surefap.org/publisher/shia
172.67.191.234301 Moved Permanently 0 B URL HTTP/1.1 surefap.org/publisher/shia
IP 172.67.191.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /publisher/shia HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50; path=/
Location: http://surefap.org/publisher/shia/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UR%2B942quYeaFKLqcld6BpzBNRmzv%2BEBfBvqBFxjpc%2BJxD6oQ1sD0HQJ%2FNbYC5WEkOZOhCIxswByJGW80PlhduFL1NfO%2B7sA%2Bf5LMFI6BjDEyJhGHscZXv3zUtUSGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7730de5cfc06b50c-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6854
Expires: Fri, 02 Dec 2022 05:04:31 GMT
Date: Fri, 02 Dec 2022 03:10:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3492
Cache-Control: max-age=116347
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:17 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:29:24 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4772
Expires: Fri, 02 Dec 2022 04:29:49 GMT
Date: Fri, 02 Dec 2022 03:10:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fr9ZGBcxF83+yQM1CLbwuDqTVGmMyu+S31UgGum7ZP5lk5mMBGIyvHscYhOfkPRI80P3I4bNHkdpun8Ur9UtNg==
x-amz-request-id: A8ZA0QGYMK33QR5P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 02:46:32 GMT
age: 1425
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 02:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3027
alt-svc: clear
X-Firefox-Spdy: h2
surefap.org/publisher/shia/
172.67.191.234200 OK 20 kB URL HTTP/1.1 surefap.org/publisher/shia/
IP 172.67.191.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1834), with CRLF, LF line terminators
Hash 493fdd817a17fb3c54c5189c8d5f539d
52e56ee0022850b2a9256530312b5da34fcb1047
1f3f9163efcd9ffd2a106827c6b0ce40f602c0acc13d5f3bc0644496651c657f
Analyzer Verdict Alert fortinet Malware
GET /publisher/shia/ HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <http://surefap.org/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLcdLBIawMDlauu5BRV%2ByVMMGEnV0AYhrhqddD6%2BzLxaJMK6G%2FTeC9b8gvAHWD%2FKrHvypIXrXI99lDvE9eYCdomcwjRbpISHezJntX7F2Bk8Q2QrLvjYwGYPSgpL3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7730de5dfc4fb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
surefap.org/wp-content/themes/FinanceDesk/lib/css/reset.css
172.67.191.234200 OK 626 B URL HTTP/1.1 surefap.org/wp-content/themes/FinanceDesk/lib/css/reset.css
IP 172.67.191.234:0
File type ASCII text, with CRLF line terminators
Hash 10cbc450720b6e3661dc14177f6095bb
6898cb7b1725a4224a6e7fc6cfcf8dc634065608
2ee55a9a2b2f25dfbad0725e2b44a5ea758516c8589f2f0c2fe8c946287407af
GET /wp-content/themes/FinanceDesk/lib/css/reset.css HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:47:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlEKEu%2FCkEOqQjyyMZuefzoQiK%2BjEOkMt0PaFP82yxcemYDTGHtZoqPXvLrHMJmQEFDcfwtdgrO%2FlQzWvp4JfzZYGXB6AyoTHR4%2FGkcEVAPuCsOdVT8w0faOenwZ2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f6cafb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/themes/FinanceDesk/lib/css/defaults.css
172.67.191.234200 OK 1.6 kB URL HTTP/1.1 surefap.org/wp-content/themes/FinanceDesk/lib/css/defaults.css
IP 172.67.191.234:0
File type ASCII text, with CRLF line terminators
Hash 3fcb0d88088f0e55c490573d9283c88a
6cfae6065bab40117fd241c536630c1c934c033c
1f91f493e9731afedede6c0626959993538cf13569434c5d0639273886b04075
GET /wp-content/themes/FinanceDesk/lib/css/defaults.css HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:47:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1wanFIi7nVgEOtdc0I4AQxpD4V1v5La8x6zZBQ60ZS%2FDhgdU10C2WYm4f%2FL49JyNOZa4f3P%2B3vt4XubFy6%2Fyr0cNL6p5MwcT5aqRo%2Bx8Afg0sRB1ESMhOfg35l8tw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f6a16b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-includes/css/dist/block-library/style.min.css?ver=5.0.16
172.67.191.234200 OK 4.3 kB URL HTTP/1.1 surefap.org/wp-includes/css/dist/block-library/style.min.css?ver=5.0.16
IP 172.67.191.234:0
File type ASCII text, with very long lines (25658), with no line terminators
Hash acceec62f949a07f1d1e07d4e88c0b76
b19d22f7b838357798be6a17ad9f30b4f114c41e
bbed1144be64bc962ce6ae0e94a8176e566ce7b3bfea999419de8da948b97219
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.0.16 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Oct 2021 05:21:15 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVPAJoWNPbjGU98hQHgyuGUpWQx9uRNU8nK2n6aTKWaiCkwuATRm50JUGhtJ2sWWDlCiF8o0qj04qmhsYReVp0aF1OLsTMQYTeUZo7OhzT%2FRoq3X8tG5Cd%2BuKl5DFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f6a74b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/plugins/contextual-related-posts/css/default-style.css?ver=5.0.16
172.67.191.234200 OK 521 B URL HTTP/1.1 surefap.org/wp-content/plugins/contextual-related-posts/css/default-style.css?ver=5.0.16
IP 172.67.191.234:0
Hash 2291cad033de47da5bf45d44d3fb1c09
ef8ed11bba4cd1b1f649bbd3d64f79f1702e0851
a67c9a95aebe4a4dd8839404fdd77a4ee64f7a65e5859a1dd2255379ddf80235
GET /wp-content/plugins/contextual-related-posts/css/default-style.css?ver=5.0.16 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:42:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPBSnFGLqt02qSKZ%2Bxg%2BVKIJvYhRyfwfM3E3X9gF4FkqlAIhXPvkAz8QJBBaUMN4vGL5fZeVbqIqIM6btIZmhpX641Zw9A9czgm9a5ppM0QKUkmGLOpnLyQjNANP1g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f6cbab511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/themes/FinanceDesk/style.css
172.67.191.234200 OK 6.7 kB URL HTTP/1.1 surefap.org/wp-content/themes/FinanceDesk/style.css
IP 172.67.191.234:0
Hash 8754f3c381e72b8d256a0f26b09663e1
3c89aea4ebfadeb9791f9fe7fbe37d57952b3899
f70001c43657a392df622ad888a4cb3a62b4599fac8c6bfba3dd1a365be05646
GET /wp-content/themes/FinanceDesk/style.css HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 13 Feb 2021 23:55:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmAxBk9icgziC1oBky8usVR9MsJWyyI9czycuErJ7jFL9KsUjwVVbFc3YEV1b5xm8opKOhtdp1aqgyvNb6IWuLU1klKEPVrIsR%2FfkfQuD4jDQO%2Faypwao8pnKfBmIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f691db503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/plugins/wp-postratings/postratings-css.css?ver=1.82
172.67.191.234200 OK 433 B URL HTTP/1.1 surefap.org/wp-content/plugins/wp-postratings/postratings-css.css?ver=1.82
IP 172.67.191.234:0
Hash c459cce9b7bfe8874065f27071c0fa5d
9c48040bd8aed19832c1c6093ddb4d4adef71bda
6b41fda0c20e0aa799c788122491afb3ac541bbe574f4e492d13168a8b2d42ad
GET /wp-content/plugins/wp-postratings/postratings-css.css?ver=1.82 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:42:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eu%2FaZCuEtAsvu2vCZZBi03oj8CGqBonYWjB5naakpi6%2BYhSaMSdGNBY%2BYzBP3ELB%2BJd9Llo5KDZTYvKNvBRiXuZN%2FUD6HJRuVQtuHY7uwwK4GxYUhffO2M9CD%2BrE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f6b24b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/plugins/wp-pagenavi-style/css/css3_blue_glossy.css?ver=1.0
172.67.191.234200 OK 464 B URL HTTP/1.1 surefap.org/wp-content/plugins/wp-pagenavi-style/css/css3_blue_glossy.css?ver=1.0
IP 172.67.191.234:0
Hash e4a982df8ef82dfca6e739af2f2c70c9
0ec97ae743cb03849eee9c6f1c0539eec7c737ac
c9f369c77f62349d1a42f1e9ed7b3bd82c29ac23a13cda519eb9cb79689271a9
GET /wp-content/plugins/wp-pagenavi-style/css/css3_blue_glossy.css?ver=1.0 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:42:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rewuJZ2rKNkwyEqhgbRemfeOUDtdqgla%2FuLsdtkHtHGfiY8yO0k8015At%2FxG3P7XNbwW2Zza1wTbxussks3Gf0qUsBLR0YGGnz5HR41aLRNDkYiHmOPuGGUChxksiw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f7a22b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-includes/js/swfobject.js?ver=2.2-20120417
172.67.191.234200 OK 4.0 kB URL HTTP/1.1 surefap.org/wp-includes/js/swfobject.js?ver=2.2-20120417
IP 172.67.191.234:0
File type ASCII text, with very long lines (10082)
Hash ec17f8a80c23d0b8fc814fcbdb52653e
512c64d495ed700b16d5ccd79a753dd8cfd118e4
883e795f544da6c4b3b39643b9c84aa49d86f0bdeb511de4a790f63152fd89e8
GET /wp-includes/js/swfobject.js?ver=2.2-20120417 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Oct 2021 05:21:15 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RF0EZKIF5jagRtDrzHqzHKoDDuL9diVRMPvYR5ckFwcZDhdyNeUKDWY4mMJatakZ7lJQGPPi0UogBO0o39Zh3L2k5dDzf%2BmjiKccyHePRkEgP9zx2uRYyped%2F4W2oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f7a8fb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/themes/FinanceDesk/lib/js/superfish.js?ver=5.0.16
172.67.191.234200 OK 1.5 kB URL HTTP/1.1 surefap.org/wp-content/themes/FinanceDesk/lib/js/superfish.js?ver=5.0.16
IP 172.67.191.234:0
Hash 25aa569c7f711ada9d6e2d53888787d5
efeed42559ac63fb8c838ca00aaf15b119326cf8
6cbf802b3cf18423a6fcf3fe7db891d5be3118ad79f975e33b16b932c8ac093d
GET /wp-content/themes/FinanceDesk/lib/js/superfish.js?ver=5.0.16 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:47:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stoEgyuR9dVrD9tjxZGU4bnM0K2AjpCJH%2BKVzmWiQBfuH7oqU6pyzxXieKKS98XRlZM9O9C2Y4%2FT509t%2F%2BAkpWy5C9McsQ3nBW0Kg8s%2BszebCiThGdFwRfaOVOtqHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f7b27b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
172.67.191.234200 OK 4.0 kB URL HTTP/1.1 surefap.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 172.67.191.234:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Oct 2021 05:21:15 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FdzpmhNUxeKOAyBaog4vgEL1PgTRpbuvYVvHWMnU1qWSjmGr8B0ujyybHz5tfXtQzKo81aqPpuwux%2BVfCCal5N9RaTKK8ennhz4lSM5XNpq4UQYBsKnh10%2BkyIjvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f7928b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
172.67.191.234200 OK 34 kB URL HTTP/1.1 surefap.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 172.67.191.234:0
File type ASCII text, with very long lines (31997)
Hash 9805483db0b3d5fd0639186799348f34
eb28f7ec752038cbd9425c66b54c339ad1236695
9dca4af372f7b1d8d1af5a3c18ed6a827e4f8f358e8404b64fa7a2ff961b5c60
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 23 Apr 2022 13:01:19 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13t4ujtxbLOfYd8uOmAsT9n2FW%2FBCcFzjkulDeK9HeKLWwTqJ8LyUuCKivrPFB9jusZQRkUoTbXmqI7jJqT%2BkBymmBzeFOe1IPJ0TnH8eICCfupJ8CUqDawmyJhEJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f7cbcb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/themes/FinanceDesk/lib/js/jquery.mobilemenu.js?ver=5.0.16
172.67.191.234200 OK 831 B URL HTTP/1.1 surefap.org/wp-content/themes/FinanceDesk/lib/js/jquery.mobilemenu.js?ver=5.0.16
IP 172.67.191.234:0
Hash e9dddc3f35ae0107e1cf0cf680a251a7
26e702e6ed363dbd7508cdfaebfb3c37b51e966b
3c114642de150576617c3e8c9a5ca94d0f351e0d653a069bb269c444fdf80bfd
GET /wp-content/themes/FinanceDesk/lib/js/jquery.mobilemenu.js?ver=5.0.16 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:47:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNn4DY9Q8RZLDXU3%2B2QBUrH9UPA2oyUrdOVz6ZKPyDV%2BaYo4p1nkajOtR6H913%2BZnIPzGkY6m7fyShIJLGFYnJO520JCLMbn9nstwpZ7gUPKGa7e0RXd5LbM9oqjHw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f8a27b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-includes/js/hoverIntent.min.js?ver=1.8.1
172.67.191.234200 OK 457 B URL HTTP/1.1 surefap.org/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP 172.67.191.234:0
File type ASCII text, with very long lines (1087), with no line terminators
Hash 1fa25d83bb5be8564841713f48e94332
dc5921fc9171ae8f69a52e1f00ea1c43ae3ea8d2
da9e1e7235fb597df5fc429718a771bc8431810ea07f7d2c40dba0b56ccd8cf7
GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 23 Apr 2022 13:01:21 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4368
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vA3BzYUtAk36TtXpKJm4u4G0YJ8bikPjKj8XLvNV3rsSO2Onu6tLQoqtiC544tQJMIdKtxqfBPE%2B92Sy0DyQdXa8W1y%2Fdwir7JnaokKS3e9k%2F%2BbBhU%2BxNOPBYtNkXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5fbb44b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-includes/js/wp-embed.min.js?ver=5.0.16
172.67.191.234200 OK 743 B URL HTTP/1.1 surefap.org/wp-includes/js/wp-embed.min.js?ver=5.0.16
IP 172.67.191.234:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash b146105040f6faa62806b35ad455d121
14aa49ed4f29b666221a8de3fd17f04455f12b15
05f4d51649be6878352af6843f9a5ffc14bb96ca7a02db21a35a14f6a150b004
GET /wp-includes/js/wp-embed.min.js?ver=5.0.16 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 23 Apr 2022 13:01:19 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4369
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYhOQyOobXSAKnA9xW7dphbOI9I%2BfZvDkbhWDfdysm3cy%2BQxYHEvE2cixFII3gQZAD6hBsqybwmmJcJKFjUgu2gNvLa1YhSZQtO3HD07Twl2zhExgBSpjvZ9wkj0YA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5fbcccb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.o333o.com/asg_embed.js
205.185.216.10200 OK 52 kB URL HTTP/1.1 cdn.o333o.com/asg_embed.js
IP 205.185.216.10:0
File type Unicode text, UTF-8 text, with very long lines (65467), with no line terminators
Hash 2cc3dbc2ed4b871bafca793ef56bc336
9b2b19b96ca2b9989b4976a8934070b1ef4efe78
03015f097efb01d8572b62f6b573fb115bcad04ad52c947f59014304d96da493
GET /asg_embed.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 51578
Content-Type: application/javascript
Last-Modified: Thu, 17 Nov 2022 11:24:59 GMT
Accept-Ranges: bytes
Server: nginx
ETag: "63761a0b-c97a"
Cache-Control: max-age=315360000, public
X-HW: 1669950617.dop013.sk1.t,1669950617.cds239.sk1.c
Access-Control-Allow-Origin: *
surefap.org/wp-content/plugins/wordpress-popular-posts/style/wpp.css?ver=3.2.3
172.67.191.234200 OK 489 B URL HTTP/1.1 surefap.org/wp-content/plugins/wordpress-popular-posts/style/wpp.css?ver=3.2.3
IP 172.67.191.234:0
File type ASCII text, with CRLF line terminators
Hash c8ad5eb64f1140cbe2df28519b376aa2
2782b2ec1b9dd5f9a25eec3b2f7f53de9a3b83c0
766695e386f4d4860ded979bf96717fa000ba7a1da95d900a48f5ddbeff95344
GET /wp-content/plugins/wordpress-popular-posts/style/wpp.css?ver=3.2.3 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:42:34 GMT
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNida8MCV%2Fai2hTf08NjE7edx0szM3IDfyXcjHNAf19G7O2j1DprnWOH2EdxOuw0L93R1IP5Wo3naO6n9wKlJK3N9az0E4e97m3lH8odTOPR4Gxf2N8Lzyx8Cn35Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5f6cb4b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/plugins/wp-postratings/postratings-js.js?ver=1.82
172.67.191.234200 OK 748 B URL HTTP/1.1 surefap.org/wp-content/plugins/wp-postratings/postratings-js.js?ver=1.82
IP 172.67.191.234:0
File type ASCII text, with very long lines (516)
Hash a916ec8951d8cb10ee6fdfecaa3eae84
0f5ed720b36bf6d0474bfdea0fe97ce2f4c28296
eadd127040367bb43fe787cece1d4e624cb6933c31e20b8b73611a79bdd3b15b
GET /wp-content/plugins/wp-postratings/postratings-js.js?ver=1.82 HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:42:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7F0ythYtJC0f1Dlq5V1RJDNbppcaSM2BzvyUa8mzP0Q%2BziMBpC2RFkWpgduWPaKTKKoXcrATppJh635EQ2HNUiKHPGMNukxKDrbT%2FQsnqaQDgYdtQDybodAM%2B1klw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de5fb947b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8c16c46339996d4c63c1154ebbfd4491
3d834879fadbae738b19437f0dda63aab2b136ea
2bef5dd58090a3c8d76b29e7e3028e08eecc042847690d1c7453b26a5a0f88bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157503
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:17 GMT
Etag: "638930d8-116"
Expires: Sat, 03 Dec 2022 22:55:20 GMT
Last-Modified: Thu, 01 Dec 2022 22:55:20 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8c16c46339996d4c63c1154ebbfd4491
3d834879fadbae738b19437f0dda63aab2b136ea
2bef5dd58090a3c8d76b29e7e3028e08eecc042847690d1c7453b26a5a0f88bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=157503
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:17 GMT
Etag: "638930d8-116"
Expires: Sat, 03 Dec 2022 22:55:20 GMT
Last-Modified: Thu, 01 Dec 2022 22:55:20 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
surefap.org/wp-content/uploads/wordpress-popular-posts/5188-featured-269x170.png
172.67.191.234200 OK 65 kB URL HTTP/1.1 surefap.org/wp-content/uploads/wordpress-popular-posts/5188-featured-269x170.png
IP 172.67.191.234:0
File type PNG image data, 269 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a80cc46f72d3fb004dbe75ccafd776b
e6e9764bcef6edc5242d61e7b9f740115a57b9cf
41ded72e1e0bdf063ac95b32f15599a553f244fd0e300d1997e0caf3e76142d2
GET /wp-content/uploads/wordpress-popular-posts/5188-featured-269x170.png HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/png
Content-Length: 64971
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:55:42 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4368
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XEa96%2FUJ9PE16Qi4fJYRAOgQBAnjl%2F9Jtd6HopFZXbLT5SX7gZkzMT9S2uaMMpqX7dHUe7l9YFCHWSJ8Jp3YMQSTzkNlYHOtbbQytRZTbfFQO%2BGYme9MXPlPBk8Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de60dae3b4ff-OSL
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/uploads/2017/07/surefap.org--Voyage-for-Poon-page00-Cover-41138716_2080584898-269x400.jpg
172.67.191.234200 OK 24 kB URL HTTP/1.1 surefap.org/wp-content/uploads/2017/07/surefap.org--Voyage-for-Poon-page00-Cover-41138716_2080584898-269x400.jpg
IP 172.67.191.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 269x400, components 3\012- data
Hash 60b13788c93cc521953fba872b9be690
96df737894ae5274fbf5e79fe7c312a07c315864
0ed465cb600bc3b2122e3a0c661622bf424a5ba8f19c7206cb80fee55b2e339d
GET /wp-content/uploads/2017/07/surefap.org--Voyage-for-Poon-page00-Cover-41138716_2080584898-269x400.jpg HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/jpeg
Content-Length: 24503
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:55:31 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkIRajGE4ktUco%2BagBbWXykzsqVTQJblP6vn2ERR7REjI5RbGknGLrGaM%2BillZHJU%2BiafuqgJp0MaSLveB%2Bk%2F9Q1zhWInUR%2FYQmisA61OF2XaQ03m0cTcxNawoIlvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de60dbbcb521-OSL
alt-svc: h2=":443"; ma=60
nefree.com/images/2020/12/06/269a4a3763f18a83248f6a1a7bc30567.md.jpg
104.21.45.92200 OK 40 kB URL HTTP/2 nefree.com/images/2020/12/06/269a4a3763f18a83248f6a1a7bc30567.md.jpg
IP 104.21.45.92:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x324, components 3\012- data
Hash 134c27a777d90568fdd07ef8fc842599
016c2cbdf1ba377fddeda31982d5e2891386e252
4eb8672cd0ee476d040aa5576be90a9df24c3ec4d21fca6c179d69a8ad83797a
GET /images/2020/12/06/269a4a3763f18a83248f6a1a7bc30567.md.jpg HTTP/1.1
Host: nefree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:10:17 GMT
content-type: image/jpeg
content-length: 40039
last-modified: Sun, 06 Dec 2020 19:13:52 GMT
etag: "5fcd2d70-9c67"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVnS7i4pa3VUmDuLZSUHvZFaF9IBMbR1%2B9QEvzs%2FcxRdVQLNVw88YeuoIL%2BRYcw3huJKaWiQhPn%2BKQqddQQZSG7X4SfKzI4uWMUD4taX6ybMHhmqBO47P5VYL%2Br0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730de605ff60b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i1.imagetwist.com/th/17271/s5dfaymhxp03.jpg
185.107.57.98200 OK 8.2 kB URL HTTP/1.1 i1.imagetwist.com/th/17271/s5dfaymhxp03.jpg
IP 185.107.57.98:0
ASN #43350 NForce Entertainment B.V.
File type PNG image data, 177 x 142, 8-bit/color RGB, non-interlaced\012- data
Hash 0bc8d04776c8eac2a12568d109162249
bf52db1e18d09e8a4d46629a2cc33d73984be441
cc3d009865e4980b354ea615270128620d57aaaa243d8593adc8a13a96e4b088
GET /th/17271/s5dfaymhxp03.jpg HTTP/1.1
Host: i1.imagetwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "139691825"
Last-Modified: Fri, 28 May 2010 08:58:40 GMT
Content-Length: 8183
Date: Fri, 02 Dec 2022 03:10:17 GMT
Server: lighttpd/1.4.54
surefap.org/wp-content/uploads/wordpress-popular-posts/43020-featured-269x170.jpg
172.67.191.234200 OK 34 kB URL HTTP/1.1 surefap.org/wp-content/uploads/wordpress-popular-posts/43020-featured-269x170.jpg
IP 172.67.191.234:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1941, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1500], baseline, precision 8, 269x170, components 3\012- data
Hash 986a093d87b91f1133488f0f4bdb3e1c
7d34c9f360f551322aa016867f4b8a8b0a32fb5c
76de49589d0959e75da50cecc75e5d3ab882a15fefd278eceaf1eaf2e814f55c
GET /wp-content/uploads/wordpress-popular-posts/43020-featured-269x170.jpg HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/jpeg
Content-Length: 34209
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 02:58:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d96Q8rapIo1CKFh2i9bnhiQjfSvDn%2BFh8xqBmwzjo3WS0CJiFp9kV5HGb%2FE9w4BKYfXAJ7bkLiJm7t5NqBKKVvi%2BBz%2F%2BrECARo13wYnjVSBKIVeCQ2q0xCGfTpyFgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de60eaecb4ff-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5cb98cfc071d6feaac912b4f13e93956
a4ecf824e7042dbc25ccc679e572dbaa6f0f71b1
1877e95f59608123dd58ccf84c8222f85650ee4930c8ea653ce502a3dc6fe33f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1877E95F59608123DD58CCF84C8222F85650EE4930C8EA653CE502A3DC6FE33F"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18663
Expires: Fri, 02 Dec 2022 08:21:20 GMT
Date: Fri, 02 Dec 2022 03:10:17 GMT
Connection: keep-alive
surefap.org/wp-content/uploads/wordpress-popular-posts/36493-featured-269x170.png
172.67.191.234200 OK 96 kB URL HTTP/1.1 surefap.org/wp-content/uploads/wordpress-popular-posts/36493-featured-269x170.png
IP 172.67.191.234:0
File type PNG image data, 269 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash af0cbbc54929fe5b3717ac2ac86081b9
e4426f5722c2f1c50aef206b49809c881f933883
d725b5470eb89f76a72a0367b22eb957e862d6518cfc79bc1b03b6331c641cfd
GET /wp-content/uploads/wordpress-popular-posts/36493-featured-269x170.png HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/png
Content-Length: 95698
Connection: keep-alive
Last-Modified: Sat, 08 Feb 2020 05:34:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU2djE05dWkJB5DamISzZbdWGMnjXJnNGZc088sNWaltkqHBkgZw%2FHCHWVnzmveiwl8oRPi%2BtBxvanMU28wH%2FSp9f75LkUXp7iLq6QB4semmll9Pmp%2BlaRY%2BkLtqZw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de60dd10b511-OSL
alt-svc: h2=":443"; ma=60
nefree.com/images/2020/12/06/cec87988ffad1d3436f5234801e2967e.md.jpg
104.21.45.92200 OK 40 kB URL HTTP/2 nefree.com/images/2020/12/06/cec87988ffad1d3436f5234801e2967e.md.jpg
IP 104.21.45.92:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x324, components 3\012- data
Hash cc38355bd72ff9031de32620cd43a59e
1af209880dc09f427bddf3750ea2d562145f06fa
910013799446c4836cdfe0da17a9b8b1128a0d3d627d25ce2b62a429dabd1ee6
GET /images/2020/12/06/cec87988ffad1d3436f5234801e2967e.md.jpg HTTP/1.1
Host: nefree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:10:17 GMT
content-type: image/jpeg
content-length: 39996
last-modified: Sun, 06 Dec 2020 19:13:49 GMT
etag: "5fcd2d6d-9c3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt2kAfkossKYFlikoDcSulNwWDlUc2cVnDlUf9LwtnA%2BKBAcTF35SB6at78pU%2BAJvV%2FpqiFMMQ5SpqT2yRcpkgvoVkcOkBNk4Ofkj4KbsVxQI5mJb6E0owxYyw9n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730de605ff50b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i1.imagetwist.com/th/17271/a85sartr3koh.jpg
185.107.57.98200 OK 17 kB URL HTTP/1.1 i1.imagetwist.com/th/17271/a85sartr3koh.jpg
IP 185.107.57.98:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 190x250, components 3\012- data
Hash e604ec69bb083693d222210333f03248
b9bc4719e64aaff8b1378d8ba57a36efcc7d0c64
62a5c8f17254011d958f817d0aaf26ff561575aa05c73bcf7acbbc3a73c5c8b8
GET /th/17271/a85sartr3koh.jpg HTTP/1.1
Host: i1.imagetwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "3623722151"
Last-Modified: Tue, 22 Aug 2017 13:28:41 GMT
Content-Length: 17221
Date: Fri, 02 Dec 2022 03:10:17 GMT
Server: lighttpd/1.4.54
i1.imagetwist.com/th/17271/y9y3kb2xwp4c.jpg
185.107.57.98200 OK 30 kB URL HTTP/1.1 i1.imagetwist.com/th/17271/y9y3kb2xwp4c.jpg
IP 185.107.57.98:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 190x250, components 3\012- data
Hash 910a25503328544e0a4a8f3d19e1e073
8fd5c28e39cb75693d84e38a59926732054ac928
24c9cd407e2bda9a253a21679c4c582dc1bab8b8d9ed4bf13aa95064fc52886b
GET /th/17271/y9y3kb2xwp4c.jpg HTTP/1.1
Host: i1.imagetwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "2072322483"
Last-Modified: Tue, 22 Aug 2017 13:28:41 GMT
Content-Length: 29703
Date: Fri, 02 Dec 2022 03:10:17 GMT
Server: lighttpd/1.4.54
surefap.org/wp-content/uploads/2017/03/surefap.org--Deep-Space-9-The-Ship-Epilogue-0134579448_131567112-300x394.jpg
172.67.191.234200 OK 37 kB URL HTTP/1.1 surefap.org/wp-content/uploads/2017/03/surefap.org--Deep-Space-9-The-Ship-Epilogue-0134579448_131567112-300x394.jpg
IP 172.67.191.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 300x394, components 3\012- data
Hash 19a6bf7430b0fc29f22a92353fd7a986
35145299d6ac328330aa1e1e9b027c27582aa108
e25792c93790cc5322fbb2cd7f53fb6669c80668cf6ae39016252650a7318ec4
GET /wp-content/uploads/2017/03/surefap.org--Deep-Space-9-The-Ship-Epilogue-0134579448_131567112-300x394.jpg HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/jpeg
Content-Length: 36871
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 17:00:47 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awZcnQP4MbIwSU0Bjm7ylqExSCQWCyA97mDOxZLI92FE7%2BV8oXSyS4CTrVQu6UIGbE116PsLB9KUicV5Rsn6seJtom1cgSWH%2F3tmk%2FN%2F7JRRidSwAffAxFi0r2P5qw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de60dd34b50c-OSL
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/uploads/2017/08/surefap.org--The-Drill-Spill-page01-37775079_2007195596-300x388.jpg
172.67.191.234200 OK 33 kB URL HTTP/1.1 surefap.org/wp-content/uploads/2017/08/surefap.org--The-Drill-Spill-page01-37775079_2007195596-300x388.jpg
IP 172.67.191.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 300x388, components 3\012- data
Hash 2b607836d0c6e638cfa765fdbdf7a8af
be22ef1540bd65d60b2b97bc771df05325a67630
1d4b3e1e7f8cbea20c3a9144358eb414425451cab7db0a2bda9cfa333acca242
GET /wp-content/uploads/2017/08/surefap.org--The-Drill-Spill-page01-37775079_2007195596-300x388.jpg HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/jpeg
Content-Length: 33051
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:55:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sylj32i5mz7uFoyBZ0rKEK36L8F7GXkoiu1AH1GDsCzQI2QeLIGwz6l%2BQnGGrKpF6cZdPBWURZmPlhEGn3q2gRou8%2FAENzCoRerBvMDbHVwiVZ7NsSHqdrARNdt5AA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de60d9b1b503-OSL
alt-svc: h2=":443"; ma=60
nefree.com/images/2020/12/06/4957d3c95b6df2ba44dda668ff6c68e3.md.jpg
104.21.45.92200 OK 38 kB URL HTTP/2 nefree.com/images/2020/12/06/4957d3c95b6df2ba44dda668ff6c68e3.md.jpg
IP 104.21.45.92:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x324, components 3\012- data
Hash e400b4f86fa42a98758880e6b8616eca
f60bdc0d4ffc146f5039de257a02d974c303d3d3
0f9ebef67e15e85231d53badd8cad3e7d38397718d077b89beda0b14289c09b8
GET /images/2020/12/06/4957d3c95b6df2ba44dda668ff6c68e3.md.jpg HTTP/1.1
Host: nefree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:10:17 GMT
content-type: image/jpeg
content-length: 37937
last-modified: Sun, 06 Dec 2020 19:13:51 GMT
etag: "5fcd2d6f-9431"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mFuU%2BL1jk91Slp02548UZ4b0ZqzcshUkdZ1Vhb3U5k0YWePafnE%2BAvESA1ddMjD8u7MzCMcGEV5BngR8lyFgiVWCKs5jfsH3AQJvlB2QZToCICRYxyPEXB5fGtr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7730de605ff40b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Oswald
142.250.74.106200 OK 270 kB URL HTTP/2 fonts.googleapis.com/css?family=Oswald
IP 142.250.74.106:0
Size 270 kB (270206 bytes)
Hash 90ac22fc3e67ad5d33e6383c01bc2684
6984997ccc9337de068bb15fd25cc2e1b11b2267
cfe6bd0b248d4f07ea682cbd095353a67f7de54e9a25cd0485176de5c05d9bbf
GET /css?family=Oswald HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 03:10:17 GMT
date: Fri, 02 Dec 2022 03:10:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5cb98cfc071d6feaac912b4f13e93956
a4ecf824e7042dbc25ccc679e572dbaa6f0f71b1
1877e95f59608123dd58ccf84c8222f85650ee4930c8ea653ce502a3dc6fe33f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1877E95F59608123DD58CCF84C8222F85650EE4930C8EA653CE502A3DC6FE33F"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18663
Expires: Fri, 02 Dec 2022 08:21:20 GMT
Date: Fri, 02 Dec 2022 03:10:17 GMT
Connection: keep-alive
a.shukriya90.com/api/spots/303160?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.6 kB URL HTTP/1.1 a.shukriya90.com/api/spots/303160?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash 7c62d3823c798e3f1f962855300e27a5
2d77275d5028b61b6eb549c4866248293889482f
eedfb022ee598f6d7554741f2235ca9da973fee1846052b888a681a7ab8eeddc
GET /api/spots/303160?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=H4LduzNz4v8WpdJov6lx; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
surefap.org/ljekdimdzcz.php
172.67.191.234200 OK 503 B URL HTTP/1.1 surefap.org/ljekdimdzcz.php
IP 172.67.191.234:0
Hash 5cb98cfc071d6feaac912b4f13e93956
a4ecf824e7042dbc25ccc679e572dbaa6f0f71b1
1877e95f59608123dd58ccf84c8222f85650ee4930c8ea653ce502a3dc6fe33f
GET /ljekdimdzcz.php HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.0.33
Cache-Control: max-age=120
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jCiZ14DpIMYybdxHJs5%2BofTxu1b9774QZ2S7%2BS9kZ9pJ3pGnY4aFj8FkJ90UAIvn831BRY1AmynZfOSLj93uV4a3MB5vtuddwBSQzWcYmCThWC9kHYiynNEX%2BVmwg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7730de5f8a99b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/uploads/wordpress-popular-posts/44264-featured-269x170.png
172.67.191.234200 OK 84 kB URL HTTP/1.1 surefap.org/wp-content/uploads/wordpress-popular-posts/44264-featured-269x170.png
IP 172.67.191.234:0
File type PNG image data, 269 x 170, 8-bit/color RGBA, non-interlaced\012- data
Hash 1563230cfd3e1d8563acb5338dc8160f
4de224f0c937bbdb19047280e3413a87850f2b5e
b883ebed6f819426c985b803721f3713045d170809756d5c957be8e33e008e0a
GET /wp-content/uploads/wordpress-popular-posts/44264-featured-269x170.png HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/png
Content-Length: 83567
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:55:43 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8HyG7lDX8jyP0VsTdzeMU881Lro9vD%2FeM9AzNsP3FmhCmIgrowmmW47T3ak1dZstmyPHL19ZdT64qVVEgi%2BYp8NRAvq9KDmIKgTAtBXOh2o1IIQI1seSEk7ncvYpw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de60db27b500-OSL
alt-svc: h2=":443"; ma=60
a.shukriya90.com/api/spots/303150?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.5 kB URL HTTP/1.1 a.shukriya90.com/api/spots/303150?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash 775a7a940a286f8b983f31a22d60d756
143bcaaab6be0af5a1e64edcd31a25a2f44c47d1
d7f44b630813d9aa1988d2438eb5514c2154f734fa7122b452d0f60595f4d47e
GET /api/spots/303150?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=jT2L0iij4tAlT9ME8C87; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
a.shukriya90.com/api/settings/23307
135.181.208.216404 Not Found 9 B URL HTTP/2 a.shukriya90.com/api/settings/23307
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 9e076f5885f5cc16a4b5aeb8de4adff5
475c848673a3f79fa778f01c2bd5a721d4c41707
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31
GET /api/settings/23307 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://surefap.org/
Origin: http://surefap.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Fri, 02 Dec 2022 03:10:17 GMT
content-type: text/plain; charset=utf-8
content-length: 9
access-control-allow-origin: *
X-Firefox-Spdy: h2
surefap.org/wp-content/uploads/wordpress-popular-posts/379496-featured-269x170.jpg
172.67.191.234200 OK 8.6 kB URL HTTP/1.1 surefap.org/wp-content/uploads/wordpress-popular-posts/379496-featured-269x170.jpg
IP 172.67.191.234:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 269x170, components 3\012- data
Hash dc9802a6d8bb38c758f2e602de516de3
60809f2f96869416259893a43c91fe392f3a3a4d
789981c56beb944e93e129833632dd5b53e97012360fbf0f7b4e77c399996c05
GET /wp-content/uploads/wordpress-popular-posts/379496-featured-269x170.jpg HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/jpeg
Content-Length: 8613
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 20:09:59 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4368
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmSMyKpUmaDbhFh5X5Guac023s1EuhalW6KZzXhYpv7k71%2FauiVst4tDIdSMVxePd8ChHi2O4cd4k0%2BN6oNrWly9r%2FktTVL2hVJQoSeyUPlkl%2FyuOdd80iNOSzRtyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de621d44b511-OSL
alt-svc: h2=":443"; ma=60
surefap.org/wp-content/plugins/wp-postratings/images/stars_crystal/rating_on.gif
172.67.191.234200 OK 1.0 kB URL HTTP/1.1 surefap.org/wp-content/plugins/wp-postratings/images/stars_crystal/rating_on.gif
IP 172.67.191.234:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 1e483d25aa3a2c769c7e680eb75b52a3
2dfe501fc81cd6939bd014cedb41af85b4e3c7af
be1b058eb9e3fef483e425718456e8bc58fda7d4a81de0d6e794b1e03dfdbd01
GET /wp-content/plugins/wp-postratings/images/stars_crystal/rating_on.gif HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: image/gif
Content-Length: 1009
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:42:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4368
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSj4tL7xG%2Bxssp%2FVskWTcEOh3%2BiFLIGIal4jiVRINS6EZOFZ7H3INreKnJrCvvaw6bshjc%2Fl6Kvrpd7%2FZ3R2j0WvPsGmTTTMLiiaQBezhOmeSYHMJc2YgF0nSMv%2BXg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de622b7eb500-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8c16c46339996d4c63c1154ebbfd4491
3d834879fadbae738b19437f0dda63aab2b136ea
2bef5dd58090a3c8d76b29e7e3028e08eecc042847690d1c7453b26a5a0f88bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=157503
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:17 GMT
Etag: "638930d8-116"
Expires: Sat, 03 Dec 2022 22:55:20 GMT
Last-Modified: Thu, 01 Dec 2022 22:55:20 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
i1.imagetwist.com/th/16485/59910eidmexj.jpg
185.107.57.98200 OK 23 kB URL HTTP/1.1 i1.imagetwist.com/th/16485/59910eidmexj.jpg
IP 185.107.57.98:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 168x250, components 3\012- data
Hash 8b8c3ebf90b3fb82855742a133b493e3
d94268aff48c1f267803fac360893a261a5b57b8
981b9feca958e38f2fd77e28a7797fc9a8e7c8607636138143908edd26466c62
GET /th/16485/59910eidmexj.jpg HTTP/1.1
Host: i1.imagetwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "1405597281"
Last-Modified: Wed, 12 Jul 2017 14:16:49 GMT
Content-Length: 23239
Date: Fri, 02 Dec 2022 03:10:17 GMT
Server: lighttpd/1.4.54
i1.imagetwist.com/th/16485/kcilsskvvywt.jpg
185.107.57.98200 OK 30 kB URL HTTP/1.1 i1.imagetwist.com/th/16485/kcilsskvvywt.jpg
IP 185.107.57.98:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 190x250, components 3\012- data
Hash c7ed3252c43474080ea028fee2fc5163
35debe3c7cf419914811d9c6d8f84af055e180a0
2cd194865f44e48a704ce9a05d36d1fd5f1b960bc8bbffb4519299b955e8f013
GET /th/16485/kcilsskvvywt.jpg HTTP/1.1
Host: i1.imagetwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "2546380322"
Last-Modified: Wed, 12 Jul 2017 14:16:49 GMT
Content-Length: 30334
Date: Fri, 02 Dec 2022 03:10:17 GMT
Server: lighttpd/1.4.54
a.shukriya90.com/api/spots/303150?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.5 kB URL HTTP/1.1 a.shukriya90.com/api/spots/303150?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash a33d4c9505d419a68d8bde079cca2788
c59ae7178e886bfcef01000d37acd74acc3a854c
61ca231b2ba1891d39769a0f5379f4c66a945e8aad31f6f0ac2da844e5089f2a
GET /api/spots/303150?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=EHDJQRMUuguDyJtvpURs; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
ayazik.win/wp-content/uploads/2019/10/medium/y7pBUagj6v770703-med.jpg
79.137.52.116200 OK 25 kB URL HTTP/2 ayazik.win/wp-content/uploads/2019/10/medium/y7pBUagj6v770703-med.jpg
IP 79.137.52.116:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 229x300, components 3\012- data
Hash b6d7cba24b1f1851e676aa2f4d93bd7b
6a5ac87b3cb794405e4bfa041d551feb1372f893
a7cfa77aa73024d8c32d91e158743216178651a8a32f02b88bac8a5a3de7d17b
GET /wp-content/uploads/2019/10/medium/y7pBUagj6v770703-med.jpg HTTP/1.1
Host: ayazik.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 18 Oct 2019 09:44:56 GMT
accept-ranges: bytes
content-length: 24839
cache-control: public
expires: Fri, 02 Dec 2022 04:10:17 GMT
vary: User-Agent
content-type: image/jpeg
date: Fri, 02 Dec 2022 03:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
i1.imagetwist.com/th/16485/vjxmkyajadho.jpg
185.107.57.98200 OK 28 kB URL HTTP/1.1 i1.imagetwist.com/th/16485/vjxmkyajadho.jpg
IP 185.107.57.98:0
ASN #43350 NForce Entertainment B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 190x250, components 3\012- data
Hash 65ad9b43e3c2cda118d8d589140afea0
627d3e2a36918faed2f9a7fc5661e11b59b2aee9
347dca37abd3e9ab7b1ac5293974be2b948f4b70c800290078f3ededa4aac8fc
GET /th/16485/vjxmkyajadho.jpg HTTP/1.1
Host: i1.imagetwist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "1808241982"
Last-Modified: Wed, 12 Jul 2017 14:16:49 GMT
Content-Length: 27548
Date: Fri, 02 Dec 2022 03:10:17 GMT
Server: lighttpd/1.4.54
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.shukriya90.com/api/click/14948324660007848095?c=90
135.181.208.216200 OK 0 B URL HTTP/1.1 a.shukriya90.com/api/click/14948324660007848095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/14948324660007848095?c=90 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a.shukriya90.com/api/spots/303160?p=1&s1=%subid1%&kw=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.227200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://surefap.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:18:06 GMT
expires: Tue, 28 Nov 2023 21:18:06 GMT
cache-control: public, max-age=31536000
age: 280332
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ayazik.win/wp-content/uploads/2019/10/medium/gC60Gha06S282964-med.jpg
79.137.52.116200 OK 24 kB URL HTTP/2 ayazik.win/wp-content/uploads/2019/10/medium/gC60Gha06S282964-med.jpg
IP 79.137.52.116:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 229x300, components 3\012- data
Hash a3b432f3e9849bf99546462bf6e30738
70ad17f5e2373740a440265fe3ffe05e0097d08c
e7203e4777a122d6d852e877b773887489c429619d9482ad15df68d21b24e59a
GET /wp-content/uploads/2019/10/medium/gC60Gha06S282964-med.jpg HTTP/1.1
Host: ayazik.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 18 Oct 2019 09:44:53 GMT
accept-ranges: bytes
content-length: 23959
cache-control: public
expires: Fri, 02 Dec 2022 04:10:17 GMT
vary: User-Agent
content-type: image/jpeg
date: Fri, 02 Dec 2022 03:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
ayazik.win/wp-content/uploads/2019/10/medium/5s8kKjrvTL913386-med.jpg
79.137.52.116200 OK 25 kB URL HTTP/2 ayazik.win/wp-content/uploads/2019/10/medium/5s8kKjrvTL913386-med.jpg
IP 79.137.52.116:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 229x300, components 3\012- data
Hash b29d1223af9c42236d47218cf4ec1e3a
c82795c859ccb55c4383404cf216812859cd90c1
6235cd40fe952072659b3c6ae47848ea2bd33d7000dc63970e5f8a74cf140901
GET /wp-content/uploads/2019/10/medium/5s8kKjrvTL913386-med.jpg HTTP/1.1
Host: ayazik.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 18 Oct 2019 09:44:54 GMT
accept-ranges: bytes
content-length: 24795
cache-control: public
expires: Fri, 02 Dec 2022 04:10:17 GMT
vary: User-Agent
content-type: image/jpeg
date: Fri, 02 Dec 2022 03:10:17 GMT
server: Apache
X-Firefox-Spdy: h2
surefap.org/wp-content/uploads/2017/08/surefap.org--Voyager-page01-69359079_73619757-300x394.jpg
172.67.191.234200 OK 19 kB URL HTTP/1.1 surefap.org/wp-content/uploads/2017/08/surefap.org--Voyager-page01-69359079_73619757-300x394.jpg
IP 172.67.191.234:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 300x394, components 3\012- data
Hash c4b047bd9468dc606657030617da01ea
5df8866821b137b460340a3f1d4c8de7b5dd0e8e
cbda79d7e780615a99db431a8cccff7eb69793c224530b0f8a2bf47ef57486ee
GET /wp-content/uploads/2017/08/surefap.org--Voyager-page01-69359079_73619757-300x394.jpg HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: image/jpeg
Content-Length: 19304
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:55:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZTw%2BXtIOfDC%2BS30aSQswjavTbPpNXTAhGzaXPxSFTWBgs7aIcI4mteJbFHar05%2FoKFfR9vvo0OyC0byUoVby8Xcx4nbSDgegMsy%2F8VACoU%2FBEdbN0TKu%2FZYEIOdiw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de622d48b511-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.shukriya90.com/api/click/1580982496408261095?c=90
135.181.208.216200 OK 0 B URL HTTP/1.1 a.shukriya90.com/api/click/1580982496408261095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/1580982496408261095?c=90 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a.shukriya90.com/api/spots/303150?p=1&s1=%subid1%&kw=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
stenadewy.pro/aMWOZRyKQ.2r9BklZKTC9f6XbS2/5GlGS/WiQR9yNZDaES2-N/j/UV3/N/SwZsw_d/XbNmoMWCmg9nuVZKUtl/kNPLTwQ/xxNAjnYV1CNjzeUn
188.72.219.36301 Moved Permanently 162 B URL HTTP/1.1 stenadewy.pro/aMWOZRyKQ.2r9BklZKTC9f6XbS2/5GlGS/WiQR9yNZDaES2-N/j/UV3/N/SwZsw_d/XbNmoMWCmg9nuVZKUtl/kNPLTwQ/xxNAjnYV1CNjzeUn
IP 188.72.219.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /aMWOZRyKQ.2r9BklZKTC9f6XbS2/5GlGS/WiQR9yNZDaES2-N/j/UV3/N/SwZsw_d/XbNmoMWCmg9nuVZKUtl/kNPLTwQ/xxNAjnYV1CNjzeUn HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a.shukriya90.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://stenadewy.pro/aMWOZRyKQ.2r9BklZKTC9f6XbS2/5GlGS/WiQR9yNZDaES2-N/j/UV3/N/SwZsw_d/XbNmoMWCmg9nuVZKUtl/kNPLTwQ/xxNAjnYV1CNjzeUn
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
stenadewy.pro/aTWOZ.y_Qn2F9/k/ZuTW9B6tbP2/5DlkS-WwQz9SNOD/Eh1fOFTmUJyGMEi/ZrwkdFXbNqokW/mo9uuIZlUzlokKPyTxQaxuN/TXkc1rMkjmIM
188.72.219.36301 Moved Permanently 162 B URL HTTP/1.1 stenadewy.pro/aTWOZ.y_Qn2F9/k/ZuTW9B6tbP2/5DlkS-WwQz9SNOD/Eh1fOFTmUJyGMEi/ZrwkdFXbNqokW/mo9uuIZlUzlokKPyTxQaxuN/TXkc1rMkjmIM
IP 188.72.219.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /aTWOZ.y_Qn2F9/k/ZuTW9B6tbP2/5DlkS-WwQz9SNOD/Eh1fOFTmUJyGMEi/ZrwkdFXbNqokW/mo9uuIZlUzlokKPyTxQaxuN/TXkc1rMkjmIM HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a.shukriya90.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://stenadewy.pro/aTWOZ.y_Qn2F9/k/ZuTW9B6tbP2/5DlkS-WwQz9SNOD/Eh1fOFTmUJyGMEi/ZrwkdFXbNqokW/mo9uuIZlUzlokKPyTxQaxuN/TXkc1rMkjmIM
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
stenadewy.pro/aRWGZNyXQ.2d9MkvZTTz9k6ab-2y5HlASqWhQd9gNADfEL2RNljaUq2_N/ycZ/whdsXuNXo/WSmA9/ugZkUqlUk/PETPQYxuNrj/YH1qNJjScH
188.72.219.36301 Moved Permanently 162 B URL HTTP/1.1 stenadewy.pro/aRWGZNyXQ.2d9MkvZTTz9k6ab-2y5HlASqWhQd9gNADfEL2RNljaUq2_N/ycZ/whdsXuNXo/WSmA9/ugZkUqlUk/PETPQYxuNrj/YH1qNJjScH
IP 188.72.219.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /aRWGZNyXQ.2d9MkvZTTz9k6ab-2y5HlASqWhQd9gNADfEL2RNljaUq2_N/ycZ/whdsXuNXo/WSmA9/ugZkUqlUk/PETPQYxuNrj/YH1qNJjScH HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a.shukriya90.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://stenadewy.pro/aRWGZNyXQ.2d9MkvZTTz9k6ab-2y5HlASqWhQd9gNADfEL2RNljaUq2_N/ycZ/whdsXuNXo/WSmA9/ugZkUqlUk/PETPQYxuNrj/YH1qNJjScH
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
a.shukriya90.com/api/click/3614597690526973095?c=90
135.181.208.216200 OK 0 B URL HTTP/1.1 a.shukriya90.com/api/click/3614597690526973095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/3614597690526973095?c=90 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a.shukriya90.com/api/spots/303150?p=1&s1=%subid1%&kw=
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3488
Cache-Control: max-age=111279
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:18 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:04:57 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 03:08:57 GMT
cache-control: public,max-age=3600
age: 81
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.effectiveperformanceformat.com/7a2fa356cc779900c863a51e810fbfce/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.effectiveperformanceformat.com/7a2fa356cc779900c863a51e810fbfce/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26971), with no line terminators
Hash 07c6c6ccacd4ff698d9d1f5c034110a6
366455a8ce5e91ececbb86663ec71aa6f8ba5399
8b6a1232ac7296ca5b33ea835b75c026b41e3607f1ad0e22809ede29eea3e3fd
GET /7a2fa356cc779900c863a51e810fbfce/invoke.js HTTP/1.1
Host: www.effectiveperformanceformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1b83ca081ac41525f1ea6293c854df1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
surefap.org/wp-content/themes/FinanceDesk/images/meta-separator.png
172.67.191.234200 OK 121 B URL HTTP/1.1 surefap.org/wp-content/themes/FinanceDesk/images/meta-separator.png
IP 172.67.191.234:0
File type PNG image data, 1 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash f395c59b99ad9effdd18186e3416b83f
31fa705e99763fd0d6183cf20c99e99605a8987f
9789e29b9a71fb3ccd4b4456e0601f979c8b613d3a2b34453bdf34ccaf7f0632
GET /wp-content/themes/FinanceDesk/images/meta-separator.png HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/wp-content/themes/FinanceDesk/style.css
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: image/png
Content-Length: 121
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:47:40 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4368
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTrqsj%2Frqpse3GS5bGs1VU0M6cqCZUmjjk2VZGiGbvtfL0kOIeXGaN%2BWIxwWJr822vf5YgZJAks7pvHCfahvketVUxmgqIxhUpvUQprSQ3xXBrwTuYpE5BcRojD9uA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de63fda0b511-OSL
alt-svc: h2=":443"; ma=60
a.shukriya90.com/api/spots/352013?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.4 kB URL HTTP/1.1 a.shukriya90.com/api/spots/352013?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Hash 50c2f5fe16638dd2d42793e0e99601e0
dad3a05d77f860a63ca07fcaf6333d3bbfe7a3f7
9add681e908aed964d994db19eb2dea1782c1e207a54d0418eeebd4cdf1c01c6
GET /api/spots/352013?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: nauid=bDl68rnwNY3zB6ZjdvzQ; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; SameSite=None
Cache-Control: private
Content-Encoding: gzip
surefap.org/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif
172.67.191.234200 OK 1.0 kB URL HTTP/1.1 surefap.org/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif
IP 172.67.191.234:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 358948a0ec900509e53396438fadea91
c47bd41c2dfd3879ca398829ac3438fce227dd96
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6
GET /wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: image/gif
Content-Length: 1009
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:42:33 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4368
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M58J0gP9mkloCMtBqV0YyuwNBLpktjqaSTABkgvbvc1CbaU7VeEseuEChdU9Cs1P2rdPEa3ECFJAuU9su2yjubX1F1mo1i8QrdaoLlu5NBSvHTSmb6eCz44z9JHsaA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de646dbfb511-OSL
alt-svc: h2=":443"; ma=60
stenadewy.pro/aTWOZ.y_Qn2F9/k/ZuTW9B6tbP2/5DlkS-WwQz9SNOD/Eh1fOFTmUJyGMEi/ZrwkdFXbNqokW/mo9uuIZlUzlokKPyTxQaxuN/TXkc1rMkjmIM
188.72.219.36200 OK 5.7 kB URL HTTP/2 stenadewy.pro/aTWOZ.y_Qn2F9/k/ZuTW9B6tbP2/5DlkS-WwQz9SNOD/Eh1fOFTmUJyGMEi/ZrwkdFXbNqokW/mo9uuIZlUzlokKPyTxQaxuN/TXkc1rMkjmIM
IP 188.72.219.36:0
File type ASCII text, with very long lines (2401)
Hash 5d2897fffdcdb2d79d720f414264671b
78f6225e3cda0b63106ea026280c47d5b40a15b2
226160525e04576c268a26556838582c28d3e9ff11296eddb809bbf92ecd4b8e
GET /aTWOZ.y_Qn2F9/k/ZuTW9B6tbP2/5DlkS-WwQz9SNOD/Eh1fOFTmUJyGMEi/ZrwkdFXbNqokW/mo9uuIZlUzlokKPyTxQaxuN/TXkc1rMkjmIM HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://a.shukriya90.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
stenadewy.pro/asW_ZuyvP.3wBx1-cz2AhBaCb_2E5FlGSHW-QJ9KNLDME_2ONPjQUR2-NTyUZV6Wb_2Y5ZlaSbW-Qd9eNfDgE_2iNjjkUl2-Nnwo?iframeId=lamidb
188.72.219.36200 OK 0 B URL HTTP/2 stenadewy.pro/asW_ZuyvP.3wBx1-cz2AhBaCb_2E5FlGSHW-QJ9KNLDME_2ONPjQUR2-NTyUZV6Wb_2Y5ZlaSbW-Qd9eNfDgE_2iNjjkUl2-Nnwo?iframeId=lamidb
IP 188.72.219.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /asW_ZuyvP.3wBx1-cz2AhBaCb_2E5FlGSHW-QJ9KNLDME_2ONPjQUR2-NTyUZV6Wb_2Y5ZlaSbW-Qd9eNfDgE_2iNjjkUl2-Nnwo?iframeId=lamidb HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a.shukriya90.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: text/html;charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tSms/KKsTfFARtQQCeMrbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9HoS5AVb6gWMSZaheHYnmZwCksk=
stenadewy.pro/afWgZ_y.Pi3jBk1lc-2nhoapbq2_5sltSuWvQ-9xNyDzEA1_OCTDUEyFM-iHZI6JbK2_5MlNSOWPQ-9RNSDTEU1_OWTXUYyZM-gb?iframeId=vmwhoz
188.72.219.36200 OK 0 B URL HTTP/2 stenadewy.pro/afWgZ_y.Pi3jBk1lc-2nhoapbq2_5sltSuWvQ-9xNyDzEA1_OCTDUEyFM-iHZI6JbK2_5MlNSOWPQ-9RNSDTEU1_OWTXUYyZM-gb?iframeId=vmwhoz
IP 188.72.219.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afWgZ_y.Pi3jBk1lc-2nhoapbq2_5sltSuWvQ-9xNyDzEA1_OCTDUEyFM-iHZI6JbK2_5MlNSOWPQ-9RNSDTEU1_OWTXUYyZM-gb?iframeId=vmwhoz HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a.shukriya90.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: text/html;charset=UTF-8
content-length: 0
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
surefap.org/favicon.ico
172.67.191.234200 OK 2.4 kB IP 172.67.191.234:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash e4cb9c2ef4866c61686ea529cca5864c
51b1a32b077611d3f312c177cca13717e1d4c7aa
fed799214bbf9fecbb850e4a9013982864d232b335954ae57ef807b559821225
GET /favicon.ico HTTP/1.1
Host: surefap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/publisher/shia/
Cookie: PHPSESSID=cblumvc8u02r7btko4ocmoeo50
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Oct 2019 10:37:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4362
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PTaSkQvWvsZ%2FR4%2BFsXXpeVfeKsSJIwGVy3LVieV6eaBMqIO51Y66xzjRD8LquS%2F8mPse5dubE9vWQBVXvjgaBYW1sLT4j06dvkGB9Kq8TD%2FB%2BqyeTIuYGIjd67QEA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de655df0b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash f60f02a95664f3be8fd0b4e614010c6a
bb83d56ac8ae98bff5e9954dffc7f2035b47f63f
eddc54420a811685bfd0c2c14dd13340c9380b529bf1bb8c0426baa0375a67f2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126808
Date: Fri, 02 Dec 2022 03:10:18 GMT
Etag: "6388ac95-1d7"
Expires: Sat, 03 Dec 2022 14:23:46 GMT
Last-Modified: Thu, 01 Dec 2022 13:31:01 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aLyaviR7OKSatWza7vQ5WVZChGtv9KPkeAI3ui3nwHFiIjN5SpCqjw==
Age: 3165
adserver.juicyads.com/js/jads.js
185.94.236.245200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/js/jads.js
IP 185.94.236.245:0
File type ASCII text, with very long lines (3769), with no line terminators
Hash 65b1efdf55163b144c5018b8772765ad
509de5f40450f3cf05e0d8d1b939fed2bbb11cbe
cf23ab637d84de0eb1c1e67764e05ca0aa140e6ee932a60700fc35661644ee48
GET /js/jads.js HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eb9"
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 72d4f90170889343d0b885acbee49f0b
5d0e381e3e278799d07cfdae949c2fe7ae04b62e
ed742be742deae2d30e25b5c32e59a5acbd92ca1d8340f306824896aac69dc20
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://surefap.org
access-control-allow-credentials: true
set-cookie: uid_id2=48cf7435-df15-42ef-a579-55e5e65a95b1:3:1; expires=Mon, 29 Nov 2032 03:10:18 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
vvvljeqasz.com/lv/esnk/1921797/code.js
62.122.171.6200 OK 44 kB URL HTTP/1.1 vvvljeqasz.com/lv/esnk/1921797/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (65530)
Hash 73aa462dea82a2fdbea2ea33db17cb79
e81280d730b911b0d9165ab01c29dfd96cf9c8f7
1b8b66df6b1f9f3624479dbeab12e1ecdbf0bc83ec8a1be8f2c18b395859bb4e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /lv/esnk/1921797/code.js HTTP/1.1
Host: vvvljeqasz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a.shukriya90.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 12:20:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63738419-1aaa0"
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
counter.yadro.ru/hit?t22.6;r;s1280*1024*24;uhttp%3A//surefap.org/publisher/shia/;0.27597242644978004
88.212.201.204302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?t22.6;r;s1280*1024*24;uhttp%3A//surefap.org/publisher/shia/;0.27597242644978004
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?t22.6;r;s1280*1024*24;uhttp%3A//surefap.org/publisher/shia/;0.27597242644978004 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 302 Moved Temporarily
Date: Fri, 02 Dec 2022 03:10:18 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?t22.6;r;s1280*1024*24;uhttp%3A//surefap.org/publisher/shia/;0.27597242644978004
Content-Length: 32
Expires: Wed, 01 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash ed0dfbce56db09f7d7f278abaf9ff94f
8e72ee309d9a765146ee84db2d51eea43cf855e3
6a9a8d1e2fdf639bdb4c87210c9c8aed2d07c7f175cf63e8f1a9623dd14ac727
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Mon, 05 Dec 2022 23:27:24 GMT
ETag: "8e72ee309d9a765146ee84db2d51eea43cf855e3"
Last-Modified: Thu, 01 Dec 2022 23:27:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3465
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de65e9070b41-OSL
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 02:46:55 GMT
expires: Fri, 02 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 1403
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
informer.yandex.ru/informer/37790960/3_0_A8EDFFFF_88CDE7FF_0_pageviews
93.158.134.119200 OK 1.5 kB URL HTTP/2 informer.yandex.ru/informer/37790960/3_0_A8EDFFFF_88CDE7FF_0_pageviews
IP 93.158.134.119:0
File type PNG image data, 88 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash cbd579b4a57d6c47823eb72b7e1443d1
a61a6df1770f4278f4329eba537aa18596d62dc2
c54f03b9bd89cd9144e12faca27d71c76560183d1d824cd996241d91c583e430
GET /informer/37790960/3_0_A8EDFFFF_88CDE7FF_0_pageviews HTTP/1.1
Host: informer.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 1536
last-modified: Fri, 02-Dec-2022 03:10:18 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:10:18 GMT
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 14 kB URL HTTP/1.1 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
File type ASCII text, with very long lines (729)
Hash e2e25d9473a05570c20838aca1c2c3ea
a8ac67a13111a4e61cf7eb9bb8850ef5ab1246d4
b75b8d2fe8eb0c9e8191c51f99eb62b37c944f36118aacb5237e4bde65c60e11
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: application/javascript
Last-Modified: Wed, 23 Nov 2022 16:42:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: FTID=1RMYgQ0tkIIE:1669950618:0:::; path=/; expires=Sun, 03-Dec-23 03:10:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None
ETag: W/"637e4d62-85c6"
Expires: Fri, 02 Dec 2022 04:10:18 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=3600, private
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Accept-CH-Lifetime: 86400
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash b08a46a7acf3241c1de6dd926b730e61
d816e0cf1c175383ded54ad27f9b60f2c9667517
968f523c66acaf62d91beb16a5a77444625badb1acc29fa654ff1b7da3e5a8f8
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 06 Dec 2022 00:05:01 GMT
ETag: "d816e0cf1c175383ded54ad27f9b60f2c9667517"
Last-Modified: Fri, 02 Dec 2022 00:05:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2431
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de666e760b39-OSL
10945-2.s.cdn15.com/creatives/152327/199283/425871_ee9a7.gif
67.216.91.5200 OK 378 kB URL HTTP/2 10945-2.s.cdn15.com/creatives/152327/199283/425871_ee9a7.gif
IP 67.216.91.5:0
File type GIF image data, version 89a, 728 x 90\012- data
Size 378 kB (378033 bytes)
Hash 23256a77f1398a3bce4652655188358b
5f3a817f31f04c665ce41140b76da85558e3a3d1
b953fdc460f1f5f72863ac9083e2bed01e02b9ffba2d42edaf1dbb776f780afe
GET /creatives/152327/199283/425871_ee9a7.gif HTTP/1.1
Host: 10945-2.s.cdn15.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stenadewy.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.1
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: image/gif
content-length: 378033
last-modified: Fri, 01 Apr 2022 16:46:46 GMT
etag: "23256a77f1398a3bce4652655188358b"
x-timestamp: 1648831605.67539
x-trans-id: txe9184ccb6e24484085e83-00631e8637
x-openstack-request-id: txe9184ccb6e24484085e83-00631e8637
expires: Wed, 22 Feb 2023 08:52:14 GMT
cache-control: max-age=7105316
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsqzmAdmqk/B6ooG0EIWoxnfDP99yEHNfh/s/vR6hhueV5poQosFRHg7MChOCzn8QdY=
x-served-from: l1
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
x-vhostid: 106, 21676
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash ca660dd755c277ee54a1afa1a7b12570
54423b26ea7980e671f22a35cd949c8d1a8b1300
3291d6ec84cd4fc3d2e97998ff04aa2c54b39941079547d2d825b33c2f4169b8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73234
date: Fri, 02 Dec 2022 03:10:18 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e12"
expires: Fri, 02 Dec 2022 04:10:18 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t22.6;r;s1280*1024*24;uhttp%3A//surefap.org/publisher/shia/;0.27597242644978004
88.212.201.204200 OK 1.5 kB URL HTTP/1.1 counter.yadro.ru/hit?t22.6;r;s1280*1024*24;uhttp%3A//surefap.org/publisher/shia/;0.27597242644978004
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash a101e342e0834918cc7cfd0b31aeae87
095d52de7701489d315b56f52953b3f50e1c72c2
23517555842ea251b593107713a503f14f5dad9745862407330519c7e34931d8
GET /hit?t22.6;r;s1280*1024*24;uhttp%3A//surefap.org/publisher/shia/;0.27597242644978004 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://surefap.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: image/gif
Content-Length: 1533
Connection: keep-alive
Expires: Wed, 01 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash cf25de6228f0f085c8e72f7a7409ee65
c4a19f9849e79531d6a2d88dab1aa60bd25f4f3b
95ebd1f02752c74f142eefed7df7c281749674db5ad29400e2d4648e0346af69
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 03:10:18 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 06 Dec 2022 00:46:01 GMT
ETag: "c4a19f9849e79531d6a2d88dab1aa60bd25f4f3b"
Last-Modified: Fri, 02 Dec 2022 00:46:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1431
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7730de6749840b41-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fddb374041478a3281b12ca429b38a50
bc8b3264b1d4c8db5c1beca13dd91688287b483c
911bac1b8e2ed76872c8b2d3171a3b5f61c0f1bad6eb700467625fe46b73ded6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1336
Cache-Control: max-age=158784
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:18 GMT
Etag: "638930a2-116"
Expires: Sat, 03 Dec 2022 23:16:42 GMT
Last-Modified: Thu, 01 Dec 2022 22:54:26 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
cdn.pncloudfl.com/pn/730/fa5/bf8/730fa5bf85db4edcdca427791ea468c0089d707b.jpg
104.22.59.221200 OK 30 kB URL HTTP/2 cdn.pncloudfl.com/pn/730/fa5/bf8/730fa5bf85db4edcdca427791ea468c0089d707b.jpg
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bd1f5b0887ea57e08dd7bdccc7d38b9e
14c42638ce8c1f9d1c413df8715edab0db34944e
61843453329cc31010dcac32684042a286429bdb97294e5aed5847ec55483e01
GET /pn/730/fa5/bf8/730fa5bf85db4edcdca427791ea468c0089d707b.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: image/webp
content-length: 30112
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=59223
content-disposition: inline; filename="730fa5bf85db4edcdca427791ea468c0089d707b.webp"
etag: cebb561a232a24388f2c6a05cdcef344
expires: Sat, 03 Dec 2022 18:16:33 GMT
last-modified: Thu, 24 Nov 2022 10:03:58 GMT
vary: Accept
x-openstack-request-id: txdd0895622b5743f48cf8e-00637f4843
x-proxy-cache: HIT
x-timestamp: 1669284237.47385
x-trans-id: txdd0895622b5743f48cf8e-00637f4843
cf-cache-status: HIT
age: 32025
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7730de6788d7b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fddb374041478a3281b12ca429b38a50
bc8b3264b1d4c8db5c1beca13dd91688287b483c
911bac1b8e2ed76872c8b2d3171a3b5f61c0f1bad6eb700467625fe46b73ded6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1336
Cache-Control: max-age=158784
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 03:10:18 GMT
Etag: "638930a2-116"
Expires: Sat, 03 Dec 2022 23:16:42 GMT
Last-Modified: Thu, 01 Dec 2022 22:54:26 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
top-fwz1.mail.ru/counter?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669950616986%3A1669950617005%3A1%3A19223d5127f940e443885c4de0388125;opts=jst-ga;visible=true;_=0.20395498580830018
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669950616986%3A1669950617005%3A1%3A19223d5127f940e443885c4de0388125;opts=jst-ga;visible=true;_=0.20395498580830018
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669950616986%3A1669950617005%3A1%3A19223d5127f940e443885c4de0388125;opts=jst-ga;visible=true;_=0.20395498580830018 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669950616986%3A1669950617005%3A1%3A19223d5127f940e443885c4de0388125;opts=jst-ga;visible=true;_=0.20395498580830018
set-cookie: FTID=1RMYgQ0tkIIE:1669950618:2787143:::; path=/; expires=Sun, 03-Dec-23 03:10:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1a125695fbcd312685fe655dedb60d2
c26e91d38e6bbb5dec2c62b73bdea02f9dd39b43
220b199f2775f9b0c86f9e1d85a95983aac4c0f01a1b6e7c60a13d95235e0dfd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "220B199F2775F9B0C86F9E1D85A95983AAC4C0F01A1B6E7C60A13D95235E0DFD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10266
Expires: Fri, 02 Dec 2022 06:01:24 GMT
Date: Fri, 02 Dec 2022 03:10:18 GMT
Connection: keep-alive
vvvljeqasz.com/chicken.gif?z=1921797&pb=11b7697b77a21d69ae92060836e1a5a21669957818&psp=2_zhiEXhhbcqTGfP5VQ5YA09PQcJYldahg3gkGt7Zqrbpc8IxvEsSZixCgsyVV5Y6kttjiwLgzrncwb7MEEfjnJNGjaMw9tgjONUyb1rOwZ2SitpYIQe0PBQvscCjMRknFVGqMnEPro_lK3qY7snQo1Zrc0dYNs_8dm2eKZnL5wKUjRx41Znr7Y-fZEek1aJFhx0VioBlnDcEwdErE4MsH-4uBF26h2yYDeVWJ61MDTePIdAYzWnFN4qjWuctCJbnxnWgDBanwDcSzVmwRDr26ce9V_Kiqa8bw182CkGd4aiBsBKQvxWvuK1I5KRUp1SDzj-SvpgP1-m8pTKc3jMkeNuvsl8-P9-CrGb7ytbpPWzH8RAoqcQq9L_5nyVzG3Kn3QkyymVc3_OmFKrts_pS5FFm9E_HfZoaWknc7R8VqI77f4MOwXOt9Dc9ytctXhXRlHDiN6N7UHTJnghLc6iQAdid3kxb3ZNEfVk30b1kTHE9hInZ5a67yQ75xLOGV-wz2tEfL70IcvQ2-0KdbnPklxbyFFO3P8pv9mxFp8kCGhFrPAkpIG1JfL4CmKPzHmmgppZayrtsonKbl0Nt0ThR2wrrf-cQrjLzkmnIpZ8GvuwrucVZvkPU4joHF5vJXp3AQGb__VB8bbhzvPqezliEK9qGYP9wB7acIuYE7_STsdY8wKi95qaSxM2Zuerf2JlXOGM-mppRbHWS07iy5NXZiJVGw7P4i6eOlwq_vtN4rrSalGHZhlvPNn8S_BKNlGlFifgghWrJLQXegEQhgGMGnPOSWEm5Vg=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 vvvljeqasz.com/chicken.gif?z=1921797&pb=11b7697b77a21d69ae92060836e1a5a21669957818&psp=2_zhiEXhhbcqTGfP5VQ5YA09PQcJYldahg3gkGt7Zqrbpc8IxvEsSZixCgsyVV5Y6kttjiwLgzrncwb7MEEfjnJNGjaMw9tgjONUyb1rOwZ2SitpYIQe0PBQvscCjMRknFVGqMnEPro_lK3qY7snQo1Zrc0dYNs_8dm2eKZnL5wKUjRx41Znr7Y-fZEek1aJFhx0VioBlnDcEwdErE4MsH-4uBF26h2yYDeVWJ61MDTePIdAYzWnFN4qjWuctCJbnxnWgDBanwDcSzVmwRDr26ce9V_Kiqa8bw182CkGd4aiBsBKQvxWvuK1I5KRUp1SDzj-SvpgP1-m8pTKc3jMkeNuvsl8-P9-CrGb7ytbpPWzH8RAoqcQq9L_5nyVzG3Kn3QkyymVc3_OmFKrts_pS5FFm9E_HfZoaWknc7R8VqI77f4MOwXOt9Dc9ytctXhXRlHDiN6N7UHTJnghLc6iQAdid3kxb3ZNEfVk30b1kTHE9hInZ5a67yQ75xLOGV-wz2tEfL70IcvQ2-0KdbnPklxbyFFO3P8pv9mxFp8kCGhFrPAkpIG1JfL4CmKPzHmmgppZayrtsonKbl0Nt0ThR2wrrf-cQrjLzkmnIpZ8GvuwrucVZvkPU4joHF5vJXp3AQGb__VB8bbhzvPqezliEK9qGYP9wB7acIuYE7_STsdY8wKi95qaSxM2Zuerf2JlXOGM-mppRbHWS07iy5NXZiJVGw7P4i6eOlwq_vtN4rrSalGHZhlvPNn8S_BKNlGlFifgghWrJLQXegEQhgGMGnPOSWEm5Vg=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1921797&pb=11b7697b77a21d69ae92060836e1a5a21669957818&psp=2_zhiEXhhbcqTGfP5VQ5YA09PQcJYldahg3gkGt7Zqrbpc8IxvEsSZixCgsyVV5Y6kttjiwLgzrncwb7MEEfjnJNGjaMw9tgjONUyb1rOwZ2SitpYIQe0PBQvscCjMRknFVGqMnEPro_lK3qY7snQo1Zrc0dYNs_8dm2eKZnL5wKUjRx41Znr7Y-fZEek1aJFhx0VioBlnDcEwdErE4MsH-4uBF26h2yYDeVWJ61MDTePIdAYzWnFN4qjWuctCJbnxnWgDBanwDcSzVmwRDr26ce9V_Kiqa8bw182CkGd4aiBsBKQvxWvuK1I5KRUp1SDzj-SvpgP1-m8pTKc3jMkeNuvsl8-P9-CrGb7ytbpPWzH8RAoqcQq9L_5nyVzG3Kn3QkyymVc3_OmFKrts_pS5FFm9E_HfZoaWknc7R8VqI77f4MOwXOt9Dc9ytctXhXRlHDiN6N7UHTJnghLc6iQAdid3kxb3ZNEfVk30b1kTHE9hInZ5a67yQ75xLOGV-wz2tEfL70IcvQ2-0KdbnPklxbyFFO3P8pv9mxFp8kCGhFrPAkpIG1JfL4CmKPzHmmgppZayrtsonKbl0Nt0ThR2wrrf-cQrjLzkmnIpZ8GvuwrucVZvkPU4joHF5vJXp3AQGb__VB8bbhzvPqezliEK9qGYP9wB7acIuYE7_STsdY8wKi95qaSxM2Zuerf2JlXOGM-mppRbHWS07iy5NXZiJVGw7P4i6eOlwq_vtN4rrSalGHZhlvPNn8S_BKNlGlFifgghWrJLQXegEQhgGMGnPOSWEm5Vg=&abvar=0&os=0 HTTP/1.1
Host: vvvljeqasz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2212012210dad3f60326814ce9b3da98da9c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACLHBwAAAAAAAAAB; Path=/; Expires=Sun, 01 Jan 2023 03:10:18 GMT; Secure; SameSite=None
OACIBLOCK=ACLHBwAAAABjiDTQ; Path=/; Expires=Sun, 01 Jan 2023 03:10:18 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sat, 03 Dec 2022 03:10:18 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 03:10:19 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Fri, 02 Dec 2022 04:10:19 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669950616986%3A1669950617005%3A1%3A19223d5127f940e443885c4de0388125;opts=jst-ga;visible=true;_=0.20395498580830018
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669950616986%3A1669950617005%3A1%3A19223d5127f940e443885c4de0388125;opts=jst-ga;visible=true;_=0.20395498580830018
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1669950616986%3A1669950617005%3A1%3A19223d5127f940e443885c4de0388125;opts=jst-ga;visible=true;_=0.20395498580830018 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://surefap.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:19 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1669950619:2787143:::; path=/; expires=Sun, 03-Dec-23 03:10:19 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
stenadewy.pro/auWv1-w.cxmyVzzAc_2ClDvEbFj-9HhIZJEKl_kMPNTOQPy-NRTSgT3UM_SWZXpYZZn-JbhcbdWeV_JgZhDi1j4-alHmdn3oe_mqErmsctH-VvzwaxFyp_vAbBmCVDJ-ZFDG0H0IM_TKYL2MNNT-cP1QJRnSp_vUbVmWVXJ-ZZDa0b0cM_TeYf2gNhT-cj1k
188.72.219.36200 OK 0 B URL HTTP/2 stenadewy.pro/auWv1-w.cxmyVzzAc_2ClDvEbFj-9HhIZJEKl_kMPNTOQPy-NRTSgT3UM_SWZXpYZZn-JbhcbdWeV_JgZhDi1j4-alHmdn3oe_mqErmsctH-VvzwaxFyp_vAbBmCVDJ-ZFDG0H0IM_TKYL2MNNT-cP1QJRnSp_vUbVmWVXJ-ZZDa0b0cM_TeYf2gNhT-cj1k
IP 188.72.219.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auWv1-w.cxmyVzzAc_2ClDvEbFj-9HhIZJEKl_kMPNTOQPy-NRTSgT3UM_SWZXpYZZn-JbhcbdWeV_JgZhDi1j4-alHmdn3oe_mqErmsctH-VvzwaxFyp_vAbBmCVDJ-ZFDG0H0IM_TKYL2MNNT-cP1QJRnSp_vUbVmWVXJ-ZZDa0b0cM_TeYf2gNhT-cj1k HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a.shukriya90.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:19 GMT
content-type: application/javascript
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Fri, 02 Dec 2022 03:10:19 GMT
set-cookie: kadCCap=218693:1:1669515516;222582:1:1669887477;220335:1:1669620452;215297:1:1669786163;219047:1:1667194435;132751:1:1669884292;194136:1:1669413157;199455:1:1668245056;220790:1:1668460505;212269:1:1667199062;219652:1:1669330335;219484:1:1667715065;221398:1:1669672704;79610:1:1669272875; max-age=1701486619; path=/
kadACap=446714:1:1669805719;419321:1:1669463839;419299:1:1669735589;419297:1:1669887884;446531:1:1669270846;419293:1:1669526430;451139:1:1669898733;445506:1:1669286676;401659:1:1669888795;445788:1:1669918420;407100:1:1668246232;451724:1:1669565807;450649:1:1669712254;419291:1:1669705862;419295:1:1669929223;424441:1:1669620569;445735:1:1669286676;453831:1:1669942034;444748:1:1669841678;419303:1:1669864662;419323:1:1669947125;419301:1:1669646033;190964:1:1669272875;446013:1:1668228435;410252:1:1669943525;442019:1:1669930720;346327:2:1669923947;449523:1:1669886613;383700:1:1669898676; max-age=1701486619; path=/
kadCSCap=132751:1:1669884292;222582:1:1669887477; path=/
kadASCap=419303:1:1669864662;410252:1:1669943525;401659:1:1669888795;419323:1:1669947125;449523:1:1669886613;346327:2:1669923947;445788:1:1669918420;419297:1:1669887884;451139:1:1669898733;453831:1:1669942034;383700:1:1669898676;419295:1:1669929223;442019:1:1669930720; path=/
kadRPixJ=bnVsbA==; max-age=1701486619; path=/
kadUnP3=CAMQ9b2lnAYaDQiirJUCEAEY1N2jnAYaDQioiJcCEAQY9euhnAYaDQjowJcCEAkYhNOhnAYaDQishpgCEAIYpcSknAYaDQjVv5kBEAEY64iknAYaDQivp/4BEAIYqMKlnAYiCggDEBAYhNOhnAYiCggBEAIYqMKlnAYqDAjh1ycQARjU3aOcBioMCKSTKBAEGPXroZwGKgwI85ooEAkYhNOhnAYqDAiLpCgQAhilxKScBioMCMPpDBACGKjCpZwGKgwIg70SEAEY64iknAY=; max-age=1701486619; path=/
x-content-type-options: nosniff
X-Firefox-Spdy: h2
integrityprinciplesthorough.com/watch.762045664766.js?key=7a2fa356cc779900c863a51e810fbfce&kw=%5B%22publisher%22%2C%22shia%22%2C%22xxx%22%2C%22surefap%22%5D&refer=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&tz=0&dev=e&res=12.1053&uuid=48cf7435-df15-42ef-a579-55e5e65a95b1%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 integrityprinciplesthorough.com/watch.762045664766.js?key=7a2fa356cc779900c863a51e810fbfce&kw=%5B%22publisher%22%2C%22shia%22%2C%22xxx%22%2C%22surefap%22%5D&refer=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&tz=0&dev=e&res=12.1053&uuid=48cf7435-df15-42ef-a579-55e5e65a95b1%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.762045664766.js?key=7a2fa356cc779900c863a51e810fbfce&kw=%5B%22publisher%22%2C%22shia%22%2C%22xxx%22%2C%22surefap%22%5D&refer=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&tz=0&dev=e&res=12.1053&uuid=48cf7435-df15-42ef-a579-55e5e65a95b1%3A3%3A1 HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 03:10:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://surefap.org
Access-Control-Allow-Origin: http://surefap.org
Access-Control-Allow-Credentials: true
Location: https://integrityprinciplesthorough.com/watch.762045664766.js?key=7a2fa356cc779900c863a51e810fbfce&kw=%5B%22publisher%22%2C%22shia%22%2C%22xxx%22%2C%22surefap%22%5D&refer=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&tz=0&dev=e&res=12.1053&uuid=48cf7435-df15-42ef-a579-55e5e65a95b1%3A3%3A1&shu=eed32d7dd0abc92159c21e18947e6233b8d0a0e7a530c0665abc131602563c53155ec8f71091377f2d2c47eb56a5d99f83883f973c6e489ee479b24ac95fcdcda69f8852d6a22835e5215662cf231ae6043d5567&pst=1669950679&rmtc=t
Set-Cookie: u_pl=15842260; expires=Sat, 03 Dec 2022 03:10:19 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTg0MjI2MCwiayI6IjdhMmZhMzU2Y2M3Nzk5MDBjODYzYTUxZTgxMGZiZmNlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo2ODAzOCwicGlkIjo1NTg0NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNSwicHQiOjQsInBrIjoia2VkZ2llM3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3N1cmVmYXAub3JnL3B1Ymxpc2hlci9zaGlhLyJ9fQ.Bbky3bSEDWx22tv6B6DZF8Scs8NOq7KQ0h0fW6nAOM8; expires=Fri, 02 Dec 2022 03:11:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dce77fe755ecb50c69d02af7b6e0e972
Strict-Transport-Security: max-age=0; includeSubdomains
mc.yandex.ru/watch/37790960?wmode=7&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1122348192360%3Ahid%3A204081230%3Az%3A0%3Ai%3A20221202031017%3Aet%3A1669950617%3Ac%3A1%3Arn%3A300376583%3Arqn%3A1%3Au%3A1669950617573363272%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C63%2C238%2C242%2C1%2C902%2C22%2C%2C%2C%2C1311%3Aco%3A0%3Ans%3A1669950615390%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669950617%3At%3APublisher%20Shia%20xxx%20%7C%20SureFap&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/37790960?wmode=7&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1122348192360%3Ahid%3A204081230%3Az%3A0%3Ai%3A20221202031017%3Aet%3A1669950617%3Ac%3A1%3Arn%3A300376583%3Arqn%3A1%3Au%3A1669950617573363272%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C63%2C238%2C242%2C1%2C902%2C22%2C%2C%2C%2C1311%3Aco%3A0%3Ans%3A1669950615390%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669950617%3At%3APublisher%20Shia%20xxx%20%7C%20SureFap&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 911cc67d30df33053c63daae8dae9cd0
b142f0d9e9b36db413adc8998481c31e9bb96777
cd39da9f76fbb0c3b91526c92b5e838b938bdabd0b30d81689eb9e35e1419703
GET /watch/37790960?wmode=7&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1122348192360%3Ahid%3A204081230%3Az%3A0%3Ai%3A20221202031017%3Aet%3A1669950617%3Ac%3A1%3Arn%3A300376583%3Arqn%3A1%3Au%3A1669950617573363272%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C63%2C238%2C242%2C1%2C902%2C22%2C%2C%2C%2C1311%3Aco%3A0%3Ans%3A1669950615390%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669950617%3At%3APublisher%20Shia%20xxx%20%7C%20SureFap&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/37790960/1?wmode=7&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afp%3A846%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1122348192360%3Ahid%3A204081230%3Az%3A0%3Ai%3A20221202031017%3Aet%3A1669950617%3Ac%3A1%3Arn%3A300376583%3Arqn%3A1%3Au%3A1669950617573363272%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C63%2C238%2C242%2C1%2C902%2C22%2C%2C%2C%2C1311%3Aco%3A0%3Ans%3A1669950615390%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669950617%3At%3APublisher%20Shia%20xxx%20%7C%20SureFap&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 02 Dec 2022 03:10:19 GMT
access-control-allow-origin: http://surefap.org
set-cookie: yabs-sid=1394853361669950619; Path=/; SameSite=None; Secure
i=3PPeUfs1orvD5Y6h3PfmUz2BPsNKy82xn2obhddmhzf9JaA4dFj4NdlrNyhW/gX+6JygLw1z++dKxXsiLo2K8XOL8ng=; Expires=Mon, 29-Nov-2032 03:10:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8925612211669950619; Expires=Sat, 02-Dec-2023 03:10:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8925612211669950619; Expires=Sat, 02-Dec-2023 03:10:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701486619.yc.1669950619#1701486619.yrts.1669950619#1701486619.yrtsi.1669950619; Expires=Sat, 02-Dec-2023 03:10:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:10:19 GMT
last-modified: Fri, 02-Dec-2022 03:10:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
integrityprinciplesthorough.com/watch.762045664766.js?key=7a2fa356cc779900c863a51e810fbfce&kw=%5B%22publisher%22%2C%22shia%22%2C%22xxx%22%2C%22surefap%22%5D&refer=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&tz=0&dev=e&res=12.1053&uuid=48cf7435-df15-42ef-a579-55e5e65a95b1%3A3%3A1&shu=eed32d7dd0abc92159c21e18947e6233b8d0a0e7a530c0665abc131602563c53155ec8f71091377f2d2c47eb56a5d99f83883f973c6e489ee479b24ac95fcdcda69f8852d6a22835e5215662cf231ae6043d5567&pst=1669950679&rmtc=t
192.243.59.13200 OK 2.4 kB URL HTTP/1.1 integrityprinciplesthorough.com/watch.762045664766.js?key=7a2fa356cc779900c863a51e810fbfce&kw=%5B%22publisher%22%2C%22shia%22%2C%22xxx%22%2C%22surefap%22%5D&refer=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&tz=0&dev=e&res=12.1053&uuid=48cf7435-df15-42ef-a579-55e5e65a95b1%3A3%3A1&shu=eed32d7dd0abc92159c21e18947e6233b8d0a0e7a530c0665abc131602563c53155ec8f71091377f2d2c47eb56a5d99f83883f973c6e489ee479b24ac95fcdcda69f8852d6a22835e5215662cf231ae6043d5567&pst=1669950679&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (3113)
Hash b9fb7458a60a7f3f6844093dd2680459
69111b17325f90584df557f281228b7f63dfa495
6e12cda15f8a51d2eacb28b3f909eb36bb14e88e86a83409c9bf2c987dc508e7
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.762045664766.js?key=7a2fa356cc779900c863a51e810fbfce&kw=%5B%22publisher%22%2C%22shia%22%2C%22xxx%22%2C%22surefap%22%5D&refer=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&tz=0&dev=e&res=12.1053&uuid=48cf7435-df15-42ef-a579-55e5e65a95b1%3A3%3A1&shu=eed32d7dd0abc92159c21e18947e6233b8d0a0e7a530c0665abc131602563c53155ec8f71091377f2d2c47eb56a5d99f83883f973c6e489ee479b24ac95fcdcda69f8852d6a22835e5215662cf231ae6043d5567&pst=1669950679&rmtc=t HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://surefap.org
Referer: http://surefap.org/
Connection: keep-alive
Cookie: u_pl=15842260; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTg0MjI2MCwiayI6IjdhMmZhMzU2Y2M3Nzk5MDBjODYzYTUxZTgxMGZiZmNlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo2ODAzOCwicGlkIjo1NTg0NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNSwicHQiOjQsInBrIjoia2VkZ2llM3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3N1cmVmYXAub3JnL3B1Ymxpc2hlci9zaGlhLyJ9fQ.Bbky3bSEDWx22tv6B6DZF8Scs8NOq7KQ0h0fW6nAOM8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 03:10:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://surefap.org
Access-Control-Allow-Origin: http://surefap.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=48cf7435-df15-42ef-a579-55e5e65a95b1:3:1; expires=Fri, 09 Dec 2022 03:10:19 GMT; secure; SameSite=None
iprc40192e3733f04b22487d7782e69b1488=3569676; expires=Fri, 02 Dec 2022 07:10:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 03:10:19 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 03:10:19 GMT; secure; SameSite=None
pdhtkv25=true; expires=Sat, 03 Dec 2022 03:10:19 GMT; secure; SameSite=None
uncs25=1; expires=Sat, 03 Dec 2022 03:10:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 451455c546f7600dfeb2f6d5f7052261
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3c0282fb1989711e4a48dce935bf7813
30bed8a42fc820e4feb64bd22ddfefe120889014
81e304f070d6b7aa4dc67c727523578cd18a665a5cfe674a3b1391f3f39fc11a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81E304F070D6B7AA4DC67C727523578CD18A665A5CFE674A3B1391F3F39FC11A"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1985
Expires: Fri, 02 Dec 2022 03:43:24 GMT
Date: Fri, 02 Dec 2022 03:10:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13734
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:10:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13734
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:10:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13734
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:10:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13734
Expires: Fri, 02 Dec 2022 06:59:14 GMT
Date: Fri, 02 Dec 2022 03:10:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 19281
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/18/f8/38/18f83825a2a74bc259a3fd10a1236848/1658915435.png
45.133.44.10200 OK 185 kB URL HTTP/2 cdn.cloudimagesb.com/cti/18/f8/38/18f83825a2a74bc259a3fd10a1236848/1658915435.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 185 kB (185150 bytes)
Hash 69cbf6dd022575e7dcaa17248e7e4643
daf78102256bb6d153facc728e9fe73be02138e6
41110fdcc38e4d9358f19dd9440d766d798d159e2bc6dd69197321df9d1b9582
GET /cti/18/f8/38/18f83825a2a74bc259a3fd10a1236848/1658915435.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:10:19 GMT
content-type: image/png
content-length: 185150
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:50:43 GMT
etag: "62e10a73-2d33e"
expires: Sun, 04 Dec 2022 03:10:19 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 20126
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 19209
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:43:11 GMT
age: 70029
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 19289
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 19224
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adserver.juicyads.com/adshow.php?adzone=499390
185.94.236.245200 OK 1.8 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=499390
IP 185.94.236.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1668), with CRLF, LF line terminators
Hash 9fce68cb16a7550f9b2fe6709db5f515
a04d4bcee2815649ba733783d326203472af1988
71812c6caa8f4186832e9ed968193cae3faf6b8a74b3c86652a1bbfba87ca7a5
GET /adshow.php?adzone=499390 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a599025b56f2b511337e44addc2ede5d; expires=Sat, 02-Dec-2023 03:10:18 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YTowOnt9; expires=Mon, 05-Dec-2022 03:10:18 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 05-Dec-2022 03:10:18 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
ads.juicyads.me/ads/user161341/ad1266795-1658474854.gif
69.16.175.42200 OK 284 kB URL HTTP/2 ads.juicyads.me/ads/user161341/ad1266795-1658474854.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 250 x 250\012- data
Size 284 kB (284264 bytes)
Hash 94eeda124cd4fd45a6ca4a7f0d672cc0
2c614d114dd89373a06a8823c4973f97b6120736
4a28e5c786dab8824c53af0d6543b86f58527139584fd50e41b97a5e917dfcc7
GET /ads/user161341/ad1266795-1658474854.gif HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 03:10:20 GMT
etag: "1658474854"
cache-control: max-age=20060463
content-length: 284264
content-type: image/gif
last-modified: Fri, 22 Jul 2022 07:27:34 GMT
accept-ranges: bytes
x-hw: 1669950620.dop213.sk1.t,1669950620.cds211.sk1.hn,1669950620.cds261.sk1.c
X-Firefox-Spdy: h2
a.shukriya90.com/api/spots/23307?host=surefap.org&ev=197&wh=939&ww=1280&uuid=&kw=Surefap%2CSurefap.org%2Cfree%2Cpic%2Cporn%2Ctoon%2Canal%2Cblowjob%2Cboobs%2Cfuck%2Cgroup%2Cnude%2Cporno&s1=%25subid1%25
135.181.208.216200 OK 418 B URL HTTP/2 a.shukriya90.com/api/spots/23307?host=surefap.org&ev=197&wh=939&ww=1280&uuid=&kw=Surefap%2CSurefap.org%2Cfree%2Cpic%2Cporn%2Ctoon%2Canal%2Cblowjob%2Cboobs%2Cfuck%2Cgroup%2Cnude%2Cporno&s1=%25subid1%25
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 4d85ef3c14357b303cc84b7c01d01d2b
298a0b1d346cbceb9b4c06353a640fa0f395aff1
b03a545044fdc17d8715239cdceabd017e6fc27988b85ad39e3a3b286e9664ca
GET /api/spots/23307?host=surefap.org&ev=197&wh=939&ww=1280&uuid=&kw=Surefap%2CSurefap.org%2Cfree%2Cpic%2Cporn%2Ctoon%2Canal%2Cblowjob%2Cboobs%2Cfuck%2Cgroup%2Cnude%2Cporno&s1=%25subid1%25 HTTP/1.1
Host: a.shukriya90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:20 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=bDq35zON1VrNvWmh0YGL; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=1&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=439604731&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950621%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031020%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950621&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=1&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=439604731&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950621%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031020%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950621&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/37790960?wmode=0&wv-part=1&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=439604731&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950621%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031020%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950621&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 136321
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 03:10:22 GMT
access-control-allow-origin: http://surefap.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:10:22 GMT
last-modified: Fri, 02-Dec-2022 03:10:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=1&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=54383411&wv-type=3&browser-info=we%3A1%3Aet%3A1669950621%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031021%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950621&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=1&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=54383411&wv-type=3&browser-info=we%3A1%3Aet%3A1669950621%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031021%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950621&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/37790960?wmode=0&wv-part=1&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=54383411&wv-type=3&browser-info=we%3A1%3Aet%3A1669950621%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031021%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950621&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 03:10:22 GMT
access-control-allow-origin: http://surefap.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:10:22 GMT
last-modified: Fri, 02-Dec-2022 03:10:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=2&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=470823166&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950622%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031021%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950622&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=2&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=470823166&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950622%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031021%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950622&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/37790960?wmode=0&wv-part=2&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=470823166&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950622%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031021%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950622&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7100
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 03:10:23 GMT
access-control-allow-origin: http://surefap.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:10:23 GMT
last-modified: Fri, 02-Dec-2022 03:10:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=3&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=386630437&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950624%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950624&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=3&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=386630437&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950624%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950624&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/37790960?wmode=0&wv-part=3&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=386630437&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950624%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950624&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 6408
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 03:10:25 GMT
access-control-allow-origin: http://surefap.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:10:25 GMT
last-modified: Fri, 02-Dec-2022 03:10:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
adserver.juicyads.com/adshow.php?adzone=498259
185.94.236.245200 OK 1.6 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=498259
IP 185.94.236.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (407), with CRLF, LF line terminators
Hash cad8b3070735df48239bb1560bee18f6
0052d4d954e106080540c895f5a25f0d8f840800
75b19c9cafb940b0941e1a141e773e085fa2806e537cddcd589b4059470257d1
GET /adshow.php?adzone=498259 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://surefap.org/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 03:10:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a599025b56f2b511337e44addc2ede5d; expires=Sat, 02-Dec-2023 03:10:18 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
imps13017=1; expires=Sat, 03-Dec-2022 03:10:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YToxOntpOjc4MzgxODtpOjE2NzAyMDk4MTg7fQ%3D%3D; expires=Mon, 05-Dec-2022 03:10:18 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 05-Dec-2022 03:10:18 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
top-fwz1.mail.ru/tracker?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1669950616986%3A1669950624530%3A2%3A19223d5127f940e443885c4de0388125;opts=jst-ga-ym;visible=true;_=0.9609133729329197;e=RT/unload;et=1669950624528;pvt=7861;vtauto=7547
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1669950616986%3A1669950624530%3A2%3A19223d5127f940e443885c4de0388125;opts=jst-ga-ym;visible=true;_=0.9609133729329197;e=RT/unload;et=1669950624528;pvt=7861;vtauto=7547
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=2787143;u=http%3A//surefap.org/publisher/shia/;st=1669950616667;title=Publisher%20Shia%20xxx%20%7C%20SureFap;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=7a2090b70b90e421;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1669950616986%3A1669950624530%3A2%3A19223d5127f940e443885c4de0388125;opts=jst-ga-ym;visible=true;_=0.9609133729329197;e=RT/unload;et=1669950624528;pvt=7861;vtauto=7547 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:26 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIE:1669950626:2787143:::; path=/; expires=Sun, 03-Dec-23 03:10:26 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=2&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=10537108&wv-type=3&browser-info=we%3A1%3Aet%3A1669950625%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950625&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=2&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=10537108&wv-type=3&browser-info=we%3A1%3Aet%3A1669950625%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950625&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/37790960?wmode=0&wv-part=2&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=10537108&wv-type=3&browser-info=we%3A1%3Aet%3A1669950625%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950625&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 03:10:26 GMT
access-control-allow-origin: http://surefap.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:10:26 GMT
last-modified: Fri, 02-Dec-2022 03:10:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=4&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=472204179&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950625%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950625&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/37790960?wmode=0&wv-part=4&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=472204179&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950625%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950625&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/37790960?wmode=0&wv-part=4&wv-hit=204081230&page-url=http%3A%2F%2Fsurefap.org%2Fpublisher%2Fshia%2F&rn=472204179&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1669950625%3Aw%3A1268x939%3Av%3A933%3Az%3A0%3Ai%3A20221202031024%3Au%3A1669950617573363272%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Ast%3A1669950625&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2915
Origin: http://surefap.org
Connection: keep-alive
Referer: http://surefap.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 03:10:26 GMT
access-control-allow-origin: http://surefap.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:10:26 GMT
last-modified: Fri, 02-Dec-2022 03:10:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
stenadewy.pro/aMWOZRyKQ.2r9BklZKTC9f6XbS2/5GlGS/WiQR9yNZDaES2-N/j/UV3/N/SwZsw_d/XbNmoMWCmg9nuVZKUtl/kNPLTwQ/xxNAjnYV1CNjzeUn
188.72.219.36200 OK 0 B URL HTTP/2 stenadewy.pro/aMWOZRyKQ.2r9BklZKTC9f6XbS2/5GlGS/WiQR9yNZDaES2-N/j/UV3/N/SwZsw_d/XbNmoMWCmg9nuVZKUtl/kNPLTwQ/xxNAjnYV1CNjzeUn
IP 188.72.219.36:0
GET /aMWOZRyKQ.2r9BklZKTC9f6XbS2/5GlGS/WiQR9yNZDaES2-N/j/UV3/N/SwZsw_d/XbNmoMWCmg9nuVZKUtl/kNPLTwQ/xxNAjnYV1CNjzeUn HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://a.shukriya90.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
stenadewy.pro/aRWGZNyXQ.2d9MkvZTTz9k6ab-2y5HlASqWhQd9gNADfEL2RNljaUq2_N/ycZ/whdsXuNXo/WSmA9/ugZkUqlUk/PETPQYxuNrj/YH1qNJjScH
188.72.219.36200 OK 0 B URL HTTP/2 stenadewy.pro/aRWGZNyXQ.2d9MkvZTTz9k6ab-2y5HlASqWhQd9gNADfEL2RNljaUq2_N/ycZ/whdsXuNXo/WSmA9/ugZkUqlUk/PETPQYxuNrj/YH1qNJjScH
IP 188.72.219.36:0
GET /aRWGZNyXQ.2d9MkvZTTz9k6ab-2y5HlASqWhQd9gNADfEL2RNljaUq2_N/ycZ/whdsXuNXo/WSmA9/ugZkUqlUk/PETPQYxuNrj/YH1qNJjScH HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://a.shukriya90.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
stenadewy.pro/aVWWZ_y.PY3ZBa1bc-2dheafbg2_5iljSkWlQ-9nNoDpEq2_NsjtUu3vN-SxZy6zbA2_5ClDSEWFQ-9HNIDJEK2_NMjNUO3PN-QR?iframeId=xhwwza
188.72.219.36200 OK 0 B URL HTTP/2 stenadewy.pro/aVWWZ_y.PY3ZBa1bc-2dheafbg2_5iljSkWlQ-9nNoDpEq2_NsjtUu3vN-SxZy6zbA2_5ClDSEWFQ-9HNIDJEK2_NMjNUO3PN-QR?iframeId=xhwwza
IP 188.72.219.36:0
GET /aVWWZ_y.PY3ZBa1bc-2dheafbg2_5iljSkWlQ-9nNoDpEq2_NsjtUu3vN-SxZy6zbA2_5ClDSEWFQ-9HNIDJEK2_NMjNUO3PN-QR?iframeId=xhwwza HTTP/1.1
Host: stenadewy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a.shukriya90.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Fri, 02 Dec 2022 03:10:18 GMT
set-cookie: kadCCap=218693:1:1669515516;219652:1:1669330335;222582:1:1669887477;219484:1:1667715065;199455:1:1668245056;219047:1:1667194435;220790:1:1668460505;212269:1:1667199062;132751:1:1669884292;194136:1:1669413157;221398:1:1669672704;220335:1:1669620452;79610:1:1669272875;215297:1:1669786163; max-age=1701486618; path=/
kadACap=419293:1:1669526430;410252:1:1669943525;445735:1:1669286676;453831:1:1669942034;442019:1:1669930720;451139:1:1669898733;424441:1:1669620569;419299:1:1669735589;419297:1:1669887884;419295:1:1669929223;446714:1:1669805719;407100:1:1668246232;445506:1:1669286676;451724:1:1669565807;346327:2:1669923947;449523:1:1669886613;419321:1:1669463839;450649:1:1669712254;444748:1:1669841678;419323:1:1669947125;419291:1:1669705862;401659:1:1669888795;419301:1:1669646033;190964:1:1669272875;445788:1:1669918420;446013:1:1668228435;446531:1:1669270846;419303:1:1669864662;383700:1:1669898676; max-age=1701486618; path=/
kadCSCap=132751:1:1669884292;222582:1:1669887477; path=/
kadASCap=410252:1:1669943525;401659:1:1669888795;419323:1:1669947125;419297:1:1669887884;451139:1:1669898733;449523:1:1669886613;346327:2:1669923947;453831:1:1669942034;383700:1:1669898676;445788:1:1669918420;419295:1:1669929223;419303:1:1669864662;442019:1:1669930720; path=/
kadRPixJ=bnVsbA==; max-age=1701486618; path=/
kadUnP3=CAIQ9b2lnAYaDQjVv5kBEAEY64iknAYaDQivp/4BEAEYqMKlnAYaDQiirJUCEAEY1N2jnAYaDQioiJcCEAQY9euhnAYaDQjowJcCEAkYhNOhnAYaDQishpgCEAIYpcSknAYiCggBEAEYqMKlnAYiCggDEBAYhNOhnAYqDAiLpCgQAhilxKScBioMCMPpDBABGKjCpZwGKgwIg70SEAEY64iknAYqDAjh1ycQARjU3aOcBioMCKSTKBAEGPXroZwGKgwI85ooEAkYhNOhnAY=; max-age=1701486618; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
vvvljeqasz.com/get/1921797?zoneid=1921797&jp=_clag5wwdrwtc69vcypossh&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390916860338705
62.122.171.6200 OK 0 B URL HTTP/2 vvvljeqasz.com/get/1921797?zoneid=1921797&jp=_clag5wwdrwtc69vcypossh&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390916860338705
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1921797?zoneid=1921797&jp=_clag5wwdrwtc69vcypossh&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390916860338705 HTTP/1.1
Host: vvvljeqasz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a.shukriya90.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 03:10:18 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212012210dad3f60326814ce9b3da98da9c; Path=/; Expires=Sat, 02 Dec 2023 03:10:18 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2