Report - jammaien.hooxs.com/t3067-topic

Report Overview

Visited public
2023-09-25 10:33:32
Tags
URL
jammaien.hooxs.com/t3067-topic
Finishing URL
jammaien.hooxs.com/t3067-topic
IP / ASN
178.33.44.177
#16276 OVH SAS
Title
صور متحركة حلوة

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-09-25 02:31:01	1.0 kB	1.0 kB	139.45.197.250
illiweb.com	265462	2002-11-29	2012-06-26 03:06:07	2023-09-23 13:22:04	3.9 kB	131 kB	188.114.96.1
d.audiencerun.com	158618	2018-04-06	2019-04-12 02:00:33	2023-09-22 06:11:42	773 B	13 kB	3.136.131.237
2img.net	212398	2018-01-23	2016-06-23 08:31:49	2023-09-23 14:56:33	20 kB	467 kB	104.21.235.75
jammaien.hooxs.com	unknown	2006-08-07	2015-01-18 08:23:48	2022-07-28 12:27:16	2.3 kB	173 kB	94.23.76.111
connect.topicit.net	523065	2015-04-08	2017-11-15 11:04:29	2023-09-23 13:22:05	417 B	2.3 kB	188.114.96.1
ac.aruncdn.com	unknown	2022-08-15	2022-08-24 18:11:09	2023-09-23 01:43:13	3.9 kB	779 kB	172.67.70.117
script.4dex.io	2135	2018-04-02	2018-07-23 12:04:27	2023-09-24 18:47:53	409 B	4.6 kB	104.26.9.169
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-24 23:44:58	435 B	35 kB	216.58.207.234
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-09-24 21:04:18	534 B	578 B	142.250.74.35
imasdk.googleapis.com	11661	2005-01-25	2014-10-30 18:42:18	2023-09-24 23:58:06	439 B	367 kB	216.58.207.234
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-09-24 22:53:05	473 B	749 B	139.45.195.8
cdn.betgorebysson.club	149925	2020-07-24	2020-07-24 17:19:13	2023-09-22 22:02:51	1.5 kB	88 kB	139.45.195.8
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-09-24 18:14:53	507 B	2.7 kB	104.16.86.20
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-24 23:12:17	1.3 kB	318 kB	142.250.74.104
i.servimg.com	258270	2004-05-17	2015-07-24 11:25:42	2023-09-23 16:33:16	1.3 kB	15 kB	172.67.178.62
stootsou.net	145219	2021-04-03	2021-04-05 10:22:21	2023-09-23 09:53:27	2.9 kB	104 kB	139.45.197.250
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-09-24 18:35:49	750 B	449 B	216.239.32.36
tbn0.google.com	unknown	1997-09-15	2012-07-08 10:19:12	2023-08-05 21:44:17	439 B	10 kB	216.58.211.4
ac.audiencerun.com	162826	2018-04-06	2020-11-20 01:50:12	2023-09-23 15:54:15	842 B	13 kB	143.204.55.126

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-25	medium	amunfezanttor.com	Sinkholed
2023-09-25	medium	amunfezanttor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (43)

	URL	From	Size	First Seen	Last Seen
	cdn.betgorebysson.club/apu.php?zoneid=3765907	ScriptElement	84 kB	2023-09-25	2023-09-25
Pretty URL cdn.betgorebysson.club/apu.php?zoneid=3765907 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-25 12:33 Last Seen2023-09-25 12:33 Times Seen1 Hash d4a55c5bf5dcb19019029bdd079f9cab 175427aa59ee412c49b7b4060b6365964db8ddba ddca5f921e49248434e087c6553dfe2d16019da42ca20f78c04b5350fe0fbd27 Loading...

	ac.aruncdn.com/f/nat/0.native.js?ver=222614	ScriptElement	112 kB	2023-05-23	2024-08-21
Pretty URL ac.aruncdn.com/f/nat/0.native.js?ver=222614 IP 172.67.70.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 11:20 Last Seen2024-08-21 08:27 Times Seen19 Hash 057c03f785f28ded09961b24b88a9bf3 9f57d86c50229a11de80d0e4ece1a8ab905a1508 a1b8b226bf4ce77d32f998ae52aa35746d798a1bb68dc83bf692e7f2b845b860 Loading...

	illiweb.com/rs3/78/frm/mentions/tooltipster.js	ScriptElement	18 kB	2023-03-07	2025-04-19
Pretty URL illiweb.com/rs3/78/frm/mentions/tooltipster.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:57 Last Seen2025-04-19 00:53 Times Seen83 Hash c5c6a5cbc41364e0fbc73470d7ce7dfc 2c0a798e6fe124e3c58393c73ccb632be9058f48 a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	51 B	2023-03-07	2025-04-19
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:07 Last Seen2025-04-19 00:53 Times Seen46 Hash 31413c1a0520f96981534f262a266579 ea3b9b49e90bd399a7042952268f01a95a3a405a d75199ccb2b6682e717ae84c96162eb5e341b62a189c22d1ad74fdcf6db27987 Loading...

	connect.topicit.net/scripts/connect.js	ScriptElement	3.5 kB	2023-03-07	2025-01-07
Pretty URL connect.topicit.net/scripts/connect.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40 Last Seen2025-01-07 09:04 Times Seen61 Hash df06f0c81b83b4161d3a2c843e71de58 ac09970aca15ee03496cbe68c2a2f06914e19855 39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542 Loading...

	unknown	ScriptElement	88 kB	2023-09-14	2023-09-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-14 17:41 Last Seen2023-09-28 15:36 Times Seen210 Hash 0f22080b3f88f2f09bbabbcb8e9550c4 191596e48cd208528643ab0530ce3b2cb3f68fae 5d1d95a226026f763d0d086ef23b7cdc09e9dd0c68df56d6d638b0474a64e1e0 Loading...

	www.googletagmanager.com/gtag/js?id=	ScriptElement	114 kB	2023-09-25	2023-09-25
Pretty URL www.googletagmanager.com/gtag/js?id= IP 142.250.74.104 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-25 12:33 Last Seen2023-09-25 12:33 Times Seen1 Hash e9217053b489c3bb60b4284043eb3da6 5c928f23924a056cfa5c36f9cbe5c2b522925be7 4dfc7dd269b8555aa7869724a382414c3b5bbcb8d90e5258152d0e188acb00e0 Loading...

	d.audiencerun.com/c/5eyky1py1w?rid=ef148b7f-eae8-4b90-b988-f9e2f787bcd9&spu=65cd5f2a-258b-42ec-9e6e-259d9c0da831&sui=c14913d7-00f4-4c66-8abf-f4e61b9358de&s=null&a=1&msk=null&m=null&v=1.2.16&d=1695637995409&r=&vu=&dv=desktop&os=linux&br=firefox%2F111.0&ce=1&sr=1280x1024&o=portrait&tz=0%20GMT&ul=en&inf=0&ift=&amp=0&url=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&es5=0&gdpr=0&gdpr_consent=	ScriptElement	12 kB	2023-09-25	2023-09-25
Pretty URL d.audiencerun.com/c/5eyky1py1w?rid=ef148b7f-eae8-4b90-b988-f9e2f787bcd9&spu=65cd5f2a-258b-42ec-9e6e-259d9c0da831&sui=c14913d7-00f4-4c66-8abf-f4e61b9358de&s=null&a=1&msk=null&m=null&v=1.2.16&d=1695637995409&r=&vu=&dv=desktop&os=linux&br=firefox%2F111.0&ce=1&sr=1280x1024&o=portrait&tz=0%20GMT&ul=en&inf=0&ift=&amp=0&url=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&es5=0&gdpr=0&gdpr_consent= IP 3.136.131.237 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-25 12:33 Last Seen2023-09-25 12:33 Times Seen1 Hash 55767818d6505e5c72d76e15ce83d1b6 5cfc632f76ac23fb00b3ba3f64146407181eebdd 51f7f1d1e703b7276147a93dc1474bae7756eb9835e7201be8f96e2dd540b486 Loading...

	ac.aruncdn.com/f/nat/n.js?408	ScriptElement	37 kB	2023-06-20	2024-08-21
Pretty URL ac.aruncdn.com/f/nat/n.js?408 IP 172.67.70.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-20 22:39 Last Seen2024-08-21 07:24 Times Seen2 Hash 16e03db1a7110d0b36fed4d036f9382e 9afc1dac658fb6290af029057d335296a7d1fd99 954b053e96bed4a32c8bfc4929340f8b22d3219dd02802ebac2263fda3a2bd33 Loading...

	ac.aruncdn.com/f/nat/fixedFooter.native.js?ver=222614	ScriptElement	160 kB	2023-05-23	2024-10-14
Pretty URL ac.aruncdn.com/f/nat/fixedFooter.native.js?ver=222614 IP 172.67.70.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 11:20 Last Seen2024-10-14 22:46 Times Seen44 Hash 0708733879d93c42a1e77a9f4e148139 4c1ced02bc02b65892c75fc4c7cbde4ce7d141f4 3afb7f04f8cf0f2dd00750f51595dc7c067b8fd958a55a11f77e45fd0eb02b29 Loading...

	jammaien.hooxs.com/sandbox%20eval%20code		121 B	2023-05-07	2025-05-05
Pretty URL jammaien.hooxs.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-07 17:06 Last Seen2025-05-05 18:35 Times Seen566 Hash d98c65211df4c48ff68677c77e64c929 ad8e2c0c0db94965c23696d33cf8c30b52e54428 0c2d4b94a7055fc4fd3f62d36f7daa4fcde4051c4ba562c1c4263f7a11e30998 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	14 kB	2024-08-21	2024-08-21
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:48 Last Seen2024-08-21 05:48 Times Seen1 Hash 8aaf8470531a5787c1a7da71dd238b36 afab78fd60ad2c2c67f27c34d545b730bb39f9ef af6f724b804e25579b7223f993f7fbeb9527fb6a3c7721e094fa63011cca3e53 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	514 B	2023-03-07	2025-03-28
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2025-03-28 05:39 Times Seen83 Hash 761d2d805f480411fa88e7662492769d c28ca142719025edf8996ac2897d036fc0c2a76e 0ee1b0b1b1b4667a2fd2983949d1c4b6aaaca435394712789388747cbe3d6d53 Loading...

	ac.audiencerun.com/j/tag.js	ScriptElement	12 kB	2023-06-20	2024-08-21
Pretty URL ac.audiencerun.com/j/tag.js IP 143.204.55.126 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-20 22:39 Last Seen2024-08-21 07:24 Times Seen2 Hash 726a4280e5d2bf1bb18525c29252d548 66c160b0af7638a0d08fac1d64d19ef4e47bc9a1 77f74772c142b378ecc6e2f3006bc8333ed3bbd84fdbcd73ac5dc3a3667f1234 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	474 B	2023-03-07	2025-03-28
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2025-03-28 05:39 Times Seen83 Hash 5dc2d1991479eee96d79b825b4ed452f bc3983969f797596e3e7f3dd21c5fa6e6106991c 4f479e3c2a795d192a8b82d1ac992bb6a2e7e1f65b8bbd808d5e5a2ff0cebaff Loading...

	illiweb.com/rs3/78/frm/mentions/init.js	ScriptElement	2.2 kB	2023-04-02	2025-04-19
Pretty URL illiweb.com/rs3/78/frm/mentions/init.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-02 21:15 Last Seen2025-04-19 00:53 Times Seen83 Hash 75a9486eced1745452021503d6cfc82e d68c198ebcdda1613ec61bb44a0585a8d94b3f6a 9cce595b201da3285768c8375124b2976eafacaa8002781d478ee1f9d69dc8c4 Loading...

	static.criteo.net/js/ld/publishertag.js	ScriptElement	1.5 kB	2023-05-07	2025-05-05
Pretty URL static.criteo.net/js/ld/publishertag.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-07 17:06 Last Seen2025-05-05 18:35 Times Seen554 Hash 7dba265fe812bbe8902d392df86a7d53 d3393ca5d8c15e87e240c29d4b28419883342099 bcb81782443535cf1dde05361ede295434e0323c34185d7d9471be0132bcdd07 Loading...

	illiweb.com/rs3/78/frm/twemoji/twemoji.min.js	ScriptElement	17 kB	2023-06-20	2024-08-21
Pretty URL illiweb.com/rs3/78/frm/twemoji/twemoji.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-20 22:39 Last Seen2024-08-21 07:24 Times Seen2 Hash 2c84379b1a7661070d03d7b5846830f9 a427508a6c4fdb4141287a75989d791d67279e86 9101bfaab7b67818c75701d5b3ebc537e0d80e085f5f5358a3c79c7db5c4ceb0 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	213 B	2023-03-07	2025-03-07
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:07 Last Seen2025-03-07 22:39 Times Seen26 Hash 8dc99b1a979c478e061ff14e9670e8af 7550a0acc3765631761b58add79d56910907c5be bb17c405392717ddb4e72a8d66b94b269df6defb391f09fdfb60acc1403dd3c6 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	172 B	2023-03-07	2025-03-18
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2025-03-18 11:12 Times Seen21 Hash eac2977105f7afa338df42213637c7e8 b8da68cf1722f55c0013b2c642ff3315f8d03755 ee35e392c911a32615a69c87ae4dcf90dabcedb74b9b8f1df12010e4622e25a8 Loading...

	jammaien.hooxs.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL jammaien.hooxs.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 12:44 Times Seen341436 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	illiweb.com/rs3/78/frm/lang/notutf8-ar.js	ScriptElement	75 kB	2023-05-24	2024-08-21
Pretty URL illiweb.com/rs3/78/frm/lang/notutf8-ar.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-24 17:19 Last Seen2024-08-21 08:27 Times Seen16 Hash 5632219ba4176e503d2a52df905ed735 f783cfb3823619fdd11d0596e8601e961829f7d2 12bcdb3bc4a31691a44d6282301f61c095be114319e28f0ca4c97d8d2af05871 Loading...

	illiweb.com/rs3/78/frm/embed/FA_Embed.js	ScriptElement	277 B	2023-03-07	2024-08-21
Pretty URL illiweb.com/rs3/78/frm/embed/FA_Embed.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40 Last Seen2024-08-21 08:27 Times Seen19 Hash 7c08b7f1da97c37b7680d6f879d7ed40 97f715f01a5bb9d07ec879e3b5e14a631b087740 432bb74f6f65f0b392e4b531804bf529db2f58fa1868537599097f408c02b481 Loading...

	illiweb.com/rs3/78/frm/jquery/marquee/jquery.marquee.min.js	ScriptElement	4.5 kB	2023-03-07	2025-05-03
Pretty URL illiweb.com/rs3/78/frm/jquery/marquee/jquery.marquee.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40 Last Seen2025-05-03 23:46 Times Seen32 Hash 463f06a3132567943024407a7a4ccbc4 41ae2993e980ca121d94f7803e83cdf1c0cdc4e5 dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	438 B	2023-06-02	2025-03-07
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-02 16:07 Last Seen2025-03-07 22:39 Times Seen8 Hash af0734619ef6459e9e6f12f3a7341605 9a2ad8d8ab59a62f004ebb0078d4369dcddcf1a2 a1ce2a82c9524e14959360263d6a770f45541e33466da9b663ca7d2cd577883c Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	263 B	2023-03-07	2024-08-21
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2024-08-21 08:27 Times Seen16 Hash ef8b50accfd60bbe469f135147911168 ff6c86cd05950889a2e4b1f70655e153c561577e 9a0d1233f8889ad529c9fdd86b379ba5a08dd71ba3939a2206f3e03659965d58 Loading...

	www.googletagmanager.com/gtag/js?id=G-VKHBPXN046&l=dataLayer&cx=c	ScriptElement	234 kB	2023-09-25	2023-09-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-VKHBPXN046&l=dataLayer&cx=c IP 142.250.74.104 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-25 12:33 Last Seen2023-09-25 12:33 Times Seen1 Hash 29e78775cb99cdca108def5919ceb1cf 2db35ffca23dc5c456f89df31e93eea86a62d05e b0195b7460a70c23b448e0376ff79fec1ce1c8ec5bbd9dd8651b4e4acc063af3 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 12:44 Times Seen340635 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	ac.aruncdn.com/j/prebid/pre.js?47	ScriptElement	478 kB	2023-05-21	2023-11-16
Pretty URL ac.aruncdn.com/j/prebid/pre.js?47 IP 172.67.70.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 11:54 Last Seen2023-11-16 11:33 Times Seen47 Hash 2fbe30d009abc54ff04795c6d14da709 0626ce35a7a48628dd7d2507cf1f08dfb02d496d 51b6b311805712db5a8d23981d54327822a438112649fa816c0e6abb731d9206 Loading...

	www.googletagmanager.com/gtag/js?id=UA-144347007-1	ScriptElement	189 kB	2023-09-25	2023-09-25
Pretty URL www.googletagmanager.com/gtag/js?id=UA-144347007-1 IP 142.250.74.104 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-25 12:33 Last Seen2023-09-25 12:33 Times Seen1 Hash 172fc78a35187323a8df9fe97d4da0c9 5cde22eef68205d6061b52d6a597831d8ef74b30 f878d7912a05e5c0e22849601090462746f0e4fa4d6f9585ef0f1259bc2105d6 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	24 B	2023-03-07	2025-03-28
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2025-03-28 05:39 Times Seen19 Hash 46f04e9edcce217682704a8433c8ba5a 2f644c9f47af8eeab93d404d18652999fc6712b4 e63169f2593f050ad6c53097803150d60a0834bf9faffb2c24c1428c291584cc Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	486 B	2024-08-21	2024-08-21
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:48 Last Seen2024-08-21 05:48 Times Seen1 Hash 222bfa4bc61c98145fdb68f466be3c1e ae271d8adaba66ffbe716a2a4bd23cf4bddffa4a 5c1a676b3ff35464868e33f400d7eed32dcc8ac05ecb99901af39c4fb3e7a110 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	30 B	2023-03-07	2025-03-21
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2025-03-21 04:15 Times Seen48 Hash 4ece280a19c04007f1c61ee38cfc055b c425f44785e505687647cd153db2f5d6e947b85c da7ba30ac2306369b237659657949a1d5fad24e99a97245319bac3b5a8bfddac Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	322 B	2023-03-07	2025-03-07
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2025-03-07 22:39 Times Seen16 Hash 9c1735e3df55bb348b1933b393c67c48 403dcbd4b806d5a2e34b6f8497bd030234ca658b 2e47dc28efa9586f4ce6e8db3258f7b8bd70bf0683c210aa2b135acfd38eefa4 Loading...

	stootsou.net/pfe/current/tag.min.js?z=2308013	ScriptElement	13 kB	2023-09-14	2023-09-28
Pretty URL stootsou.net/pfe/current/tag.min.js?z=2308013 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-14 17:41 Last Seen2023-09-28 15:36 Times Seen133 Hash 2ab81df34a2461b2a4885cf8b04ec7a9 7182892392c7320d1c11106f33a1789d08329ac3 e58b4c163cb14f66ced74ce6a9fe37321b148a519af57a516335fc09851b0dcd Loading...

	ac.aruncdn.com/f/nat/1.native.js?ver=222614	ScriptElement	16 kB	2023-05-23	2024-10-14
Pretty URL ac.aruncdn.com/f/nat/1.native.js?ver=222614 IP 172.67.70.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 11:20 Last Seen2024-10-14 22:46 Times Seen44 Hash 0b8f24c6d87e1c425d170fcda6036e7e 24a57e3891f72e8f07b124f3cbe41f792670f394 cbeda8c681183b4cf452950ae66650e596ab8ecda43e51f32d411d466fc01c90 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js	ScriptElement	95 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 11:15 Times Seen7992 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	illiweb.com/rs3/78/frm/jquery/cookie/jquery.cookie.js	ScriptElement	1.0 kB	2023-03-07	2025-04-19
Pretty URL illiweb.com/rs3/78/frm/jquery/cookie/jquery.cookie.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40 Last Seen2025-04-19 00:53 Times Seen85 Hash 12a485a250e60806fbe4ab8bd03dfbf8 ea48bc03bfb90a966f28d302992ec02fe55da978 6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90 Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	139 B	2023-03-07	2024-08-21
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2024-08-21 08:27 Times Seen12 Hash 19e57056f1e5b06edac6b9654418f705 863dadea1e6158fea52bd8bfb1eab0cc13107c12 30f513144bf444457a7c1aadbe1e937ffe5d33eea89055ef9032f1aa9a2439eb Loading...

	jammaien.hooxs.com/t3067-topic	ScriptElement	70 B	2023-03-07	2025-04-17
Pretty URL jammaien.hooxs.com/t3067-topic IP 94.23.76.111 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40 Last Seen2025-04-17 11:12 Times Seen61 Hash 7d95955272fc06a396db4bf66d9d6247 1a4b36a4b619d7f680909d4e7f574f15d3542ee7 b03b4f9d334c2b312ee05154d8eedbc5a64ca9764bd0a795920e73faf4d874db Loading...

		Size	First Seen	Last Seen
	#1 Eval - bd36463f6e78a04fb7d8b06523f91a3e	149 B	2023-03-08 20:43	2025-01-07 09:04
Pretty Observations First Seen2023-03-08 20:43 Last Seen2025-01-07 09:04 Times Seen86 Hash bd36463f6e78a04fb7d8b06523f91a3e 1bca4f4370f9d215ce41ef007727e3b985dcc226 f463fd295530bf8418e7aad5f6f5acd78e8e2c7928e859724d3c20dc08964e32 Loading...

	#2 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07 01:03	2025-05-08 19:45
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-08 19:45 Times Seen3168 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

		Size	First Seen	Last Seen
	#1 Write - 90be6fababd84ead318f6ebd34f25269	104 B	2023-03-07 01:40	2024-08-21 08:27
Pretty Observations First Seen2023-03-07 01:40 Last Seen2024-08-21 08:27 Times Seen12 Hash 90be6fababd84ead318f6ebd34f25269 e689a91041b2214c8d0eb98e1b0b701a8134c830 147f74332da8a3a6025c02528aa92901c92553e8066a4924adf0b4d08a8439fc Loading...

HTTP Transactions (93)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

216.58.207.234

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
34 kB (33845 bytes)
Hash
b8d64d0bc142b3f670cc0611b0aebcae
abcd2ba13348f178b17141b445bc99f1917d47af
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

HTTP Headers

GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 15:32:54 GMT
expires: Tue, 17 Sep 2024 15:32:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 586819
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jammaien.hooxs.com/2-rtl.css

94.23.76.111

200 OK

56 kB

URL GET HTTP/2
jammaien.hooxs.com/2-rtl.css
IP
94.23.76.111:443
ASN
#16276 OVH SAS

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subject*.hooxs.com
Fingerprint39:37:02:D5:DE:09:F0:F9:A1:0D:D1:BA:F1:32:52:2F:67:9E:C1:B4
ValiditySun, 17 Sep 2023 03:50:24 GMT - Sat, 16 Dec 2023 03:50:23 GMT

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
56 kB (55521 bytes)
Hash
d2653465d0148a566a7eeebf83b840d8
548d2dc4387ff86afaf2452ae72aa768fc676107
945acb0d79a15c56e4bd9e7425770ed89692b12fafe8bdb332097942661f0150

HTTP Headers

GET /2-rtl.css HTTP/1.1
Host: jammaien.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/t3067-topic
Cookie: exadd=169565
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: text/css
content-length: 55521
last-modified: Mon, 25 Sep 2023 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2

jammaien.hooxs.com/t3067-topic

94.23.76.111

200 OK

82 kB

URL User Request GET HTTP/2
jammaien.hooxs.com/t3067-topic
IP
94.23.76.111:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subject*.hooxs.com
Fingerprint39:37:02:D5:DE:09:F0:F9:A1:0D:D1:BA:F1:32:52:2F:67:9E:C1:B4
ValiditySun, 17 Sep 2023 03:50:24 GMT - Sat, 16 Dec 2023 03:50:23 GMT

File type
gzip compressed data, from Unix\012- data
Size
82 kB (82525 bytes)
Hash
2c9cfa74a714279a91d42ae74d78e525
40a989bbcd2d1f018f459d1f5b5c81f0616674b7
c417f851f30eb9d2a499a3ee6ec4236071f0beb6b07cfdb2c46c8fd3087e1f54

HTTP Headers

GET /t3067-topic HTTP/1.1
Host: jammaien.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:12 GMT
content-type: text/html; charset=windows-1256
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
pragma: no-cache
expires: Mon, 25 Sep 2023 00:00:00 GMT
last-modified: Mon, 25 Sep 2023 10:33:12 GMT
vary: User-Agent
set-cookie: exadd=169565; expires=Mon, 25-Sep-2023 14:33:12 GMT; Max-Age=14400
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=

142.250.74.104

200 OK

44 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=
IP
142.250.74.104:443
ASN
#15169 GOOGLE

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (2213)
Size
44 kB (44268 bytes)
Hash
e9217053b489c3bb60b4284043eb3da6
5c928f23924a056cfa5c36f9cbe5c2b522925be7
4dfc7dd269b8555aa7869724a382414c3b5bbcb8d90e5258152d0e188acb00e0

HTTP Headers

GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 25 Sep 2023 10:33:13 GMT
expires: Mon, 25 Sep 2023 10:33:13 GMT
cache-control: private, max-age=900
last-modified: Mon, 25 Sep 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

2img.net/i/empty.gif

104.21.235.75

200 OK

43 B

URL GET HTTP/2
2img.net/i/empty.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

HTTP Headers

GET /i/empty.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 17425426
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwDayLOxMrr3j5AXTd%2FnYf3mdc7EZy0yB3E%2F8kIh35ciPk8Aw2wGHoMHrj%2BGxLv03V4Sd5KNaNf%2BPp%2FnJa2Hll3btvUYW2RATcLUex2bD0aP8M97PH%2Bx0v9S%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b967e6f070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/10/22/71/i_icon_gender_female.gif

104.21.235.75

200 OK

518 B

URL GET HTTP/2
2img.net/s/t/10/22/71/i_icon_gender_female.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 72 x 20\012- data
Size
518 B (518 bytes)
Hash
e34127b4f9a962c4d78d29ed8151e1fb
26b8126352394de5534091f0b7a26f027c78b40e
312587b090441e7d06515b99b4e0638efa79e4ca1c6e3129d3f03ade4b984aa4

HTTP Headers

GET /s/t/10/22/71/i_icon_gender_female.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/gif
content-length: 518
last-modified: Sat, 02 Feb 2008 21:02:41 GMT
etag: "47a4da71-206"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 330
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGiFLkexKFSal8r1UefR2sUvFp%2FRG9qcmdVIpuVd%2FYyGKiKWaAxGH6fSa%2BnyDuHbnnbR4pt1Ls%2F94%2F87xakk8xn6CKwfVMcx%2FsLlW09ErUHhxRMGvfb27TDdJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b967e6e070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/i/fa/i/smiles/icon_evil.gif

104.21.235.75

200 OK

401 B

URL GET HTTP/2
2img.net/i/fa/i/smiles/icon_evil.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 15 x 15\012- data
Size
401 B (401 bytes)
Hash
fe836d1e71614b25c03ebeb3113d4f02
267db01c9ba0da332a1d39c11f1140828ab57a99
b10bb46339adf76e6e10c7b43b62abac6d8e12611eab395ff8c136f8201fe65d

HTTP Headers

GET /i/fa/i/smiles/icon_evil.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/gif
content-length: 401
last-modified: Mon, 16 May 2016 10:57:12 GMT
etag: "5739a788-191"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 18130835
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsGle451hfp%2Bv5avKFeX7VTCB26dErkZSVRbdsITQsj9kH7WpFdFHnsImdheTWQd%2FvNM3TjyXu1Dj9cP%2FBTiL%2FS89w2jVlhp0NBSD1fO5snrJNtsiX%2BdpUUucg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b969e9a070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/i/fa/i/smiles/icon_smile.gif

104.21.235.75

200 OK

248 B

URL GET HTTP/2
2img.net/i/fa/i/smiles/icon_smile.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 15 x 15\012- data
Size
248 B (248 bytes)
Hash
ef46f10be16d32b58b3f36aa40c526c7
ebf441f5fd358b52acbd429bc60062ddb63a7de2
0d0763faa8403727f939c5539208e59791e2bc68da0845109f0eb662b8bcfce7

HTTP Headers

GET /i/fa/i/smiles/icon_smile.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/gif
content-length: 248
last-modified: Mon, 16 May 2016 10:57:13 GMT
etag: "5739a789-f8"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 18137463
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gr5hDzr3DC4LEJifpjNiYEq1G9Z5QC5bsUetkgzqLsj6nWugcxihMey81%2FAmdLvQHyu7FrkGvNQOfT6%2BzLca4o8vUzlA5Eed1Sh6UkAhp8qggliYotJbHArdSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b969e9e070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/10/22/71/i_icon_mini_index.jpg

104.21.235.75

200 OK

4.3 kB

URL GET HTTP/2
2img.net/s/t/10/22/71/i_icon_mini_index.jpg
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 100x30, components 3\012- data
Size
4.3 kB (4335 bytes)
Hash
ef5f79dda5b810f4ad0872007c6a5553
f642cad8210af4df1f31773c11b68fb28705056c
cc81829ab317a44f7561e3f76e3f39992f89554673cce365ed3f5286f2a53707

HTTP Headers

GET /s/t/10/22/71/i_icon_mini_index.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/jpeg
content-length: 4335
cache-control: max-age=315360000
cf-bgj: h2pri
access-control-allow-origin: *
etag: "4cc82dc3-10ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 27 Oct 2010 13:48:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 7696
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpEDhbtyCkSiEE9N9jKqlk%2BkZhdROtbRyAtPh60P6%2FLg6ntxaNXUG2c9nOeGRfb59Yp9Pya%2BRrJ%2BHEG3mSvpPi7kxPqcF07vcjU6MhWFVDn7vMf%2F1oJXm2NDDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b969e8f070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/10/22/71/i_icon_mini_login.jpg

104.21.235.75

200 OK

4.2 kB

URL GET HTTP/2
2img.net/s/t/10/22/71/i_icon_mini_login.jpg
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 100x30, components 3\012- data
Size
4.2 kB (4200 bytes)
Hash
892d0b36f51cd358e09a142aa4e5b296
c9142a83011db448a131eed058668ce8aea5e13b
96b0f319a02ba35d9ece78cd4dd718ed607667b160593ffbc187c55973209f1f

HTTP Headers

GET /s/t/10/22/71/i_icon_mini_login.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/jpeg
content-length: 4200
last-modified: Wed, 27 Oct 2010 13:48:51 GMT
etag: "4cc82dc3-1068"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh1lFoWzSmg%2FYci%2BFb%2Fowa8CiXYd9AMxO%2Br3wKq45eo2gvL94z%2FjOuTV0tuipETUFTy606Cmz5F37lj4trU4Zp1VdAI9vhX%2FcDCTR7mkDgjBfKmrQK8m3RS7bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b967e6c070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/10/22/71/i_icon_mini_register.jpg

104.21.235.75

200 OK

4.3 kB

URL GET HTTP/2
2img.net/s/t/10/22/71/i_icon_mini_register.jpg
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 100x30, components 3\012- data
Size
4.3 kB (4337 bytes)
Hash
9c2f8635f4db3759c5c117e0429312b7
35b77c0f4b1ad7197a219ef64e9d97b708281313
f9f9e5b5ac785e09cdbdc7c91dbdc8836c9e176813fd7e94df07e6ce4501ea40

HTTP Headers

GET /s/t/10/22/71/i_icon_mini_register.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/jpeg
content-length: 4337
last-modified: Wed, 27 Oct 2010 13:48:51 GMT
etag: "4cc82dc3-10f1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEmB1IxClVZgHR3EDzkWePKrO%2BPARi2v088Wck0DZ%2F503AYbf5pGRM4MpGvnINqRs0tcvwQpiBmVIMXr1jCq4HETW%2F9fcSosbsiBqRAmBwdD2cb7Yd34gCJkyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b967e70070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/10/22/71/i_icon_gender_male.gif

104.21.235.75

200 OK

614 B

URL GET HTTP/2
2img.net/s/t/10/22/71/i_icon_gender_male.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 72 x 20\012- data
Size
614 B (614 bytes)
Hash
3a04704482176437f234f7d912051237
9e6774adbe6a45e0ef4981837567fc1a5e3ce08d
0704fe9f9150de8fd5d830d79b582e8c4c27e1980906a26181c0068f5d4fec72

HTTP Headers

GET /s/t/10/22/71/i_icon_gender_male.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/gif
content-length: 614
last-modified: Sat, 02 Feb 2008 21:02:41 GMT
etag: "47a4da71-266"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZlkM4%2BmGuKTpZ7DmAd5Sm3c4Hf2rlbGxEgaSAjHpTZiMrEzvGoCbxueYnn1dUd0uNOVRl3yBIpuYJONMHhnhpjsDX5nu6A1VmvehWzsM2%2BixB3Dcqx8hUVTlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b969e9b070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/10/22/71/i_icon_minitime.gif

104.21.235.75

200 OK

586 B

URL GET HTTP/2
2img.net/s/t/10/22/71/i_icon_minitime.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 13 x 13\012- data
Size
586 B (586 bytes)
Hash
359a963d85d43cc0c10ac2dd10b68b24
74fada2d2974e7a3e9973823d9fcea3e44a24e39
6a3f23019ec6e5bc0f2e8b807c0119c54a61b7aa809af4513be1713580a3e1ec

HTTP Headers

GET /s/t/10/22/71/i_icon_minitime.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/gif
content-length: 586
last-modified: Sat, 02 Feb 2008 21:02:41 GMT
etag: "47a4da71-24a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICoSF2asdpDGW0QNInKCTJJDyyspCT%2FaTnVNdQPijCv%2FlPbKdeVUKhuR40IPCDZ3Tt%2FDX8zEb97iPLgyH70gW9DBYYhQs9jEpWSrO3ol%2BUqa37XSYCQqj9%2By4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b969e9c070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/s/t/10/22/71/i_icon_minipost.gif

104.21.235.75

200 OK

522 B

URL GET HTTP/2
2img.net/s/t/10/22/71/i_icon_minipost.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 10 x 11\012- data
Size
522 B (522 bytes)
Hash
9bb9b2c0b7cb21c45f3b69148c3bcd81
e6f9c10eedcfba2378c779bb6457317a4e605211
2a6dfba8f06b9513236b98f83820767514890fd3a471b9f9e15ca343254ec7b4

HTTP Headers

GET /s/t/10/22/71/i_icon_minipost.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:14 GMT
content-type: image/gif
content-length: 522
last-modified: Sat, 02 Feb 2008 21:02:41 GMT
etag: "47a4da71-20a"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0lo5oppZNXIFkxxkNfM6nXJ%2BUlp4UcvQe5sfZWzyxfXEMye6cpbRO%2Bn8OxOV1jImSitUZmitH%2BbJvdAX0RkENuqehSg%2F8mfYftTwH25IHDW1Iv5xMZEvl4Zuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b969ea1070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-VKHBPXN046&l=dataLayer&cx=c

142.250.74.104

200 OK

83 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-VKHBPXN046&l=dataLayer&cx=c
IP
142.250.74.104:443
ASN
#15169 GOOGLE

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (5788)
Size
83 kB (82560 bytes)
Hash
29e78775cb99cdca108def5919ceb1cf
2db35ffca23dc5c456f89df31e93eea86a62d05e
b0195b7460a70c23b448e0376ff79fec1ce1c8ec5bbd9dd8651b4e4acc063af3

HTTP Headers

GET /gtag/js?id=G-VKHBPXN046&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 25 Sep 2023 10:33:14 GMT
expires: Mon, 25 Sep 2023 10:33:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

2img.net/i/fa/sprite_icons.png

104.21.235.75

200 OK

1.5 kB

URL GET HTTP/3
2img.net/i/fa/sprite_icons.png
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
PNG image data, 1395 x 12, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1459 bytes)
Hash
6c31830c94fd2987aab8ed4af1e6b756
9bb52d402fd3cd4a0515c54b5061b655fdabfd96
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8

HTTP Headers

GET /i/fa/sprite_icons.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/png
content-length: 1459
last-modified: Mon, 16 May 2016 11:01:49 GMT
etag: "5739a89d-5b3"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 26008872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K31zkvDxfs3AdzhUxQACU%2FiZU16UgyLeOuV51oNgsJnAONyPBHNWwrlIpyQH7rDQ7g0vzoIXGEF8%2FI4Qz0FaxgTaOB8ZQSPhelyM2bKoANtB1EZ%2FaVRwmsNRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd48531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/s/t/10/22/71/i_background.jpg

104.21.235.75

200 OK

107 kB

URL GET HTTP/3
2img.net/s/t/10/22/71/i_background.jpg
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1008x602, components 3\012- data
Size
107 kB (107212 bytes)
Hash
670c9742de152e44fa694bb04a8c8d53
b2f57847e28adc0b6c798a97236315c02f1cffd5
e84e3813fb653b0e9617737bf2fc351340f4ba99c16f110a139b576bf7da2b6e

HTTP Headers

GET /s/t/10/22/71/i_background.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/jpeg
content-length: 107212
last-modified: Wed, 27 Oct 2010 13:48:51 GMT
etag: "4cc82dc3-1a2cc"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Of1ChBvc4xrD25uSZ6%2FLiyUHPV8vBQeOC9tYX6FcwOoCxleTqJA%2Ffy68AXVOl1zvgRPPhgYrki925fdHXRyuhtjYetbY01Fk9tO%2ByZnkfrn7b4Z7Sh372yjxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9c7bf5531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/i/fa/sprite_subsilver_menu.png

104.21.235.75

200 OK

2.2 kB

URL GET HTTP/3
2img.net/i/fa/sprite_subsilver_menu.png
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
PNG image data, 696 x 13, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2244 bytes)
Hash
858019d1f92dd8ed62da9412e287857d
f29a22e56dc115b989461c3aeb73f5def71144ca
062ea56f70bc46e21b4e6d07ba76a013b5e841bd110f53646b2898df48e4a709

HTTP Headers

GET /i/fa/sprite_subsilver_menu.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/png
content-length: 2244
last-modified: Mon, 16 May 2016 11:01:49 GMT
etag: "5739a89d-8c4"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 479395
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx1%2BcPjt6SjaG2iqsI4d5%2B%2FGeS%2B7ZUCQORAhyXWG9LCbVy9LF%2FOu2RuBffqkTxENmORB8jKB2vCMnNx6McNihapdsFjNPqJxQe1oywNMUw8RlH10tY7hVJsVnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd45531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/s/t/10/22/71/i_back_catg.gif

104.21.235.75

200 OK

40 kB

URL GET HTTP/3
2img.net/s/t/10/22/71/i_back_catg.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 778 x 60\012- data
Size
40 kB (40039 bytes)
Hash
5829b94749d8b088dd920a8991d7d6a4
c6e85675fc715aff3ed122daa55d861bbfeaabca
61d103a8cc23ece855ad643ac746505ae937483a528304025561b36b77f6e677

HTTP Headers

GET /s/t/10/22/71/i_back_catg.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/gif
content-length: 40039
last-modified: Wed, 27 Oct 2010 14:07:29 GMT
etag: "4cc83221-9c67"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjEWZbjt5%2BhEv4NtD%2FCXhqwYHJi3ussOPefAI5KxMmZVIN0FdVl0dwS%2FHua1LfBIl0qpTUcdHubxpMPFtGlWS2BxBxfBnOciy%2FzpcQDcnh8U0fd9do8NMU1JMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd47531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/u/1813/34/88/46/avatars/333-17.jpg

104.21.235.75

200 OK

8.9 kB

URL GET HTTP/3
2img.net/u/1813/34/88/46/avatars/333-17.jpg
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 149x104, components 3\012- data
Size
8.9 kB (8881 bytes)
Hash
239eb839688f720859a4278a854c3cd9
9fd81d4472b2b40aa829241b264ad2bd9c56f1c6
6c0c25f0e4ab684faf4162b7ccc1e743ca085887cc67b14e083336ce5b12e740

HTTP Headers

GET /u/1813/34/88/46/avatars/333-17.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/jpeg
content-length: 8881
last-modified: Mon, 01 Jan 2001 00:00:00 GMT
etag: "3a4fc880-22b1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGCCNTJyNDZpUgtcdY%2BC3lU46L2d3%2FnY3dKwcbZUeZqZXU6mJzSX03S16y8xsjZ6Jc%2Fkz6pk%2BAfvCkQstjhl3INflw6fjvT8I7TCjSQ5GWnUgkEpM3eeKFPdog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd49531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/u/1813/34/88/46/avatars/38-99.gif

104.21.235.75

200 OK

45 kB

URL GET HTTP/3
2img.net/u/1813/34/88/46/avatars/38-99.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 140 x 140\012- data
Size
45 kB (44721 bytes)
Hash
89e9684ecc76fd947dd8f28804b305c6
94d0cdec8e5709178c1513041a6ec34b12b71fbc
6f58c33a936dbaea2a37b4122f399d78a802c9ef732a7c30bf5792a13eb64672

HTTP Headers

GET /u/1813/34/88/46/avatars/38-99.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/gif
content-length: 44721
last-modified: Mon, 01 Jan 2001 00:00:00 GMT
etag: "3a4fc880-aeb1"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2fKVM2HrYfQvLOJrrxuql%2B8hQYn%2BZZL0YNy%2B%2FtUzGZzh%2Bc4FxIB%2BD3QDriz0BRWe090c9X8Sx5X08nRL%2F2Kwl1ybjMmFcJAgdfnlECgKix1SgOZ02GNxPVhow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd4a531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/i/fa/invision/pp-blank-thumb.png

104.21.235.75

200 OK

9.6 kB

URL GET HTTP/3
2img.net/i/fa/invision/pp-blank-thumb.png
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
9.6 kB (9554 bytes)
Hash
db01076614dffc62222461ab141b990c
d9c4028723700b846dfbe902c19d9f78491fc65b
96ecd9f62a332fa2e57b75b308c1a6756d3e549c4d4dcdd0761af12431df59db

HTTP Headers

GET /i/fa/invision/pp-blank-thumb.png HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/png
content-length: 9554
last-modified: Mon, 16 May 2016 10:59:31 GMT
etag: "5739a813-2552"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 453148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9CNAIWamWY3zWmyf328YvGVekR%2BCgBHwi77pciDqV4dB83mptDyzp101rVFCG80fZGpawdyMtD%2F3mBG1y%2FRpQkfknpQo2Q5eU7vHkQTitNafOaJKfY47yASnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd4d531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/u/1813/34/88/46/avatars/307-69.gif

104.21.235.75

200 OK

4.0 kB

URL GET HTTP/3
2img.net/u/1813/34/88/46/avatars/307-69.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 87a, 100 x 91\012- data
Size
4.0 kB (4021 bytes)
Hash
2924e607928c4ac0ac1ab4e046e76d6b
dbdd3fe8c2316cc0d5d28df478261871f5756399
0d104f05a5d01195299d019c31164d28c98d8b58d2877812378c7c879c58cbcf

HTTP Headers

GET /u/1813/34/88/46/avatars/307-69.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/gif
content-length: 4021
last-modified: Mon, 01 Jan 2001 00:00:00 GMT
etag: "3a4fc880-fb5"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGNEXzOgsx97BV5psVr2wkxGf4Pbf1HzToym6nK5TMnOyrii4PzLktvp70vTdiOVMrZdCoOMgmjNCt0dlat%2Fu8GjH5FzcM0mKR06f4XL8yZ0NNtbJ1DVJRtlCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd4e531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/u/1813/34/88/46/avatars/21-16.jpg

104.21.235.75

200 OK

6.5 kB

URL GET HTTP/3
2img.net/u/1813/34/88/46/avatars/21-16.jpg
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x105, components 3\012- data
Size
6.5 kB (6454 bytes)
Hash
67cec0f84de420bb2fa215de9a5ed387
d3ac65dac773d1929e2306ca2b59d8eeaa7c2bcb
ebf552661b984eaa6424aa045db265560f2780de582c641c0173122dd7d04749

HTTP Headers

GET /u/1813/34/88/46/avatars/21-16.jpg HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/jpeg
content-length: 6454
last-modified: Mon, 01 Jan 2001 00:00:00 GMT
etag: "3a4fc880-1936"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7YKyhMI6ES%2BEWXCI3sxgajm4Vst0ash0QPi%2BT0NPF%2BAI25PwFNHX4forF8W6ixF70h0Wv6C5NO8X2Y%2FAry5EUwfWtU%2FmOT7PxVPnkjFkijdcjuUG5PDOVVbCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd51531d-LHR
alt-svc: h3=":443"; ma=86400

2img.net/s/t/10/22/71/i_back_title.gif

104.21.235.75

200 OK

40 kB

URL GET HTTP/3
2img.net/s/t/10/22/71/i_back_title.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 778 x 60\012- data
Size
40 kB (40039 bytes)
Hash
5829b94749d8b088dd920a8991d7d6a4
c6e85675fc715aff3ed122daa55d861bbfeaabca
61d103a8cc23ece855ad643ac746505ae937483a528304025561b36b77f6e677

HTTP Headers

GET /s/t/10/22/71/i_back_title.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/gif
content-length: 40039
last-modified: Wed, 27 Oct 2010 14:07:29 GMT
etag: "4cc83221-9c67"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUsbKlCiLvLTrkcEZTI9cqqRpn%2Ftqh%2FilYQPNZOjsSgXS3U8O7C54rLa3hC9TphegNSRmLOwjBI%2FQVVkvpBJRkYzW3eB37Rc7K0X3%2Fo1sotJFB94I%2Fsj%2FJDWzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9cfd52531d-LHR
alt-svc: h3=":443"; ma=86400

ac.audiencerun.com/gdpr

143.204.55.126

200 OK

1 B

URL GET HTTP/2
ac.audiencerun.com/gdpr
IP
143.204.55.126:443
ASN
#16509 AMAZON-02

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerAmazon
Subject*.audiencerun.com
FingerprintE8:5D:12:DB:6B:6D:C2:41:12:B8:68:6D:BE:A1:CE:81:61:2B:98:97
ValidityTue, 27 Jun 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

HTTP Headers

GET /gdpr HTTP/1.1
Host: ac.audiencerun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 1
server: CloudFront
date: Sat, 23 Sep 2023 19:39:51 GMT
access-control-allow-origin: *
audiencerun-country: NO
audiencerun-time: 2023-09-23T19:39:51.062Z
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -YzcD0oMn1rzrpfP1qBD37wNePj09sk0GfM-ZwrIhclwmrR8Jk5veQ==
age: 140004
X-Firefox-Spdy: h2

i.servimg.com/u/f34/11/94/70/55/511.gif

172.67.178.62

200 OK

1.7 kB

URL GET HTTP/2
i.servimg.com/u/f34/11/94/70/55/511.gif
IP
172.67.178.62:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectservimg.com
FingerprintCA:6C:E2:80:50:66:4A:05:CE:5D:70:41:96:94:36:CA:E4:2C:65:56
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 150 x 50\012- data
Size
1.7 kB (1711 bytes)
Hash
f15734b6268ac607cee6257152b55952
cfefa7cfff858f262d2b31e3281f26b0069e67a3
848ad81c4bae2cc092ffe3209ba94ee6b760300b40ad3aebf4b17d6f1dd9be1d

HTTP Headers

GET /u/f34/11/94/70/55/511.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/gif
content-length: 1711
last-modified: Thu, 04 Sep 2008 10:33:50 GMT
etag: "48bfb98e-6af"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Tue, 24 Sep 2024 10:33:04 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNRSUbS%2F2RywzeScxhjSTW2fWY19f3%2B2AugnM%2FhuJbahTk2fsIBTya0%2F7W6%2BGnbAjRg7onv6vN0gB%2FLzyk1TJfVIWN8nlikPrDQeBJFjQwrOifea1ggwMXRwICitHPj2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b9f7b15b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.servimg.com/u/f34/11/94/70/55/128.gif

172.67.178.62

200 OK

1.5 kB

URL GET HTTP/2
i.servimg.com/u/f34/11/94/70/55/128.gif
IP
172.67.178.62:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectservimg.com
FingerprintCA:6C:E2:80:50:66:4A:05:CE:5D:70:41:96:94:36:CA:E4:2C:65:56
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 150 x 50\012- data
Size
1.5 kB (1533 bytes)
Hash
29aa13f6415d3e60d8c2f8ac33e4b9d4
86a797d5508e02eaf1758909c501a369143b6e51
548712e9f8d4a5e206c35e2f6754fea11b729c9d3454a78a6ba0401d1df5fa62

HTTP Headers

GET /u/f34/11/94/70/55/128.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/gif
content-length: 1533
last-modified: Thu, 04 Sep 2008 10:33:01 GMT
etag: "48bfb95d-5fd"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 22 Sep 2024 19:58:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wREhINvjkUp7ZH7KP%2Bv950FCA%2Fl8%2FXGw8jsLq%2FkVuLsjbMK8MmW6cvKTcG8dfoayOz4ioHNvWq76WpmoNvGYvYvJnH923IVze2RvDKd0zQN8mkRGcwuOtCYhuXY7FlI8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b9f7b0eb4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.servimg.com/u/f37/11/87/82/00/15751510.gif

172.67.178.62

200 OK

9.5 kB

URL GET HTTP/2
i.servimg.com/u/f37/11/87/82/00/15751510.gif
IP
172.67.178.62:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectservimg.com
FingerprintCA:6C:E2:80:50:66:4A:05:CE:5D:70:41:96:94:36:CA:E4:2C:65:56
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 138 x 38\012- data
Size
9.5 kB (9502 bytes)
Hash
50de7dadf5e3197faf1911ab591d2a42
5a9bc21be141150ff9cc808305a4b36b59dd6ada
dccdcad802146514982230da2844ddf61667cbaa67c9b817debca11ca75ef77f

HTTP Headers

GET /u/f37/11/87/82/00/15751510.gif HTTP/1.1
Host: i.servimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: image/gif
content-length: 9502
last-modified: Mon, 08 Sep 2008 22:52:13 GMT
etag: "48c5ac9d-251e"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Sun, 22 Sep 2024 19:59:23 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=778glNJhACBvRtHbkaTOfFe0x56KeaA4jyFyYn1lXYsFW8674DoyypZO6%2FVRweE7lFoyvqvJd1aaqQs41a8NPwSgIs19ff15KbCMiL6G3ukhCFthnZjbtEujMIXS4VMC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b9f6af0b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=jammaien.hooxs.com&var=&ymid=&var_3=&tg=0

139.45.197.250

200 OK

933 B

URL GET HTTP/2
stootsou.net/zone?pub=0&zone_id=2308013&is_mobile=false&domain=jammaien.hooxs.com&var=&ymid=&var_3=&tg=0
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint79:21:5A:B2:01:54:9D:62:B3:D8:BF:F7:15:99:15:AE:A5:34:63:89
ValiditySat, 02 Sep 2023 05:16:00 GMT - Fri, 01 Dec 2023 05:15:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (932)
Size
933 B (933 bytes)
Hash
6075502e3c3594f125e3f52c0a45bd8a
45a25d584fdd9b0ae9d7565f2ada72e18cd40e78
0e343e38c4c9ed7e3affb9a07539af7c9469e3e9e1af05ed4013fd3cbdefe726

HTTP Headers

GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=jammaien.hooxs.com&var=&ymid=&var_3=&tg=0 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jammaien.hooxs.com/
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: application/json; charset=utf-8
content-length: 933
x-trace-id: 2a56abdc1accbdfc911ed6bbde6c734e
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
stootsou.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint79:21:5A:B2:01:54:9D:62:B3:D8:BF:F7:15:99:15:AE:A5:34:63:89
ValiditySat, 02 Sep 2023 05:16:00 GMT - Fri, 01 Dec 2023 05:15:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jammaien.hooxs.com/
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
stootsou.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint79:21:5A:B2:01:54:9D:62:B3:D8:BF:F7:15:99:15:AE:A5:34:63:89
ValiditySat, 02 Sep 2023 05:16:00 GMT - Fri, 01 Dec 2023 05:15:59 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jammaien.hooxs.com/
Content-Type: application/json
Content-Length: 384
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 594f47482f6e9a82d76f9511f3dce97e
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jammaien.hooxs.com/
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

connect.topicit.net/scripts/connect.js

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/2
connect.topicit.net/scripts/connect.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjecttopicit.net
Fingerprint04:B5:CA:6C:CD:C1:85:C1:98:5A:88:11:6F:4E:A1:92:20:1B:4D:D9
ValiditySun, 04 Jun 2023 00:00:00 GMT - Mon, 03 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (615)
Size
1.3 kB (1346 bytes)
Hash
df06f0c81b83b4161d3a2c843e71de58
ac09970aca15ee03496cbe68c2a2f06914e19855
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542

HTTP Headers

GET /scripts/connect.js HTTP/1.1
Host: connect.topicit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5437
access-control-allow-origin: *
etag: W/"5d653880-153d"
last-modified: Tue, 27 Aug 2019 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-cache-status: HIT
age: 6047
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Abr212AvarJDBBSKwJkNFLF%2FpScTl32iXSziUqhHW5f9rRGQ4EcYEl%2Bdw6YWIB82%2FaJGAH0BavOgzahztaemX3wwco8LUTGGl%2BDSuDgwTejUbA%2BU%2BRWUhGEatVlrMAGPLYTfoI5S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29b9f8d8c56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-VKHBPXN046&_ono=1&gtm=45je39k2&_p=1234499079&_gaz=1&cid=2082375279.1695637996&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1695637995&sct=1&seg=0&dl=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&dt=%D8%B5%D9%88%D8%B1%20%D9%85%D8%AA%D8%AD%D8%B1%D9%83%D8%A9%20%D8%AD%D9%84%D9%88%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-VKHBPXN046&_ono=1&gtm=45je39k2&_p=1234499079&_gaz=1&cid=2082375279.1695637996&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1695637995&sct=1&seg=0&dl=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&dt=%D8%B5%D9%88%D8%B1%20%D9%85%D8%AA%D8%AD%D8%B1%D9%83%D8%A9%20%D8%AD%D9%84%D9%88%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VKHBPXN046&_ono=1&gtm=45je39k2&_p=1234499079&_gaz=1&cid=2082375279.1695637996&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1695637995&sct=1&seg=0&dl=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&dt=%D8%B5%D9%88%D8%B1%20%D9%85%D8%AA%D8%AD%D8%B1%D9%83%D8%A9%20%D8%AD%D9%84%D9%88%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://jammaien.hooxs.com
date: Mon, 25 Sep 2023 10:33:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintD6:54:A1:23:39:A0:9A:41:5A:CC:0B:F2:C1:7C:6A:FA:F0:E8:C1:52
ValidityWed, 06 Sep 2023 01:33:39 GMT - Tue, 05 Dec 2023 01:33:38 GMT

File type
JSON data\012- , ASCII text
Size
94 B (94 bytes)
Hash
7ee0b8cc78d8967d21d152b27726c5ce
767fb06cc4e39635beb7cd0d10ecb998850de74a
fc37b324535eebae90d84a9f53888c1e51ee2cd73904ef5aa3e1af883119be8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jammaien.hooxs.com/
Content-Type: application/json
Content-Length: 514
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 2017b3f6cfbf0b4dc214bd8a1412095b
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ac.aruncdn.com/f/nat/n.js?408

172.67.70.117

200 OK

12 kB

URL GET HTTP/3
ac.aruncdn.com/f/nat/n.js?408
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type
Unicode text, UTF-8 text, with very long lines (36954), with no line terminators
Size
12 kB (12146 bytes)
Hash
5792c6bdd6215bf3c3f7de7ccaa7e9c5
fa803254afc8621edefc5a7a15557c2fa4edcb92
6ae005dccdf15b53bb634ceec1e0c7582a34c7f6398773d3fa84f16a4f4683eb

HTTP Headers

GET /f/nat/n.js?408 HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/javascript
last-modified: Mon, 17 Apr 2023 13:32:05 GMT
etag: W/"5792c6bdd6215bf3c3f7de7ccaa7e9c5"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: pTbTaG4v1.2TJIGYu7PttDdD6hov2eLi
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g9pd1gBYUotlVLgf26GRB2ZGMKxDy86WWgMK6n2h-T90k3hwTUwYSQ==
age: 13893487
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FvL%2Bios1Hr4iyUbH5wI6F4jcmzE1MMpO9NPfOG18GSwUaQJHYecbjKw3lm5Gh7qSAnubvUF3RsOGfxsC1fwYKvDeYvNVik%2FJUSQ80yt9XP70ERNSVmaRCazE%2BRQssIE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80c29ba5081d0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ac.aruncdn.com/f/nat/fixedFooter.native.js?ver=222614

172.67.70.117

200 OK

21 kB

URL GET HTTP/3
ac.aruncdn.com/f/nat/fixedFooter.native.js?ver=222614
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (21322 bytes)
Hash
0708733879d93c42a1e77a9f4e148139
4c1ced02bc02b65892c75fc4c7cbde4ce7d141f4
3afb7f04f8cf0f2dd00750f51595dc7c067b8fd958a55a11f77e45fd0eb02b29

HTTP Headers

GET /f/nat/fixedFooter.native.js?ver=222614 HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/javascript
last-modified: Mon, 17 Apr 2023 13:32:04 GMT
etag: W/"0708733879d93c42a1e77a9f4e148139"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: yfzHNURAiW8LwbsQ07YqUPUcYtDMfwck
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W_2QnBw7FqZbxWNdkhx3MCRcowItVaCT160wWrX-_UnfDMHOHEDqKg==
age: 2153278
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82SVcC%2BIJ61Wq9TpUZv1%2BrsDUWcEz7FaKPJtmO44HnwpL8%2FgXSn1Hb%2BFk%2BwW5Iy15PbZ0tDomyuqGCxa1AqnBLBsrs7IFNIccj8%2FfvKm3ev7f2uOrEKVg6%2BBHvvlnRBF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80c29ba5f8aa0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2img.net/h/up-00.com/uploads/158bdc4a8e.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/158bdc4a8e.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
2b4a1d09d3f4b427a891cdeab35272eb
0e0bd9895782f8ba9570896493463e7d3bb36017
1ebe9f7a61be244eaa0b2d9fa01b3c968724d19d1a501bce8309810dfa339ef0

HTTP Headers

GET /h/up-00.com/uploads/158bdc4a8e.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcFx%2F9FHDOFZV2rJSetWJmcYPPpEWt%2BX9jtrS9wnXK801les5TBqIzfym3%2BUyW%2FUdGOi9F1OegL3VvDMdBEAHFAVjLFWBzcqvy2k8Ys344hKoAp3tHl9TGn5Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b967e6b070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b967e6b070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/25ae98aad4.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/25ae98aad4.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
7d06b1d521ff8dc876cde6aff8412941
ad37d7fbf2265706c4da89c986756d701ca1d28c
9389c6205d1da65ec004a8b735af911009c7370078c431065f21873973a783b8

HTTP Headers

GET /h/up-00.com/uploads/25ae98aad4.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcDzw%2FY%2BSGCE1uVPnoesoIf9d0vVfDlSMsxOj88AV4cbaxmPXHQS%2FE5FzhZ5xppHBuHqypEg4JgKtcTHeENHtUcvJUml69aSlYoba%2BPIVY%2FEhH5Im%2BG9%2F%2F9OwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b967e68070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b967e68070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/0e904badf0.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/0e904badf0.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
90558a04ac754e3e36d675b50695620a
58557c1246bc27817063f1b222b3eb2c0262bb58
319bfbe5c4eef605b11fbc884407f45bb9fbdb5e58ad0d158d220947d1abe6fa

HTTP Headers

GET /h/up-00.com/uploads/0e904badf0.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA8DyOTBti28jDZxtgAX9TO%2BaD%2F%2Ffs2kBa7jEp7uUFdnG9d%2BjTpsGQqd1g43bGUSxDDIYMdCxi9iXUc1hmWzwDBEbKvFsNAMACMH0rr80rFKh1CcPMYgXnn3sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b967e73070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b967e73070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/aeedc8d562.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/aeedc8d562.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
bbb7e46690ba27640189ba0870cd6546
53e2583d2207182ecdaf6517efbe4bd0c94eadd4
45dcdf698e34f25135ddd5e275374e75df9a9bdc26d351f95eb9f0c09fd7e935

HTTP Headers

GET /h/up-00.com/uploads/aeedc8d562.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4gk8hiIkOvprJxKQ2CMTT%2BDj4TY3rFf6INEDJez8jfhbuTiwUJDyfKUq5SJl5L72Ks6UT5g0YQH4Xp7H3TAUN8H%2BKF8HLqpn6mR%2FUuuXjZN6Hd9%2BlcYNAE5vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b967e69070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b967e69070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/77faf88d52.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/77faf88d52.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
9605b1dd3613e6cc771d85c33abd051d
93713833ff7975158de13aee59c0f4fa3e3bc408
512dd0669e48d8e64060c720d8d5de038708c7e3cd730fb14b5fc5256a676b8b

HTTP Headers

GET /h/up-00.com/uploads/77faf88d52.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2t%2BtlzAx%2F9%2B84nhg0fiwcqd7adHtlP4UH0K5dDQuumjh8Rd8WIL4GxPRy7rSbGKwn%2F5AABEpraIQ%2FnCnYA4AmcC%2BfR7LPauwhNnzWPqvM6ICvqgRHkQgSoZjkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969ea4070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969ea4070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/a5e222691b.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/a5e222691b.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
48fe7103b69b6169e2081745a429cdad
507f85de2ff8002871a022d750d202437b93d801
71cb25eeee778e5178f46af1eabe96c8044d94147ec2fa3402e947cfbc0834c1

HTTP Headers

GET /h/up-00.com/uploads/a5e222691b.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpYYsz49TY5tiOXP0msXZ5Bxb1Afe0DfRosTp3JXZ0qfp453ljaYOUIZTp6oYpmSULcWp7B2XlWw1QUKAPtRQFvYxyIZdm0OVIN1tkUlvkd0ErNjvHFAWC3oPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969ea2070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969ea2070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/15679640c6.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/15679640c6.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
cdd5deac3503cfda52510cfa218ab854
d22bb932c5f66ca3e08442c5e369bc0fa92715bb
c25fa5436a18d3c7069057ca14cbf1d589092d5feb8c853017583f2e117be8c1

HTTP Headers

GET /h/up-00.com/uploads/15679640c6.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmcfTwY27Z8elKPSNc7OB3k2z6AILjzzLxqz%2FElDPypUsG19p3ax5NR%2B9OXgTukABMRn%2BeByHAp%2BT5Qw5q6wLSKzbC8GsCNV6TwfkK9BboG5RdoR%2B9U%2F32yF7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969ea7070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969ea7070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/48b54a776c.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/48b54a776c.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
c0fb35020226e0fe82cb38d9c2aa3e17
16eed788f39fb54c71ac2d8afbd7a824173f8043
750f091a4a2628c9948a1d785895078eb1a37e3e8e8e0b24a6d7360f515de3d2

HTTP Headers

GET /h/up-00.com/uploads/48b54a776c.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPbrykycwOE0bTZskcDtzbSVYnhfk9OO81N%2FoPr5HQ9vTZUBce%2B8Mc692sXc6Ypy2RSMZ0GtBKDL9e%2FbXDdwCzfdtz7vUL0XTt3bGMzMVtIpYTSfylCo8%2FNJPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969e99070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969e99070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/2e7107b8d2.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/2e7107b8d2.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
0f9b95e20f5b7262abeb24516f8fffb1
b514191a960776ba3a0dfea7887fffd241900f73
c19c6958645aa6cdb4baf138a003bb8ecfc78130c01b0bb9e154cc5289adf987

HTTP Headers

GET /h/up-00.com/uploads/2e7107b8d2.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cclYxNIm4btzSpr0blibzzVw%2FN12mDEWoYvISdb5oe%2Fb4jyB4U%2FmD8skc9i1meiazeGoEdnWMq%2BPrQAh9qZLPHtfoLgUaiiOl3KBtb6W4qVCFR88SuOQWQnyvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969ea8070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969ea8070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/43990a06ae.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/43990a06ae.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
f4a5c44ba1132247b50caa3ab6c58424
8dfa8aac3ccc93c662548793bf66bec13ef802f8
4feba07e3b5cc9b78944cd408b6aebb86ef64741665c795c618f391db35452c5

HTTP Headers

GET /h/up-00.com/uploads/43990a06ae.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TDWFOJEjMwEaHNj0fjjk3RHy2sdLaTSg17HD99pfeKkaP2qQkHcbBWrlegVMWYSxTkxnkucviEhvK9ey2hwmsSdM0AshEsf2eXYyWmdQ4Oz%2FWtrMAiNpi%2FW%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969ea3070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969ea3070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/0ea07a8b91.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/0ea07a8b91.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
ef0f3427caa66c354fc8503624788218
674a5c456fad3691f8dbbb8728f1cf5d0c8e9904
158cbd3d23b6c9339e344b859e12ee4413020afd14e8f33dbb64cbc7301a008d

HTTP Headers

GET /h/up-00.com/uploads/0ea07a8b91.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yF3VqSXbxjtoTdNZJ83K3xmoHI4HBxVmL6MZRtM3jl6kPu7wP53rsFSq9M7%2B0WEkMVokN29HZAffoo2Q6V57daSJcUcFcsnzxk2ntnVWELVuVpHcS9yjBvMEWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969e94070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969e94070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/d4f741a90b.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/d4f741a90b.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
4bf25fa6d7d158b29ff07f4ee0860882
51f26f3c3b2f267cf051230706b5dd80b40f1325
6422347f38271446b65f361b1df981ef7ee3c7b0b48e08adb0be194a7d5f7661

HTTP Headers

GET /h/up-00.com/uploads/d4f741a90b.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSO9czhfkx%2Byb6v0tSYD4lzyXe5Hg7Um0iucWNZwK8s3hb%2FmjnHnYev2nkY7eQjyrBit2o4Dq7cfLyDjykbEd0yVvJF8dcyQJI7kN1I0%2BBTj5ELxb7gzGII1DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969e9f070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969e9f070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/f847b2598f.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/f847b2598f.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
762ef9c1899a750359867c8a198ede09
780f8022c8f976c44d9092c4c75c98e7a92f91ad
20c36ccd3b042a77a43a982c36ad6c7ca3d818d4365c4aa68e529b04794b63d9

HTTP Headers

GET /h/up-00.com/uploads/f847b2598f.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct8V5l5POC2mO303cIdhO9Su29FOLp%2FAYFP3uUT0%2Bkhv0k9y8p%2BxeAwCy9T%2Br3rWo6dGfrBBhz%2B%2BbOLptfH4MFe6Uc8I1DUjhBrP2r1SvkamZ5MVYy3YwskI7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969ea5070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969ea5070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/229412027d.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/229412027d.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
b2a8d38f5d69524860a4a1db318c0b0d
618711478e77e6f29b712211aa1d8289f18bc47b
02d7c757610b537b64e0516b8b81f4b5177d11dea60625edcd93a46988ad58ab

HTTP Headers

GET /h/up-00.com/uploads/229412027d.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrdOkZS2zpN3izRMdnL0MeUrGvw%2Fo%2FgndyYOTaX%2BCcXtiM57RYnL9ukSqpUjWbn%2BCu7cDVO0FTvVbbnb75GdlS7XLsyp1d1emhZo2gjv4Su32jNAITCyFMKJeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b96aeab070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b96aeab070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/f98ca44d6e.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/f98ca44d6e.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
35b06ff6fe2e6bce5896517695ce0679
3061cba738e4c40db86e75010586bd36a323a107
b262993f7e2710507fb3ff723e6c63dd7fffbb5af6814e928b153461db68abcc

HTTP Headers

GET /h/up-00.com/uploads/f98ca44d6e.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3sxwE3GTK5VLBVcc5Jt%2B5%2BiNmGcGRsJwLnJrvb%2F1PrJxHt3Y9CKK4K5MxCfxgJGyskGyFFllsQ%2B%2FcsdwxzX3oyzzNMMbvVnRRdS%2Fy2xcKBwEDVOybf%2BuDS8HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969e91070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969e91070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/136aa2903a.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/136aa2903a.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
ef7d690a4df01efa7ecd8e63ab5a3841
a321291a850cdddfb9f6bf118da23eb3dd6f590f
e5d12c8bd036dbd1d6c386653df652c6ddfe37fb6d46f25b2ee9f15a99b46f19

HTTP Headers

GET /h/up-00.com/uploads/136aa2903a.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0msKJsFYx8HUdSMPeqBlCnxZV1X95QwLKN48%2BLwbG4LmuQj2X%2FyXwsV7lgHZGX78iTo2cyqPgVSadU95oPDbIK4ljrNcb1D7mO%2FAk%2FqGstmpp4QjLjvV%2BSA6nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b96feff070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b96feff070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/a1db5f514d.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/a1db5f514d.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
aa630f30c0bf8aa60e3960499f95eb56
5beab9343dcdec699182fefc3426c3d5be068da7
8ffdbe80e153e934d5d4f67b2b7a4a6fe7bb5b1e81bcaae98ef1eac6e7aa7fe5

HTTP Headers

GET /h/up-00.com/uploads/a1db5f514d.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1IWJGHbDYUOkYj%2BMFY1O%2B4x3WLnKAlYldNH7Wyx8gjijrrQ7PYBNcDuxL%2F3fDwo70lUFssrD5MBiq%2FnMIrYzgTdeD2RRT6d1vMiUKTegXVRLsWLXnt2FwDKQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b970f0d070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b970f0d070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/4cd40d6b52.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/4cd40d6b52.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
05c386c4597929cda6bae70697d9ea62
051acb97a58852c4147818828f40babbdf620775
485ea2a5b6dabd93c6ad44d2a5f4f76d09c18296437cb1dbc59880332d1ee5a4

HTTP Headers

GET /h/up-00.com/uploads/4cd40d6b52.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5UC5jjgVwvbWqsv6OUi36FGXemigRVyqOPh2TvnUjqMZipSjtMMGVeUrRdPy53GI1FFpQMDgBkvj5LzeoikCOB%2BN%2BIiCx9W1t0YGlN6ItVnqIGbLRKqvcZXvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b970f0b070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b970f0b070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/3092845e3c.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/3092845e3c.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
0e0d87464f49d4370fd87c1b91320f7f
52caafbed4b6ae73a5ce3bf0092e26f703769ab4
51801f35b8395d31391888d17909eb1fb96b545468f9248e0bfd2d924025991f

HTTP Headers

GET /h/up-00.com/uploads/3092845e3c.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUA73DpgP2mBf7IHcIJvkpR7N9Q%2BGwVdQWItH5aEK%2Bem7jSMUAJ5SGGiLhaWlO0U79CszWbEw4V%2Bx1KY2jwdGgFWEa52No3QpeZ0ag7cvqRPEymYqkflOV9FKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b970f0e070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b970f0e070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/cd06865626.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/cd06865626.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
b276db547cb6f6cc99aa081ebeeb0b0b
4d6063c217716c3ba00015c76e0d19db18d500b6
625fa0c29c74dfbe5536ebc37af4ec4daa91661af96c5c5ac4531af474e102a8

HTTP Headers

GET /h/up-00.com/uploads/cd06865626.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JggFarWnIPou%2BRX1PlUvTWW4wrYD7%2F9kXMZKcpQ33yiD6noDtetUeztUvrm22jz4Dcm3XvoE5QLiVHajdPMJWAdCz1tJLx4ToTrG17Jm4aRzV4FDXBGSmo0%2F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969e98070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969e98070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/950815a6fa.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/950815a6fa.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
8b525f2b0f75c89b31eaa73f621db259
0927bc13b9d505f93109f0b793c1b448ece51cdd
9b37ca1b79cc025af4120cdebc1ed57a3bbb0575755ed4285b0cd3c30be87a93

HTTP Headers

GET /h/up-00.com/uploads/950815a6fa.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51jnWFcyjB7cZkRVDpbyy6980fuf7g1EHYaxTBjnnE%2BeCtIHQeyE07oQaFr7zvscJ57rBL6uZ1B%2FAcdO2JWSlEPp6XKih2vQ6E7RmzzGxqTx6iMvZjNSJcx42g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969ea9070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969ea9070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/9cb6702bf6.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/9cb6702bf6.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
7593921d435312f1f268a61ab7acade5
d855b0e35b0b2f616172c71bb87b0e4011f56439
cd4d1ba2b335bac30b6887339f26d6e792018f910c80aaeec6a63b42ab1418c6

HTTP Headers

GET /h/up-00.com/uploads/9cb6702bf6.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnMLJ8P4xgGrO%2FSyX5hL%2FVVarsm1ynf6kNgRA3oW1YYZMQfrT3yCwHLFLNiHzXufylZsWVSyYFo5vrkXpKPIqn9N6akY2WXUTESUBp4ZUzpbE9L3UYeYt7aZxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969e95070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969e95070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2img.net/h/up-00.com/uploads/dc1adc08bb.gif

104.21.235.75

504 Gateway Timeout

6.3 kB

URL GET HTTP/2
2img.net/h/up-00.com/uploads/dc1adc08bb.gif
IP
104.21.235.75:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subject2img.net
FingerprintA6:92:E6:1C:45:3E:B4:35:4C:3F:28:CB:2B:6B:DB:2B:1E:8D:B0:41
ValidityWed, 05 Apr 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Size
6.3 kB (6340 bytes)
Hash
cfc86631841e06961324a7f061207073
87e3b0f8d4fb90ea2d8e926849889b2e9f22e95d
32d6bef9549970893e69a6dc9c4f7c79f582ceabf8d5258e501b0f511d4a9638

HTTP Headers

GET /h/up-00.com/uploads/dc1adc08bb.gif HTTP/1.1
Host: 2img.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 504 Gateway Timeout
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: text/html; charset=UTF-8
content-length: 6340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCQ2DTg4nscvR5%2F2j76zJvMT2fFHlfLqapj5BVmEiehrWY5Ln%2FzaM5%2FAkzdNheQdXiIJo1%2BadfptWu9UbpxxbAHe%2BFrAQgO5PkUEOXwI1vuApMoxXAyk4mK89w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: cf_ob_info=504:80c29b969e96070e:LHR; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
cf_use_ob=443; path=/; expires=Mon, 25-Sep-23 10:33:49 GMT
server: cloudflare
cf-ray: 80c29b969e96070e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-VKHBPXN046&cid=2082375279.1695637996&gtm=45je39k2&aip=1&z=106959061

142.250.74.35

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-VKHBPXN046&cid=2082375279.1695637996&gtm=45je39k2&aip=1&z=106959061
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintF8:21:85:85:E7:A3:F0:03:9E:50:77:60:8D:CB:66:7C:41:ED:3D:28
ValidityMon, 04 Sep 2023 08:25:22 GMT - Mon, 27 Nov 2023 08:25:21 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-VKHBPXN046&cid=2082375279.1695637996&gtm=45je39k2&aip=1&z=106959061 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 10:33:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tbn0.google.com/images?q=tbn:BSXr5DGFcUCvBM:www.taybe4all.com/fofo/aedara.gif

216.58.211.4

200 OK

9.2 kB

URL GET HTTP/2
tbn0.google.com/images?q=tbn:BSXr5DGFcUCvBM:www.taybe4all.com/fofo/aedara.gif
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
PNG image data, 150 x 170, 8-bit colormap, non-interlaced\012- data
Size
9.2 kB (9222 bytes)
Hash
b8afadfdcf070f1991ead11fb592c484
d909292f28b4fca3c93c35e43ca40c4f85d8005e
bf79d2a92303b551b09dd6fb5ea295fa18e0cfe054c2f671b44c822f61b065c3

HTTP Headers

GET /images?q=tbn:BSXr5DGFcUCvBM:www.taybe4all.com/fofo/aedara.gif HTTP/1.1
Host: tbn0.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 9222
date: Mon, 25 Sep 2023 10:33:19 GMT
expires: Tue, 24 Sep 2024 10:33:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Oct 2019 18:06:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stootsou.net/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
stootsou.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint79:21:5A:B2:01:54:9D:62:B3:D8:BF:F7:15:99:15:AE:A5:34:63:89
ValiditySat, 02 Sep 2023 05:16:00 GMT - Fri, 01 Dec 2023 05:15:59 GMT

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jammaien.hooxs.com/
Content-Type: application/json
Content-Length: 726
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1c63edd32d2eb71b4d5e61970be221cf
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ac.aruncdn.com/f/nat/player.js?3

172.67.70.117

200 OK

129 kB

URL GET HTTP/3
ac.aruncdn.com/f/nat/player.js?3
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type
ASCII text, with very long lines (10295)
Size
129 kB (129241 bytes)
Hash
69624877c62cb83429ed5b682551fc5d
7d567e862de03ab89221bba9d444bbc14ff3c8b5
1a0582348cdd3c811bb9fd2b21e1b819f1d0c7109cb8f4ec7d1c98d6e47cf717

HTTP Headers

GET /f/nat/player.js?3 HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: application/javascript
last-modified: Mon, 20 Mar 2023 11:43:58 GMT
etag: W/"69624877c62cb83429ed5b682551fc5d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: gptE2zR3u626wYEeanhFJcA.tB588i.U
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: J29SPimUJ1qTkdV6KWqH73ptMnKhj_vrxIXcycv3_Ppp30KcqN460A==
age: 16325190
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iM2sIJHyPrirgURXsE5HaG8AIc%2FeIhLj7yxiuqwuqWS7MshogSFuVnHh1tAyG15gZnwC3anLkl3NGDtuxBKEYtO%2BtVyatplGIS4I%2B5wxoW%2BZz%2FEhG3TGDvfyQVwqgjQe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80c29bb90d6a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jammaien.hooxs.com/images/icons-180.png

94.23.76.111

200 OK

28 kB

URL GET HTTP/2
jammaien.hooxs.com/images/icons-180.png
IP
94.23.76.111:443
ASN
#16276 OVH SAS

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subject*.hooxs.com
Fingerprint39:37:02:D5:DE:09:F0:F9:A1:0D:D1:BA:F1:32:52:2F:67:9E:C1:B4
ValiditySun, 17 Sep 2023 03:50:24 GMT - Sat, 16 Dec 2023 03:50:23 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28205 bytes)
Hash
a354f3f7125a5c5ae05f4ad34e5fe394
daa4101e367535742808c68c405fc9e722f3fce1
876cb49b061df4197cb18a43b06a8002cdeb616c3bf9198e5d1444f73b5737c6

HTTP Headers

GET /images/icons-180.png HTTP/1.1
Host: jammaien.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/t3067-topic
Cookie: exadd=169565; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A1024%7D; _ga_VKHBPXN046=GS1.1.1695637995.1.0.1695637995.60.0.0; _ga=GA1.1.2082375279.1695637996; prefetchAd_3765907=true; _pbjs_userid_consent_data=3524755945110770; _pubcid=3371e1ce-7739-4f2a-a9d1-115b5773bc4d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: image/png
content-length: 28205
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 25 Sep 2023 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2

imasdk.googleapis.com/js/sdkloader/ima3.js

216.58.207.234

200 OK

367 kB

URL GET HTTP/3
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
ASCII text, with very long lines (2448)
Size
367 kB (366685 bytes)
Hash
458b4d4728ba5713f33e5dba2b467f4d
81804a8ab226cad7d25c1470a33e78dd16416448
0bfbbc57a6a01182f738b9d582dd16a6b1075954a501f8c995af2a7e5b40d56e

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125688
date: Mon, 25 Sep 2023 10:33:19 GMT
expires: Mon, 25 Sep 2023 10:33:19 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

illiweb.com/rs3/78/frm/lang/notutf8-ar.js

188.114.96.1

200 OK

73 kB

URL GET HTTP/2
illiweb.com/rs3/78/frm/lang/notutf8-ar.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (64153), with no line terminators
Size
73 kB (73398 bytes)
Hash
62e35ea8e983f57faeaa0ad9de0e921a
89f4574fda9f54ecf11e03abc506ebfacb9327bb
838a8e6679e37024193427f1eaed80ead763da4c67034f444fecbaac2b782156

HTTP Headers

GET /rs3/78/frm/lang/notutf8-ar.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=73403
access-control-allow-origin: *
expires: Wed, 07 Aug 2024 09:02:48 GMT
last-modified: Tue, 16 May 2023 15:02:01 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 4152625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52xHeyctBZlUk2Jo7eQt3wvUu%2BBiFPKOVsvSdg0%2FXh1oOgTkVR94Kmtxy%2FvPVQsdE0FZHYeIe%2Bymr3Dgw8gG81Uw0nTCzmzoJ7Ar16OKP%2BiFxS5Fxta2rfKjoEFzxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b95bd310afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ac.aruncdn.com/j/prebid/pre.js?47

172.67.70.117

200 OK

478 kB

URL GET HTTP/2
ac.aruncdn.com/j/prebid/pre.js?47
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
478 kB (477474 bytes)
Hash
2fbe30d009abc54ff04795c6d14da709
0626ce35a7a48628dd7d2507cf1f08dfb02d496d
51b6b311805712db5a8d23981d54327822a438112649fa816c0e6abb731d9206

HTTP Headers

GET /j/prebid/pre.js?47 HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 13:03:56 GMT
etag: W/"2fbe30d009abc54ff04795c6d14da709"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: 3oRW8tSghcfXJE_15EP1tOtiWLRy.9G.
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qh1iTMQB5KScGit8jz39QlX8FcqvPYXdngtPEyyHeALCy-icowiEwQ==
age: 19849529
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpvrNJwpJSxK%2FvQEaeQUfVN52mj9kfOQMR8s5iYhGFpQnRoxEtEKrh6zwlwWfQTl7eprP8W%2BiaSUL6aC08hpYkMrY4DF2UAVWnWKFhj9XsFA%2FZCqO7df2xTxJyZIBJ4V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
server: cloudflare
cf-ray: 80c29b9f6f9a0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ac.aruncdn.com/i/logo/logo.svg?3

172.67.70.117

200 OK

1.0 kB

URL GET HTTP/3
ac.aruncdn.com/i/logo/logo.svg?3
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1061), with no line terminators
Size
1.0 kB (1039 bytes)
Hash
f36b2c1c6be939ce2b3c32d3b1495d31
554a2e940768d536c74745a5cadb74f6d6b0256d
29d45467cd155b67d94f40ecc5950ed68908173ad67e99db6de184c1c6c158e5

HTTP Headers

GET /i/logo/logo.svg?3 HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Apr 2023 13:32:11 GMT
etag: W/"2f850b9b51d9dfef215f3107413d73d9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: bPpcxis79HH2gE6Bcx_gNzn7H7j..b_S
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cgJB3MZPwVmgz-2xGfxQymrUyvsNXKejp86nj0NgqqXQw9q0_KL5iA==
age: 2166369
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkKUrEmGPfMCY6jI%2BR9bJhdB3GvXrdACyRZiwnG9V9qdNfoidS64PskCU749QWHPtmj7NQz%2B0Z4fD4InYafJ4%2FbkgGejGSJSmd8nCwAGi0Y1dbNQMqQkCXpaqELmO4Zz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80c29ba7397f0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ac.aruncdn.com/f/nat/1.native.js?ver=222614

172.67.70.117

200 OK

16 kB

URL GET HTTP/3
ac.aruncdn.com/f/nat/1.native.js?ver=222614
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type
ASCII text, with very long lines (15842), with no line terminators
Size
16 kB (15842 bytes)
Hash
0b8f24c6d87e1c425d170fcda6036e7e
24a57e3891f72e8f07b124f3cbe41f792670f394
cbeda8c681183b4cf452950ae66650e596ab8ecda43e51f32d411d466fc01c90

HTTP Headers

GET /f/nat/1.native.js?ver=222614 HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/javascript
last-modified: Mon, 17 Apr 2023 13:32:05 GMT
etag: W/"0b8f24c6d87e1c425d170fcda6036e7e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: iAvjvbQsV2FfJuq4SRwGZGH9Wv3t2BD9
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: stUnyE8Pdbf7oK3OQqXtkGQZeUlmxS8c09IeRPkSqCK8lMQZtLQm0w==
age: 2165518
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvTG2bLtYjiCJs62PiJ5CzFcC41GCoNIkdgW2Jx6wPs2rUz940FaP6%2FoZFc3Tqz0Lq6z0LiH3qky2iGJa2NYsomrnyT27fXfWumzamd1LPonPBclKID5w4cRll5mxJSh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80c29ba5e89f0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

my.rtmark.net/gid.js?userId=93c936aabb044602919afee6a155ecf3

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=93c936aabb044602919afee6a155ecf3
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
3df25f6030eb4b3673bd180a60f6a75f
3b52105d0ee27a3ab3c3469a314c6594dadd6088
b7bec62617fb7a2f99f9a9ce9d593428f60d6361cc09ff68452be49d7b8bb4d3

HTTP Headers

GET /gid.js?userId=93c936aabb044602919afee6a155ecf3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=93c936aabb044602919afee6a155ecf3; expires=Tue, 24 Sep 2024 10:33:16 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ac.aruncdn.com/f/nat/0.native.js?ver=222614

172.67.70.117

200 OK

112 kB

URL GET HTTP/3
ac.aruncdn.com/f/nat/0.native.js?ver=222614
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type

Size
112 kB (111831 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f/nat/0.native.js?ver=222614 HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/javascript
last-modified: Mon, 17 Apr 2023 13:32:05 GMT
etag: W/"057c03f785f28ded09961b24b88a9bf3"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: 80hSQyWwKRboifNE7pKaTu9RO2wXZBxA
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9t3BT639w6iRYALNwCXAhJdWETpZ5dI66e2dbvpss82QIaNnvssmYw==
age: 2150163
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aBRPysU2xorM%2BAyhVnR9NoVDQz4VfkP4S8lBPEny%2Fn84U3Bq3S5pdf5xLI9LZbYMLewToslb9M1SAp0a8jcu7DOE8W786OsDQnrWcV7H%2Bn54we%2F64zxaDhUU%2BzwUt74"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80c29ba5d89a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

illiweb.com/fa/favicon/discussion.ico

0.0.0.0

0 B

URL GET
illiweb.com/fa/favicon/discussion.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fa/favicon/discussion.ico HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:19 GMT
content-type: image/x-icon
last-modified: Mon, 27 Jan 2020 10:55:34 GMT
etag: W/"5e2ec1a6-94be"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Wed, 05 Jun 2024 23:05:11 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 9545295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iy2DH7SUo6S06fje0MHS15EKH9R6MUzsq79AdJTlMiwgWnFzFJJ3RgQX7X0fQ4QLaplWPdtWNDyFWkp8OVVXSMfTY%2Bp%2BT%2BGghw46JathCOGzKPDg1AUSIsdajnNXpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29bb76ed81c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

illiweb.com/rs3/78/frm/mentions/tooltipster.js

188.114.96.1

200 OK

18 kB

URL GET HTTP/2
illiweb.com/rs3/78/frm/mentions/tooltipster.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17499), with no line terminators
Size
18 kB (17499 bytes)
Hash
c5c6a5cbc41364e0fbc73470d7ce7dfc
2c0a798e6fe124e3c58393c73ccb632be9058f48
a56d8fd2c346648167ab574f3be9f54f3a96707aeddcdd3ceabd3ac1201b8057

HTTP Headers

GET /rs3/78/frm/mentions/tooltipster.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Wed, 07 Aug 2024 07:53:57 GMT
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 4156756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz645NlLSFi2FmRTZKC3vNccAVejWhJdKFRBaRZbUOcPb4oQY61P0tpqfjAfovk%2FxyBvTcCkeOUOSSTP7rr1O5otM2Z7kEm%2BjV%2F8Gz8QpZtCEGmixSmKVEaPU08PAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b95cd450afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.betgorebysson.club/?rb=mNKdZjOhmgs7sfG_1GPXto8kLrlFYZIEJyUIPQPEqA-x8OqhQM9ONZJpebwzfihQ8wnRc3rQROHA-vdbeptkp9E_t7CEDArCxIBGcUSqY8K4YuK10ACohGi8mMyI2pCWVwEYOnvf89cufpIy5q-kVZlJz1ts3YDYO7c9so1JR5ACaY25z6ibMMRsBxlZShliMMrRgJaboxotW9eZSREfKPjVF0Q6_se9&request_ab2=0&zoneid=3765907&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=7793ab93-bbc8-4821-8c81-ba57b741d144&userId=93c936aabb044602919afee6a155ecf3&m=link

139.45.195.8

200 OK

2.4 kB

URL GET HTTP/2
cdn.betgorebysson.club/?rb=mNKdZjOhmgs7sfG_1GPXto8kLrlFYZIEJyUIPQPEqA-x8OqhQM9ONZJpebwzfihQ8wnRc3rQROHA-vdbeptkp9E_t7CEDArCxIBGcUSqY8K4YuK10ACohGi8mMyI2pCWVwEYOnvf89cufpIy5q-kVZlJz1ts3YDYO7c9so1JR5ACaY25z6ibMMRsBxlZShliMMrRgJaboxotW9eZSREfKPjVF0Q6_se9&request_ab2=0&zoneid=3765907&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=7793ab93-bbc8-4821-8c81-ba57b741d144&userId=93c936aabb044602919afee6a155ecf3&m=link
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectbetgorebysson.club
Fingerprint99:58:D1:B7:75:9D:59:6D:21:BA:B1:D2:39:B4:29:20:7C:A0:37:35
ValidityTue, 01 Aug 2023 07:39:12 GMT - Mon, 30 Oct 2023 07:39:11 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2413), with no line terminators
Size
2.4 kB (2384 bytes)
Hash
306118711089e5ea20e557b3dd92f616
ae3c0b3f8275b642b732b3f5a4c3c3e3443c7361
801025dac2709519c70848aa7576cdd6705eba3501be65dd511a5cd1b8229ccb

HTTP Headers

GET /?rb=mNKdZjOhmgs7sfG_1GPXto8kLrlFYZIEJyUIPQPEqA-x8OqhQM9ONZJpebwzfihQ8wnRc3rQROHA-vdbeptkp9E_t7CEDArCxIBGcUSqY8K4YuK10ACohGi8mMyI2pCWVwEYOnvf89cufpIy5q-kVZlJz1ts3YDYO7c9so1JR5ACaY25z6ibMMRsBxlZShliMMrRgJaboxotW9eZSREfKPjVF0Q6_se9&request_ab2=0&zoneid=3765907&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=0&pl=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=7793ab93-bbc8-4821-8c81-ba57b741d144&userId=93c936aabb044602919afee6a155ecf3&m=link HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jammaien.hooxs.com/
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Cookie: OAID=93c936aabb044602919afee6a155ecf3; oaidts=1695637996
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/json
x-trace-id: 9ac318ebe6a2b11e1fa7b864cb16c3aa
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=93c936aabb044602919afee6a155ecf3; expires=Tue, 24 Sep 2024 10:33:16 GMT; path=/; secure; SameSite=None
oaidts=1695637996; expires=Tue, 24 Sep 2024 10:33:16 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 02 Oct 2023 10:33:16 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

illiweb.com/rs3/78/frm/jquery/marquee/jquery.marquee.min.js

188.114.96.1

200 OK

4.5 kB

URL GET HTTP/2
illiweb.com/rs3/78/frm/jquery/marquee/jquery.marquee.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (4769), with no line terminators
Size
4.5 kB (4467 bytes)
Hash
e0d7ab914a6110b11965f0ace08e0796
b6c5a5da438a8668523cdc0242afd37acb3bfdb2
aa41cfcf4d5226769d0e7209f085973e718e86ac46035d16fb933362a1b8a64c

HTTP Headers

GET /rs3/78/frm/jquery/marquee/jquery.marquee.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2019 14:00:14 GMT
expires: Wed, 07 Aug 2024 07:57:47 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: HIT
x-cache-pr: HIT
cf-cache-status: HIT
age: 4156526
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nI799GdeqeE3YX5193pFVPgvs%2B8gSSPUlhcMcgvXkl49YJ%2FXxcOjby9%2BSfB5eqYzj8olxbdMaiCM8htO7ifm6RtlPs0H485gNUhVzsC92MCEVZDHehT9cdqpo%2F8QeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b955cda0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

illiweb.com/rs3/78/frm/jquery/cookie/jquery.cookie.js

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/2
illiweb.com/rs3/78/frm/jquery/cookie/jquery.cookie.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1011), with no line terminators
Size
1.0 kB (1011 bytes)
Hash
12a485a250e60806fbe4ab8bd03dfbf8
ea48bc03bfb90a966f28d302992ec02fe55da978
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90

HTTP Headers

GET /rs3/78/frm/jquery/cookie/jquery.cookie.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 30 Aug 2024 13:10:03 GMT
last-modified: Wed, 09 Sep 2020 09:40:28 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2150589
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8pufBn08vl3QCryP3xT550BcJlFdVGf3ogjHQ8t1B%2BKcJZFG%2FlPBH16NAFKSIvIeBPeXPUxaTwiwfNeF9PHfwgbVRGiLqQP2l1VUWpnzh%2FLIGcAFLKAeqLUY5RpLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b95bd320afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

illiweb.com/rs3/78/frm/twemoji/twemoji.min.js

188.114.96.1

200 OK

17 kB

URL GET HTTP/2
illiweb.com/rs3/78/frm/twemoji/twemoji.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type

Size
17 kB (16923 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rs3/78/frm/twemoji/twemoji.min.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: application/x-javascript
last-modified: Tue, 10 Jan 2023 08:34:14 GMT
expires: Fri, 30 Aug 2024 08:41:40 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
cf-cache-status: HIT
age: 2166693
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfkL1ZwwThn2xmyqGRRJvHBMmhawoObDjFZmt2U3QMh5YNW3zPeQqa4TxIz83%2FaoOnC5lDIYnywnaRr%2FlGPBR8z3gyDk%2BS23ePWjxST74md0lftUzkLQktkABV3PnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b952cbd0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stootsou.net/pfe/current/tag.min.js?z=2308013

139.45.197.250

200 OK

13 kB

URL GET HTTP/2
stootsou.net/pfe/current/tag.min.js?z=2308013
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint79:21:5A:B2:01:54:9D:62:B3:D8:BF:F7:15:99:15:AE:A5:34:63:89
ValiditySat, 02 Sep 2023 05:16:00 GMT - Fri, 01 Dec 2023 05:15:59 GMT

File type
C source, ASCII text, with very long lines (13266), with no line terminators
Size
13 kB (13266 bytes)
Hash
2ab81df34a2461b2a4885cf8b04ec7a9
7182892392c7320d1c11106f33a1789d08329ac3
e58b4c163cb14f66ced74ce6a9fe37321b148a519af57a516335fc09851b0dcd

HTTP Headers

GET /pfe/current/tag.min.js?z=2308013 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 12:11:16 GMT
etag: W/"65083e64-33d2"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-144347007-1

142.250.74.104

200 OK

189 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-144347007-1
IP
142.250.74.104:443
ASN
#15169 GOOGLE

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (4179)
Size
189 kB (189175 bytes)
Hash
172fc78a35187323a8df9fe97d4da0c9
5cde22eef68205d6061b52d6a597831d8ef74b30
f878d7912a05e5c0e22849601090462746f0e4fa4d6f9585ef0f1259bc2105d6

HTTP Headers

GET /gtag/js?id=UA-144347007-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 25 Sep 2023 10:33:13 GMT
expires: Mon, 25 Sep 2023 10:33:13 GMT
cache-control: private, max-age=900
last-modified: Mon, 25 Sep 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68966
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

illiweb.com/rs3/78/frm/mentions/init.js

188.114.96.1

200 OK

2.2 kB

URL GET HTTP/2
illiweb.com/rs3/78/frm/mentions/init.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2196), with no line terminators
Size
2.2 kB (2163 bytes)
Hash
65833c5734660e8ae361f80c988b9932
066747074203b056f41f12187566e783617cf62f
3101ca79c5444ef7a87c05e676048432db3c28c36ff5a2bb86394eb9738037a9

HTTP Headers

GET /rs3/78/frm/mentions/init.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Wed, 07 Aug 2024 07:53:57 GMT
last-modified: Wed, 22 Mar 2023 14:29:57 GMT
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 4156756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaGyH9Jb9yqbzd1tyJGqhRElvn4hS1erWsOu0DJUx5obsaBHrAXRgdD4yasTG7THFzgtfY4zaMvkh8JwzM0s0lG5cOw8Cvm5vfIeDeQZ3Imsus%2ByHG%2FdpX4cvgOyqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b955cdd0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.betgorebysson.club/apu.php?zoneid=3765907

139.45.195.8

200 OK

84 kB

URL GET HTTP/2
cdn.betgorebysson.club/apu.php?zoneid=3765907
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectbetgorebysson.club
Fingerprint99:58:D1:B7:75:9D:59:6D:21:BA:B1:D2:39:B4:29:20:7C:A0:37:35
ValidityTue, 01 Aug 2023 07:39:12 GMT - Mon, 30 Oct 2023 07:39:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (83496 bytes)
Hash
d4a55c5bf5dcb19019029bdd079f9cab
175427aa59ee412c49b7b4060b6365964db8ddba
ddca5f921e49248434e087c6553dfe2d16019da42ca20f78c04b5350fe0fbd27

HTTP Headers

GET /apu.php?zoneid=3765907 HTTP/1.1
Host: cdn.betgorebysson.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/javascript
x-trace-id: c6ad31e93a4dce017a789b317f20670f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=93c936aabb044602919afee6a155ecf3; expires=Tue, 24 Sep 2024 10:33:16 GMT; path=/; secure; SameSite=None
oaidts=1695637996; expires=Tue, 24 Sep 2024 10:33:16 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230925

104.16.86.20

200 OK

1.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230925
IP
104.16.86.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1737), with no line terminators
Size
1.6 kB (1599 bytes)
Hash
060c6862b7aa19cc2d105793ca142610
9ebde8a6c9cad23fab8c838f7fdd8a3889ea3116
97e6f190ef0fa1235b625df4e2533e1167f64ba19b3894e388608da88de94717

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json?date=20230925 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.0.1823
x-jsd-version-type: version
etag: W/"63f-9RDZGmVvcyaQiKO+uc/puC3XVIE"
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4521-YYZ
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 23533
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAz9BQJq71PxlulJvYOOsW8XpmTuLafmyYcLb4BP3i%2FS4bu%2BTpnIiQ%2Bf%2FylU9%2FNo9VDOUtnC65iV6CrPM6U1CZ93D70fjNG6IFDWzd%2BbjHEpOqluBOahcFv5nXeF6zN%2Bey0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80c29ba8b89c5684-OSL
content-encoding: br
X-Firefox-Spdy: h2

stootsou.net/pfe/current/universal.min.js?v=3.1.460

139.45.197.250

200 OK

88 kB

URL GET HTTP/2
stootsou.net/pfe/current/universal.min.js?v=3.1.460
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subjectstootsou.net
Fingerprint79:21:5A:B2:01:54:9D:62:B3:D8:BF:F7:15:99:15:AE:A5:34:63:89
ValiditySat, 02 Sep 2023 05:16:00 GMT - Fri, 01 Dec 2023 05:15:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87463 bytes)
Hash
0f22080b3f88f2f09bbabbcb8e9550c4
191596e48cd208528643ab0530ce3b2cb3f68fae
5d1d95a226026f763d0d086ef23b7cdc09e9dd0c68df56d6d638b0474a64e1e0

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.460 HTTP/1.1
Host: stootsou.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jammaien.hooxs.com/
Origin: https://jammaien.hooxs.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 12:11:16 GMT
etag: W/"65083e64-155a7"
access-control-allow-origin: https://jammaien.hooxs.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

script.4dex.io/localstore.js

104.26.9.169

200 OK

3.9 kB

URL GET HTTP/1.1
script.4dex.io/localstore.js
IP
104.26.9.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectscript.4dex.io
Fingerprint3B:2C:BC:39:64:F4:D4:D0:E1:70:EB:66:ED:61:AD:94:83:40:3A:DB
ValidityWed, 23 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT

File type
ASCII text, with very long lines (4001), with no line terminators
Size
3.9 kB (3870 bytes)
Hash
c71c7e87ef544f81a58e3ad5c0ef0831
3f1a40c937ab048c84056a7cd3e3373dee2145cd
c32ce87166fa39ed4d76d7df626c118ea479c05ee5458602af63ec5d8c3cd92f

HTTP Headers

GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 25 Sep 2023 10:33:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"0af72eec7d8a989a97bdaff1da2598fa"
Last-Modified: Thu, 21 Sep 2023 08:51:51 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 351596
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk3EONKFxqbJ2WOz8lLZvU%2FAYxYtYA9xgjfW5wjfo6EMsA0jQK8uylR19NUB00%2BoFV0OuZvUIha8mYSJFgFmsKCtIlVy%2BiL7sXermERl6YI26jjRFdpW7GWvBsmQduCz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 80c29ba8fc5cb51d-OSL
Content-Encoding: br

ac.audiencerun.com/j/tag.js

143.204.55.126

200 OK

12 kB

URL GET HTTP/2
ac.audiencerun.com/j/tag.js
IP
143.204.55.126:443
ASN
#16509 AMAZON-02

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerAmazon
Subject*.audiencerun.com
FingerprintE8:5D:12:DB:6B:6D:C2:41:12:B8:68:6D:BE:A1:CE:81:61:2B:98:97
ValidityTue, 27 Jun 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
12 kB (11839 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /j/tag.js HTTP/1.1
Host: ac.audiencerun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 17 Apr 2023 15:14:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: xyYyC6OnLzBNuT1uHFp8RO6rezdaF2yP
server: AmazonS3
content-encoding: gzip
date: Sun, 24 Sep 2023 19:45:16 GMT
cache-control: max-age=86400,public
etag: W/"054d6461512dfdcea0024a17944a7000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4vZMZJaHQBVul1a6T_SXOe-q9CSSkL-2K9yc7WmCv6BZywoI_CWtYA==
age: 53332
X-Firefox-Spdy: h2

ac.aruncdn.com/i/f/close.svg

172.67.70.117

200 OK

782 B

URL GET HTTP/3
ac.aruncdn.com/i/f/close.svg
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type
SVG Scalable Vector Graphics image\012- XML document, ASCII text, with very long lines (819), with no line terminators
Size
782 B (782 bytes)
Hash
81cdd608d685aa94c087ebd968d6b616
c7e4a5bac4a335b34d9ceeeab6efdcb4b50ec6e0
1114ff4c3c6a61ece13e03c872e33910637b0bf0c5ad55ede59284b27d50348a

HTTP Headers

GET /i/f/close.svg HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: image/svg+xml
last-modified: Mon, 20 Mar 2023 11:44:06 GMT
etag: W/"75b7a0f5d0964082b842670da4ef0ae8"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: 7BD_J9s3hR.Y_74pyMz.bUgziHKJyMs.
x-cache: Hit from cloudfront
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: tq3zMwm44-a08-JdqvNwlIaykwEUATCsYxBWTYgn-cUAOHOT0jDRTw==
age: 16325181
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFD5XdFtLljn2C7556F%2BmPFj5PFbkMmLaHo5aJEA2jZnN5ZLe%2FPy4M%2FhsMdcTqKM8a6NngHv%2BoFBGfn6lQQCUccMtAkAETIQC%2BLSUvnChTEh2NL8EdxPbNT8UYbJFu8J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29ba799b70afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ac.aruncdn.com/i/f/arrow.svg

172.67.70.117

200 OK

783 B

URL GET HTTP/3
ac.aruncdn.com/i/f/arrow.svg
IP
172.67.70.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerGoogle Trust Services LLC
Subjectaruncdn.com
FingerprintDD:D0:49:06:F8:05:49:45:79:58:DF:21:89:1B:60:7B:41:F1:A6:BA
ValiditySun, 17 Sep 2023 05:14:04 GMT - Sat, 16 Dec 2023 05:14:03 GMT

File type
SVG Scalable Vector Graphics image\012- XML document, ASCII text, with very long lines (825), with no line terminators
Size
783 B (783 bytes)
Hash
a734034b935b870e3b503edf2b89492e
e5524d574d35809c42c7c647ea037cf72ae70331
40b5faf0f4e2c682908efbed256155d4ba89f705d121143b2af65c587b6e7573

HTTP Headers

GET /i/f/arrow.svg HTTP/1.1
Host: ac.aruncdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Apr 2023 13:32:11 GMT
etag: W/"85879df3481a1e2f40eb9782977fa7f9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
x-amz-version-id: Z8CwKjdqFQw1sHXZTnhTCppMH4Z2I6Rq
x-cache: Hit from cloudfront
via: 1.1 515bf1bf612fe881047c4f033b8f25e4.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 98fWTPgd7nvVBHQgqUmG2N5h57QPyrUxGpDCSADdNd9nRSPpHKUQWg==
age: 2151793
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1kFrw2zNFLdq%2BidXSFOkVLr%2FFm%2Bs0JgW%2F%2Fj%2BxuSJG%2FbkvfZ0nmI4jAVO9mlDrmczgRZ4mpO4NXWBkzRUquU%2FNK%2BJ4k2VgzBBefDoQKfWqmRJMQblVelTbe6A5zn16VQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c29ba759910afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

illiweb.com/rs3/78/frm/mentions/tooltipster.css

188.114.96.1

200 OK

6.6 kB

URL GET HTTP/2
illiweb.com/rs3/78/frm/mentions/tooltipster.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6584), with no line terminators
Size
6.6 kB (6584 bytes)
Hash
f3601bc25ac378cab49e80650323640a
302535c34033bebe00f521da5bd4248178fe6ef2
4d2393ec9a6d20fc58d60f8d9140fd7ccdd709ec1ab00036dce2847901c2ba92

HTTP Headers

GET /rs3/78/frm/mentions/tooltipster.css HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=6667
access-control-allow-origin: *
expires: Wed, 07 Aug 2024 07:53:57 GMT
last-modified: Tue, 27 Aug 2019 14:00:10 GMT
vary: Accept-Encoding
x-cache-ne: HIT
x-cache-pr: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 4156756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzSjfjN1w%2FDSaEb4oWeleE%2Bo60JNRU4nDrlZLLyqhC%2BBwLKj4SnhDICZwGnG7%2Bgh5bvaIJQCvEzqP2bNbH5Ygj%2B9cw0MpfJu%2B2fXdtuQNq2bto%2FkTOYTD%2B2KfHlC7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b952cbc0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

illiweb.com/rs3/78/frm/embed/FA_Embed.js

188.114.96.1

200 OK

277 B

URL GET HTTP/2
illiweb.com/rs3/78/frm/embed/FA_Embed.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerCloudflare, Inc.
Subjectilliweb.com
Fingerprint8D:30:39:CD:DB:3E:FC:A9:EC:C9:A0:FB:D5:4A:1C:DC:4A:69:6C:E4
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
277 B (277 bytes)
Hash
7c08b7f1da97c37b7680d6f879d7ed40
97f715f01a5bb9d07ec879e3b5e14a631b087740
432bb74f6f65f0b392e4b531804bf529db2f58fa1868537599097f408c02b481

HTTP Headers

GET /rs3/78/frm/embed/FA_Embed.js HTTP/1.1
Host: illiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:13 GMT
content-type: application/x-javascript
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Fri, 30 Aug 2024 12:26:12 GMT
last-modified: Tue, 20 Apr 2021 14:17:00 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2153221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amVGVhoNH0HjdEJCDlXtR%2FRvppUxtxEd85WdZX8liyLw3GylhjVI%2B%2FyneK3Z%2Bth1hLOi8aZPFHWIJGx0dKjPWn6rnIG9BK6ABf5XBtE70AtWOKoW1XQoLIRTbiLoVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80c29b956cf60afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

jammaien.hooxs.com/sw.js

94.23.76.111

200 OK

5.5 kB

URL GET HTTP/2
jammaien.hooxs.com/sw.js
IP
94.23.76.111:443
ASN
#16276 OVH SAS

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerLet's Encrypt
Subject*.hooxs.com
Fingerprint39:37:02:D5:DE:09:F0:F9:A1:0D:D1:BA:F1:32:52:2F:67:9E:C1:B4
ValiditySun, 17 Sep 2023 03:50:24 GMT - Sat, 16 Dec 2023 03:50:23 GMT

File type
ASCII text, with very long lines (5791), with no line terminators
Size
5.5 kB (5460 bytes)
Hash
a055abace407334f1ec4dd6269301b82
0aaac6c30a29b3bcb4971fa5a1fb9298b9e7785a
001634d7febaa257bff4514176317a53dde0a60f624ce52f66d310a4c20b17c1

HTTP Headers

GET /sw.js HTTP/1.1
Host: jammaien.hooxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jammaien.hooxs.com/t3067-topic
DNT: 1
Connection: keep-alive
Cookie: exadd=169565; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A1024%7D; _ga_VKHBPXN046=GS1.1.1695637995.1.0.1695637995.60.0.0; _ga=GA1.1.2082375279.1695637996
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:15 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

d.audiencerun.com/c/5eyky1py1w?rid=ef148b7f-eae8-4b90-b988-f9e2f787bcd9&spu=65cd5f2a-258b-42ec-9e6e-259d9c0da831&sui=c14913d7-00f4-4c66-8abf-f4e61b9358de&s=null&a=1&msk=null&m=null&v=1.2.16&d=1695637995409&r=&vu=&dv=desktop&os=linux&br=firefox%2F111.0&ce=1&sr=1280x1024&o=portrait&tz=0%20GMT&ul=en&inf=0&ift=&amp=0&url=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&es5=0&gdpr=0&gdpr_consent=

3.136.131.237

200 OK

12 kB

URL GET HTTP/2
d.audiencerun.com/c/5eyky1py1w?rid=ef148b7f-eae8-4b90-b988-f9e2f787bcd9&spu=65cd5f2a-258b-42ec-9e6e-259d9c0da831&sui=c14913d7-00f4-4c66-8abf-f4e61b9358de&s=null&a=1&msk=null&m=null&v=1.2.16&d=1695637995409&r=&vu=&dv=desktop&os=linux&br=firefox%2F111.0&ce=1&sr=1280x1024&o=portrait&tz=0%20GMT&ul=en&inf=0&ift=&amp=0&url=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&es5=0&gdpr=0&gdpr_consent=
IP
3.136.131.237:443
ASN
#16509 AMAZON-02

Requested by
https://jammaien.hooxs.com/t3067-topic
Certificate
IssuerAmazon
Subject*.audiencerun.com
Fingerprint94:AB:58:9F:54:16:6D:D5:D2:60:7E:08:86:08:06:C3:EB:D3:C8:C8
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (11862), with no line terminators
Size
12 kB (11862 bytes)
Hash
55767818d6505e5c72d76e15ce83d1b6
5cfc632f76ac23fb00b3ba3f64146407181eebdd
51f7f1d1e703b7276147a93dc1474bae7756eb9835e7201be8f96e2dd540b486

HTTP Headers

GET /c/5eyky1py1w?rid=ef148b7f-eae8-4b90-b988-f9e2f787bcd9&spu=65cd5f2a-258b-42ec-9e6e-259d9c0da831&sui=c14913d7-00f4-4c66-8abf-f4e61b9358de&s=null&a=1&msk=null&m=null&v=1.2.16&d=1695637995409&r=&vu=&dv=desktop&os=linux&br=firefox%2F111.0&ce=1&sr=1280x1024&o=portrait&tz=0%20GMT&ul=en&inf=0&ift=&amp=0&url=https%3A%2F%2Fjammaien.hooxs.com%2Ft3067-topic&es5=0&gdpr=0&gdpr_consent= HTTP/1.1
Host: d.audiencerun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jammaien.hooxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Sep 2023 10:33:16 GMT
content-type: application/javascript
set-cookie: AWSALBTG=thiDmJiI10Ay3hEdWZ3J52xb9Fj2UisGXvlX/KwNOuCN0m1WdAtvGBOagpKrzRJuMFqnlY4uDe5qjfcbzEqFY/ONnfGpd54siA8gUzS2W7QSdVXIXT3uw27baHNqyYgNuX3pT4VUk11q6UTGtjK0HW1Y4aWAhEwZWS6OhTLEODHf; Expires=Mon, 02 Oct 2023 10:33:16 GMT; Path=/
AWSALBTGCORS=thiDmJiI10Ay3hEdWZ3J52xb9Fj2UisGXvlX/KwNOuCN0m1WdAtvGBOagpKrzRJuMFqnlY4uDe5qjfcbzEqFY/ONnfGpd54siA8gUzS2W7QSdVXIXT3uw27baHNqyYgNuX3pT4VUk11q6UTGtjK0HW1Y4aWAhEwZWS6OhTLEODHf; Expires=Mon, 02 Oct 2023 10:33:16 GMT; Path=/; SameSite=None; Secure
AWSALB=6HD/zvGQ5CKSYaphBm0QHBmXl7CjdpZV/bDI2qNyfue28PC7H/WGOSasioljnj1exfmvnd//I3BfF17cUSRHAwHiV1YV7Qhf9A1X7rXYDYjni54Hf2QJG0Md4zjG; Expires=Mon, 02 Oct 2023 10:33:16 GMT; Path=/
AWSALBCORS=6HD/zvGQ5CKSYaphBm0QHBmXl7CjdpZV/bDI2qNyfue28PC7H/WGOSasioljnj1exfmvnd//I3BfF17cUSRHAwHiV1YV7Qhf9A1X7rXYDYjni54Hf2QJG0Md4zjG; Expires=Mon, 02 Oct 2023 10:33:16 GMT; Path=/; SameSite=None; Secure
ui=1651161ec07fcb310984253; expires=Thu, 24-Oct-2024 10:33:16 GMT; path=/; domain=.audiencerun.com; SameSite=None; Secure
server: nginx
vary: Accept-Encoding
p3p: policyref="https://www.audiencerun.com/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"
timing-allow-origin: *
report-to: { "url": "https://d.audiencerun.com/reports", "max_age": 10886400, "include_subdomains":true }
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash