02cfc1bc82fc95
afd344621ef88b39f6e7013b7ce4765d67892315
5f70fb8150f0a1f184b40f86d012db040d229056b9b0d8c681f08987cb124e5f
GET /images/core/emoji/14.0.0/svg/1f514.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:13:58 GMT
content-type: image/svg+xml
content-length: 314
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd40c1eba2ae2b6544640f2b6b050e26
bcee1c2a58333ea773d3e28e6e7b0eb9ff3d5388
b70232e87520e635189b3861ffa3900450a058ac42a8f971ae2276e4a5fc9458
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B70232E87520E635189B3861FFA3900450A058AC42A8F971AE2276E4A5FC9458"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18620
Expires: Tue, 04 Oct 2022 13:24:18 GMT
Date: Tue, 04 Oct 2022 08:13:58 GMT
Connection: keep-alive
d.pssy.xyz/t.php
23.235.244.224200 OK 20 B IP 23.235.244.224:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert quad9 Sinkholed
GET /t.php HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 08:13:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: guid=cffb857a-7f32-45e7-a56b-665a2439a723; expires=Wed, 04-Oct-2023 08:13:58 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
Access-Control-Allow-Origin: *
Content-Encoding: gzip
d.pssy.xyz/d/n/iframe?domain=bobsvagene.club&id=1499366
23.235.244.224200 OK 1.7 kB URL HTTP/1.1 d.pssy.xyz/d/n/iframe?domain=bobsvagene.club&id=1499366
IP 23.235.244.224:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 4964c3dcf09da2584c86086015ffeedc
29970d8b1913f0aa31ee57427dda6aa117b31fc1
e94a2c888a7a01a5084813e7d7bb5926bad601501729792a7cfcfb43d641c16c
Analyzer Verdict Alert quad9 Sinkholed
GET /d/n/iframe?domain=bobsvagene.club&id=1499366 HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 04 Oct 2022 08:13:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"148b-iScGFSW8G5XgXf7iWEVmkYkgSzM"
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
pfewuzbtkr.com/t/9/fret/meow4/1874232/800ac2e5.js
62.122.171.6200 OK 0 B URL HTTP/2 pfewuzbtkr.com/t/9/fret/meow4/1874232/800ac2e5.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /t/9/fret/meow4/1874232/800ac2e5.js HTTP/1.1
Host: pfewuzbtkr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:13:53 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 14:00:58 GMT
vary: Accept-Encoding
etag: W/"6333021a-10a29"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
free-cosmetics-online.com/favicon.ico
104.21.23.47404 Not Found 0 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 104.21.23.47:0
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 04 Oct 2022 08:13:55 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 45
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFMElNTiVwDA55Ha%2BXOXGjxCtMxoi8%2Fc5wXxKv2hCgCUQpTVd47Et0UhMVa79eHyvXrQ%2FVYY8YxsHT51J4vwsWft2D1RJ6BOtBgO%2BHBxWVyPHjwE2LK4WLzIQVnkvjRiX%2FocuPCrzFg6PSZ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c76041f23b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=446433y2r256s2o2p2b43354&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23bobsvagene
143.204.55.12200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=446433y2r256s2o2p2b43354&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23bobsvagene
IP 143.204.55.12:0
GET /jp.php?c=446433y2r256s2o2p2b43354&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23bobsvagene HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Tue, 04 Oct 2022 07:59:25 GMT
expires: Tue, 04 Oct 2022 08:14:25 GMT
pragma: cache
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JzmvjT-Hs3xAot42o0GPfH1eTmw5DZK_nn0pAZ4sYq4A0VNrHHRiRw==
age: 868
X-Firefox-Spdy: h2
www.blockadsnot.com/js-joda.min.js
185.76.9.14200 OK 0 B URL HTTP/2 www.blockadsnot.com/js-joda.min.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /js-joda.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bobsvagene.club
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:13:53 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Fri, 07 Oct 2022 20:38:51 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1665175131
server: CDN77-Turbo
x-77-nzt: AblMCQ3pT2n/ZpcEAA
x-77-nzt-ray: aHnSmpMCYxM
x-cache: HIT
x-age: 300902
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
pfewuzbtkr.com/get/1874232?zoneid=1874232&jp=_clyuzjx1s9dfmu4xla97vf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=953533931306181
62.122.171.6200 OK 0 B URL HTTP/2 pfewuzbtkr.com/get/1874232?zoneid=1874232&jp=_clyuzjx1s9dfmu4xla97vf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=953533931306181
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1874232?zoneid=1874232&jp=_clyuzjx1s9dfmu4xla97vf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=953533931306181 HTTP/1.1
Host: pfewuzbtkr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:13:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2210040313ed714eb1ef04486a8f9857bf31; Path=/; Expires=Wed, 04 Oct 2023 08:13:53 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bobsvagene.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:13:53 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 04 Nov 2022 08:13:53 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 1591745
vary: Accept-Encoding
server: cloudflare
cf-ray: 754c75fb0e83b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bobsvagene.club/pics/forbidden-older-family
172.67.144.166200 OK 0 B URL HTTP/2 bobsvagene.club/pics/forbidden-older-family
IP 172.67.144.166:0
GET /pics/forbidden-older-family HTTP/1.1
Host: bobsvagene.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:13:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-edge-cache: cache,platform=wordpress
x-elasticpress-query: true
link: <https://bobsvagene.club/wp-json/>; rel="https://api.w.org/"
x-fastcgi-cache: BYPASS, BYPASS
frontcache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0K29A%2F2GejtKTEXnzvWmZcGL3lwG%2BJFh1gmN4QbtwUPJwymMoUpU9L7L4peIxWRUXOGN9EYNUeTis43Td%2Fc3t7CyS%2B%2B8sRuMMfQcj1gccsrMWeMzjADU1Fsr6npGxXwa%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754c75f27a62b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2