Report - 9bar.studio/

Report Overview

Submitted URL
9bar.studio/
IP
104.21.30.67
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-10 20:14:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
negationsome.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	27 kB	192.243.59.12
api.9bar.studio	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	830 B	1.3 kB	172.67.172.55
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
9bar.studio	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	760 B	1.5 kB	104.21.30.67
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	464 B	9.6 kB	142.250.74.3
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	558 B	216.239.34.36
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.164.47.107
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	21 kB	142.250.74.174
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.3 kB	142.251.1.157
api3.9bar.studio	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	832 B	1.2 kB	172.67.172.55
cuesingle.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.5 kB	27 kB	192.243.59.12
api2.9bar.studio	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	832 B	1.2 kB	172.67.172.55
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	7.1 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
imasdk.googleapis.com	11661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	129 kB	142.250.74.138
aops.9barv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	1.3 MB	104.22.55.199
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	404 B	52.59.153.168
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.100
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	180 kB	45.133.44.10
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.8 kB	23.33.119.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	76 kB	142.250.74.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-10	medium	cuesingle.com	Sinkholed
2022-09-10	medium	cuesingle.com	Sinkholed
2022-09-10	medium	cuesingle.com	Sinkholed
2022-09-10	medium	cuesingle.com	Sinkholed
2022-09-10	medium	cuesingle.com	Sinkholed

JavaScript (13)

	URL	Size	First Seen	Last Seen
	9bar.studio/	117 B	2023-03-07	2024-05-02
Pretty URL 9bar.studio/ IP 104.21.30.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:10 Last Seen2024-05-02 20:19:43 Times Seen106 Hash 6009140e06ad0a033dfafbbadecddc75 269877a97ae1a1c081b44331769b19bd74de2863 b5e9a9527d5bb626e7ad6c10c44937ee530657535ff053bf197c4d84b12c3dd8 Loading...

	9bar.studio/	79 B	2023-03-07	2024-02-06
Pretty URL 9bar.studio/ IP 104.21.30.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2024-02-06 03:27:58 Times Seen63 Hash bd5b05acf50cf9f2cca95036c2d670e8 adfd013cee46e64f024d592836c23949e6235bf1 62f609e56573b7c90e555b9207d61cc9524b3786ba1dc6ce810a73ae0d012d42 Loading...

	9bar.studio/_nuxt/2ff829c.js	186 kB	2023-03-07	2023-03-07
Pretty URL 9bar.studio/_nuxt/2ff829c.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash 387100cbe8e13dfa76cf659d5a4580a5 22de7baa10ee1ba17384ad14f538bf44e524dff7 bfbab1c45af033147aa4536be29c51bc72946aba745feb83139d1119c0608e6b Loading...

	9bar.studio/_nuxt/b14303a.js	268 kB	2023-03-07	2023-03-07
Pretty URL 9bar.studio/_nuxt/b14303a.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash 92063838364632a54c2b672879f438b8 69a574aeba16c4d5cccf25421c4f81e5970a6604 00c184babe641cb111860d97e19f36688e2497ba903ec1fe9f1ffb64a1600e98 Loading...

	www.googletagmanager.com/gtag/js?id=G-2YBGSYB8YT&l=dataLayer	215 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-2YBGSYB8YT&l=dataLayer IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash e4897eb34cad3a2f9d1e60403a9ea618 2d6a476a9144658d78631938ac4b7e8eb8644a65 cfc5588e51c716f910448075fef1529e00501c57c8062b8bfd375b89301658ac Loading...

	9bar.studio/_nuxt/5c0fcc5.js	22 kB	2023-03-07	2023-03-07
Pretty URL 9bar.studio/_nuxt/5c0fcc5.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash 6864ba9532ae0935e42f4ff6231c57bc 427db6b69da869a4ad90ada19f92c80604ed2941 a91ce288eff40b4b5b043f0f98f7c611b51e840788513e5ef1442be73d9fbca0 Loading...

	9bar.studio/_nuxt/c2489f3.js	1.4 kB	2023-03-07	2023-03-07
Pretty URL 9bar.studio/_nuxt/c2489f3.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash eabd51b614cb0507f2d47bd75dd272d2 8ef4ec0e52593d3a7b7894c3d010493f4dccfe4c 0db3b5aa3ded584389d5e7e0831c051838e89ad6f3d5fa9d59c923bc65e306b6 Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	386 kB	2023-03-07	2023-03-17
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:57:37 Last Seen2023-03-17 11:38:39 Times Seen1 Hash 0769eb57ac7f893256df9d2b5053f41e 1655b14c68184de1fda93e24c068ce510982bef8 5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4 Loading...

	9bar.studio/_nuxt/09e71a9.js	242 kB	2023-03-07	2023-03-07
Pretty URL 9bar.studio/_nuxt/09e71a9.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash 7a745c7691703c8e517a356fd7ed4096 4638ce9141348f5d687b45f6442ad9010c8b1a2f 1817739fce1950c66b1eb8b943bd199587510507b80284ecda949af3de4c8d19 Loading...

	www.googletagmanager.com/gtag/js?id=UA-207894774-1&l=dataLayer&cx=c	108 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-207894774-1&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash ea3863fb5f33041d55e8faaf0540100a d4430cd7e60f7c29272f76ae3a691af32f32d6cd 67b6354586949ab00f187275c2d7f7aa6e736c8b09ee3f12d97c6ab106fec716 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-05-09
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-09 01:40:26 Times Seen852 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	negationsome.com/df2fb6f89fec3719616ec21c6d988481/invoke.js	25 kB	2023-03-07	2023-03-07
Pretty URL negationsome.com/df2fb6f89fec3719616ec21c6d988481/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash a01687b5d0f9bc05eb2efada81705db9 79bbc60134b1d2e3c297a3f7467c059ef957af9a 4a0a0ece12959c32c86c60af2aa2e184be49cc1878bbe616227d175c7a429b81 Loading...

	9bar.studio/_nuxt/4dddd5f.js	3.0 kB	2023-03-07	2023-03-07
Pretty URL 9bar.studio/_nuxt/4dddd5f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:27:06 Last Seen2023-03-07 14:27:06 Times Seen1 Hash 2b599053212686427090c14f8aa2f93c c87f7de6496d1eece3c156636acd7024638b8a39 bffa95dda159bbc97567e6b78fa9757c7608940806919bb8dfa3bb2b2b584339 Loading...

HTTP Transactions (72)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 20:06:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gUSqdfje9ap4V3cc3-Eug4XiTKIco2KJmXtCm-Wyh3NsH0hGWa8qng==
Age: 418

9bar.studio/

104.21.30.67

301 Moved Permanently

169 B

URL HTTP/1.1
9bar.studio/
IP
104.21.30.67:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
8c2170ef3ddebf996718575917956e9c
618ab5fab7445b7797272607a22c0d307465857f
31976ec4fe4abdf91d242f8bacfc9f6cf16acc46d13d0de6e32a2da88076cc55

HTTP Headers

GET / HTTP/1.1
Host: 9bar.studio
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Sep 2022 20:13:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://9bar.studio/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShfW8Q5RGN03mYOLAhuuvxjiYt0pEdjTkgUW07m83GcNvYZja5A%2BWJWMZA6cSoNa5ViZjYjYagNAoc2oDNRj72LmNmhg0HGZAB0rpMRTKF3sNFO0d8GQqce955RtXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748ad3962ddb0b59-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14342
Expires: Sun, 11 Sep 2022 00:12:52 GMT
Date: Sat, 10 Sep 2022 20:13:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CtPD6ofEuIA8UzgIja8KR80IGwtRLEC7-V5bWxM4mCEkDkz50HsNQg==
age: 46598
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 20:13:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.33.119.27

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0c375fcc645500c59f754901bb90eaa0
4b48e241660f408a33d58066cee8139e5a302838
c1d8900845c94ebe15b534d78ebc13ceaec4e92b644e40f597a819bc05205396

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C1D8900845C94EBE15B534D78EBC13CEAEC4E92B644E40F597A819BC05205396"
Last-Modified: Fri, 09 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 11 Sep 2022 02:13:50 GMT
Date: Sat, 10 Sep 2022 20:13:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 19:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 20:00:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6V4gAmtd84YjVOFFpR032Te9QDRJYn2EmIMwwGZn32oraufAXHvNVw==
Age: 1064

e1.o.lencr.org/

23.33.119.27

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0c375fcc645500c59f754901bb90eaa0
4b48e241660f408a33d58066cee8139e5a302838
c1d8900845c94ebe15b534d78ebc13ceaec4e92b644e40f597a819bc05205396

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C1D8900845C94EBE15B534D78EBC13CEAEC4E92B644E40F597A819BC05205396"
Last-Modified: Fri, 09 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Sun, 11 Sep 2022 02:13:50 GMT
Date: Sat, 10 Sep 2022 20:13:51 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3846
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:51 GMT
Last-Modified: Sat, 10 Sep 2022 19:09:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

imasdk.googleapis.com/js/sdkloader/ima3.js

142.250.74.138

200 OK

128 kB

URL HTTP/2
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2831)
Size
128 kB (128333 bytes)
Hash
6f08e6f2dfa5ffa8f30373e23ee7c916
70eb7bd9756bc9845a9b5175a2ad4ef6e5b4ee7c
6491fde9374b5e34845ac867cbf48dc528de67e9e01ffe0f0308fe7294e466f1

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 128333
date: Sat, 10 Sep 2022 20:13:51 GMT
expires: Sat, 10 Sep 2022 20:13:51 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.164.47.107

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.47.107:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hj1bRcLykVLYQbMJ6KrYYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ovlJxa3hVFAP16i8b1FhXIWQCyM=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-2YBGSYB8YT&l=dataLayer

142.250.74.72

200 OK

75 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-2YBGSYB8YT&l=dataLayer
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18136)
Size
75 kB (75334 bytes)
Hash
de0e5182e81e8fe92ce2c5f611ea3ae3
10dd05a23e4592ce5111c0de8f3d352d449bbf60
d8698ac04bf89602e5548cc0dc6b6f5d03e896048812a2a96c4fd01e507df1e7

HTTP Headers

GET /gtag/js?id=G-2YBGSYB8YT&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 20:13:51 GMT
expires: Sat, 10 Sep 2022 20:13:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
25e12d7b35a1a6efb4bc97945209072e
72b67424bbd3042de531de92a57bfd97036e9526
3836fa49727f6b0cff300e4aaa480a76848ceda64f98d1a6e4e4986284fcd1ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 10 Sep 2022 18:41:12 GMT
expires: Sat, 10 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 5559
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2YBGSYB8YT&cid=196918048.1662840822&gtm=2oe970&aip=1&z=125991671

142.250.74.3

200 OK

9.0 kB

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2YBGSYB8YT&cid=196918048.1662840822&gtm=2oe970&aip=1&z=125991671
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
9.0 kB (8994 bytes)
Hash
8608da37ab082806453ae71487c634b6
601f2ba81626724a90d3e826cb62cec0ae63ef17
322d759763a078190cb9f56c4f0a6e7459fafd45cb6c30620c433326527b8970

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2YBGSYB8YT&cid=196918048.1662840822&gtm=2oe970&aip=1&z=125991671 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 20:13:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
25e12d7b35a1a6efb4bc97945209072e
72b67424bbd3042de531de92a57bfd97036e9526
3836fa49727f6b0cff300e4aaa480a76848ceda64f98d1a6e4e4986284fcd1ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55d14c90ec16748861894ce8f82eafcd
f3ebe8972971c1201c1ec7c533f019f79c36cde5
fa0dc0f0a76f3407dad8dae59a4817ef6b1371fcaa930448373d64720a036698

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207894774-1&cid=196918048.1662840822&jid=484041267&gjid=500529972&_gid=2100536050.1662840822&_u=YADAAUAAAAAAAC~&z=455792110

142.251.1.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207894774-1&cid=196918048.1662840822&jid=484041267&gjid=500529972&_gid=2100536050.1662840822&_u=YADAAUAAAAAAAC~&z=455792110
IP
142.251.1.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-207894774-1&cid=196918048.1662840822&jid=484041267&gjid=500529972&_gid=2100536050.1662840822&_u=YADAAUAAAAAAAC~&z=455792110 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://9bar.studio
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://9bar.studio
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Sep 2022 20:13:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 20:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/g/collect?v=2&tid=G-2YBGSYB8YT&cid=196918048.1662840822&gtm=2oe970&aip=1

142.251.1.157

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-2YBGSYB8YT&cid=196918048.1662840822&gtm=2oe970&aip=1
IP
142.251.1.157:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-2YBGSYB8YT&cid=196918048.1662840822&gtm=2oe970&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9bar.studio
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://9bar.studio
date: Sat, 10 Sep 2022 20:13:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-2YBGSYB8YT&gtm=2oe970&_p=604013221&_gaz=1&cid=196918048.1662840822&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662840821&sct=1&seg=0&dl=https%3A%2F%2F9bar.studio%2F&dt=9bar.studio%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B8%9F%E0%B8%A3%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B9%83%E0%B8%99%E0%B9%84%E0%B8%97%E0%B8%A2%20%E0%B8%AD%E0%B8%B1%E0%B8%9E%E0%B9%80%E0%B8%94%E0%B8%97%E0%B8%97%E0%B8%B8%E0%B8%81%E0%B8%A7%E0%B8%B1%E0%B8%99%20%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B9%84%E0%B8%97%E0%B8%A2%20%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B8%8D%E0%B8%B5%E0%B9%88%E0%B8%9B%E0%B8%B8%E0%B9%88%E0%B8%99%20AV%20%E0%B8%A3%E0%B8%B0%E0%B8%94%E0%B8%B1%E0%B8%9AHD&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-2YBGSYB8YT&gtm=2oe970&_p=604013221&_gaz=1&cid=196918048.1662840822&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662840821&sct=1&seg=0&dl=https%3A%2F%2F9bar.studio%2F&dt=9bar.studio%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B8%9F%E0%B8%A3%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B9%83%E0%B8%99%E0%B9%84%E0%B8%97%E0%B8%A2%20%E0%B8%AD%E0%B8%B1%E0%B8%9E%E0%B9%80%E0%B8%94%E0%B8%97%E0%B8%97%E0%B8%B8%E0%B8%81%E0%B8%A7%E0%B8%B1%E0%B8%99%20%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B9%84%E0%B8%97%E0%B8%A2%20%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B8%8D%E0%B8%B5%E0%B9%88%E0%B8%9B%E0%B8%B8%E0%B9%88%E0%B8%99%20AV%20%E0%B8%A3%E0%B8%B0%E0%B8%94%E0%B8%B1%E0%B8%9AHD&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-2YBGSYB8YT&gtm=2oe970&_p=604013221&_gaz=1&cid=196918048.1662840822&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662840821&sct=1&seg=0&dl=https%3A%2F%2F9bar.studio%2F&dt=9bar.studio%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B8%9F%E0%B8%A3%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%94%E0%B8%B5%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B9%83%E0%B8%99%E0%B9%84%E0%B8%97%E0%B8%A2%20%E0%B8%AD%E0%B8%B1%E0%B8%9E%E0%B9%80%E0%B8%94%E0%B8%97%E0%B8%97%E0%B8%B8%E0%B8%81%E0%B8%A7%E0%B8%B1%E0%B8%99%20%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B9%84%E0%B8%97%E0%B8%A2%20%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B9%82%E0%B8%9B%E0%B9%8A%E0%B8%8D%E0%B8%B5%E0%B9%88%E0%B8%9B%E0%B8%B8%E0%B9%88%E0%B8%99%20AV%20%E0%B8%A3%E0%B8%B0%E0%B8%94%E0%B8%B1%E0%B8%9AHD&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9bar.studio
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://9bar.studio
date: Sat, 10 Sep 2022 20:13:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9145
Expires: Sat, 10 Sep 2022 22:46:17 GMT
Date: Sat, 10 Sep 2022 20:13:52 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9145
Expires: Sat, 10 Sep 2022 22:46:17 GMT
Date: Sat, 10 Sep 2022 20:13:52 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9145
Expires: Sat, 10 Sep 2022 22:46:17 GMT
Date: Sat, 10 Sep 2022 20:13:52 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8626 bytes)
Hash
2b83fa95ed30533299bc754adaced672
27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af
bc59e5ba6abafd8e7b10d6f8ae2269cbf739a4b28f9cbbf3adfc29a9195e6985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: af5e61ab-4f7b-4b03-8413-5d750b17e0df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj9TH7vIAMFVMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6bb-309144fb6e02564c4fcdb966;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:47 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3gzR4efCGz9QsLoxAMuTUgBAwEc5WdyHBhw_wRPGmfnS9SWm-0vE7w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 07:27:32 GMT
age: 45980
etag: "27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7218 bytes)
Hash
3f8aeb20a6543be83f3e422796c4dc70
4e4e127039dd8099c63c3bde198118d2874f7342
0f9fdd1b577e4719f88620bb451131bfb120790479b4feccb4222647fb3ea453

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7218
x-amzn-requestid: 4e9672b6-5415-4808-9508-22e8c42de448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE_QzHffIAMFYTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318459e-743b975a2770e2a90c616d87;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:17:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dR6KtfbMJzFz0j8zIFUNtdkJHUaerjxWbUyYKBD-jR_uAAvCCty01Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:01:33 GMT
age: 79939
etag: "4e4e127039dd8099c63c3bde198118d2874f7342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8676 bytes)
Hash
e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 79209
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9766 bytes)
Hash
7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HwwG0Hjf8uZn1AtbLU_wKs3w9lict3tRP31XQY6tIxDz9KDNaBMAqw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 04:00:05 GMT
age: 58427
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8266 bytes)
Hash
d21a3e07583d9fad4104b6457f7915e7
fdc9453562f993e2545ca99731a7741e748b6082
8ea38264c82c6b544447079cc92eae70d0968a070ba39022af0e18c498916338

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8266
x-amzn-requestid: 3411ec4b-ac18-4b4e-8876-c99b94d3a4a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWEjhIAMFWpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-4d9e496e7ff141b46748d850;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: vyV1_onImxuLNGp4UI1W5grcuVW3LHJFJjvmO0VXU-OYorF6RVcoDw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:50:11 GMT
age: 80621
etag: "fdc9453562f993e2545ca99731a7741e748b6082"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4477 bytes)
Hash
71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a0AyKhmYA7WPwciU2nTXwyChZV_riw1QsqI_giBIcdZhi3Nz4jM0Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:11 GMT
age: 80081
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
49cffe0343a660d4e315ac58b76b8641
a1aa391f03993b5bdecb5bd7421ef2ccfff3c002
605e4947860ee813b809b866ad646f15cf292924be5a316d02da3afaa1fdcc7c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "605E4947860EE813B809B866AD646F15CF292924BE5A316D02DA3AFAA1FDCC7C"
Last-Modified: Fri, 09 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 11 Sep 2022 02:13:53 GMT
Date: Sat, 10 Sep 2022 20:13:53 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
49cffe0343a660d4e315ac58b76b8641
a1aa391f03993b5bdecb5bd7421ef2ccfff3c002
605e4947860ee813b809b866ad646f15cf292924be5a316d02da3afaa1fdcc7c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "605E4947860EE813B809B866AD646F15CF292924BE5A316D02DA3AFAA1FDCC7C"
Last-Modified: Fri, 09 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Sun, 11 Sep 2022 02:12:57 GMT
Date: Sat, 10 Sep 2022 20:13:53 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
49cffe0343a660d4e315ac58b76b8641
a1aa391f03993b5bdecb5bd7421ef2ccfff3c002
605e4947860ee813b809b866ad646f15cf292924be5a316d02da3afaa1fdcc7c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "605E4947860EE813B809B866AD646F15CF292924BE5A316D02DA3AFAA1FDCC7C"
Last-Modified: Fri, 09 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Sun, 11 Sep 2022 02:13:51 GMT
Date: Sat, 10 Sep 2022 20:13:53 GMT
Connection: keep-alive

aops.9barv.com/9bar/img/social/social_twitter_56o56.png

104.22.55.199

200 OK

2.1 kB

URL HTTP/2
aops.9barv.com/9bar/img/social/social_twitter_56o56.png
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2095 bytes)
Hash
08c87fa12a1185fd17444bbfcfde26d3
cc0b08fc2529cfa29bbb9380c73a26be9d747b08
1734c42b4ddded1329263900a5cae8dcb81a84b2c43d0242ef7ce8255128dba4

HTTP Headers

GET /9bar/img/social/social_twitter_56o56.png HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/png
content-length: 2095
last-modified: Wed, 06 Oct 2021 03:10:52 GMT
etag: "08c87fa12a1185fd17444bbfcfde26d3"
x-amz-version-id: H6eBs_Qv0dMxhnL6eLiFCZkeRDwcxWSH
x-cache: Miss from cloudfront
via: 1.1 973ba1a14b3ee409c424730df6f1e51c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: ZnDBSK4FRFXDmh9MsyAAk-4Pv6XamFIIHsbyk1s8v8E3FpIEHowt0A==
cache-control: max-age=31536000
cf-cache-status: HIT
age: 275315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a78b0fb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aops.9barv.com/9bar/img/slider/slider_signup_10081.jpg

104.22.55.199

200 OK

106 kB

URL HTTP/2
aops.9barv.com/9bar/img/slider/slider_signup_10081.jpg
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1100x490, components 3\012- data
Size
106 kB (106381 bytes)
Hash
ceb6c5133b88be6258ea49c3a3dab67a
a6d9c2facdaf9c8935fd8dfbc4928524253dfc17
7e9766ec224a8d61eaaf8776e4527b70ef5ecfe4333751ea7fb38f4df68ccf1f

HTTP Headers

GET /9bar/img/slider/slider_signup_10081.jpg HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/jpeg
content-length: 106381
cf-bgj: h2pri
etag: "ceb6c5133b88be6258ea49c3a3dab67a"
last-modified: Fri, 08 Oct 2021 04:20:51 GMT
via: 1.1 917c6054ae6e10a98fc566c655129e8a.cloudfront.net (CloudFront)
x-amz-cf-id: CtU258myfT9Qf-a_VBqcmJKNlXCFvfBqkF5ecAJ0yBGmrPODMb9lqg==
x-amz-cf-pop: ARN56-P2
x-cache: Hit from cloudfront
x-amz-version-id: Nly.0OHMxVgga4BwKT0Kj4Z.Brhigwaj
cache-control: max-age=31536000
cf-cache-status: HIT
age: 275315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a78b1cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aops.9barv.com/9bar/img/social/social_tumblr_56o56.png

104.22.55.199

200 OK

1.6 kB

URL HTTP/2
aops.9barv.com/9bar/img/social/social_tumblr_56o56.png
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1647 bytes)
Hash
e221bf350f1d4682d3614b2c2a344d65
cf8c63733e1db5812b3e9d604ea76194c7aa75ed
2091278cb0b7bcb6cfa1ececb296e148aabc5731ab2ed383efacd60bab45b83b

HTTP Headers

GET /9bar/img/social/social_tumblr_56o56.png HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/png
content-length: 1647
last-modified: Wed, 06 Oct 2021 03:10:52 GMT
etag: "e221bf350f1d4682d3614b2c2a344d65"
x-amz-version-id: yopAC7xjkOBDurpAIoCrObsOhr69cAtY
x-cache: Miss from cloudfront
via: 1.1 fedd444eadd43dacc7e53f24b46bddf8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: tIG_DxrzlUG2GSEEtBCrjwmKQnHQcPlcVFKpJk9VcO2RDC8G-CSLlw==
cache-control: max-age=31536000
cf-cache-status: HIT
age: 275315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a79b2bb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aops.9barv.com/9bar/adchange/img/BongaCash/icon/150x150_1.png

104.22.55.199

200 OK

52 kB

URL HTTP/2
aops.9barv.com/9bar/adchange/img/BongaCash/icon/150x150_1.png
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
52 kB (51697 bytes)
Hash
b95f2d0305a055a849d2d7e31f1a42af
7e69a75adc6cb50647f1e37e40fc681115419685
4ed884515d363190ca4cec0af2b72e6b2d266286b5cc791bc6ca9b302727fd84

HTTP Headers

GET /9bar/adchange/img/BongaCash/icon/150x150_1.png HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/png
content-length: 51697
last-modified: Fri, 19 Aug 2022 09:32:14 GMT
etag: "b95f2d0305a055a849d2d7e31f1a42af"
x-amz-version-id: gEsQkTCALG.nB6JDSEf3jAvAfVqEtnUt
x-cache: Hit from cloudfront
via: 1.1 9185d752d6f0456185fc3ff8fe29c34a.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: O-dYGCKSgEJ-OXvpoU6Ejz1KTHxsIT6INamMMcHsC5kVDyCcENAAag==
cache-control: max-age=31536000
cf-cache-status: HIT
age: 167799
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a79b25b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aops.9barv.com/9bar/img/social/social_line_56o56.png

104.22.55.199

200 OK

2.4 kB

URL HTTP/2
aops.9barv.com/9bar/img/social/social_line_56o56.png
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2409 bytes)
Hash
9ad4e13b94591ad3e07328b6d0d3337f
b468c8ea8be9bc0c9208ec943e7f0c65b97fec74
dc5728013d1f54003192135bfd376161b42b7a2e2fcacfc9ddb7a8922e1c9ec6

HTTP Headers

GET /9bar/img/social/social_line_56o56.png HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/png
content-length: 2409
last-modified: Wed, 06 Oct 2021 03:10:51 GMT
etag: "9ad4e13b94591ad3e07328b6d0d3337f"
x-amz-version-id: R07srksvPcPrrGr06gBMdq6VZNJXRRYI
x-cache: Miss from cloudfront
via: 1.1 fdac35835bcf0937b6f910eeac10720e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: k1sJdvQOsdKuqFekjENg4CV0gTR7yLf-xRu3UiKmEYgrZEVRlhSfMg==
cache-control: max-age=31536000
cf-cache-status: HIT
age: 275315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a7ab42b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
49cffe0343a660d4e315ac58b76b8641
a1aa391f03993b5bdecb5bd7421ef2ccfff3c002
605e4947860ee813b809b866ad646f15cf292924be5a316d02da3afaa1fdcc7c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "605E4947860EE813B809B866AD646F15CF292924BE5A316D02DA3AFAA1FDCC7C"
Last-Modified: Fri, 09 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Sun, 11 Sep 2022 02:12:59 GMT
Date: Sat, 10 Sep 2022 20:13:53 GMT
Connection: keep-alive

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
49cffe0343a660d4e315ac58b76b8641
a1aa391f03993b5bdecb5bd7421ef2ccfff3c002
605e4947860ee813b809b866ad646f15cf292924be5a316d02da3afaa1fdcc7c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "605E4947860EE813B809B866AD646F15CF292924BE5A316D02DA3AFAA1FDCC7C"
Last-Modified: Fri, 09 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Sun, 11 Sep 2022 02:12:59 GMT
Date: Sat, 10 Sep 2022 20:13:53 GMT
Connection: keep-alive

aops.9barv.com/9bar/img/slider/slider_join_10011.jpg

104.22.55.199

200 OK

520 kB

URL HTTP/2
aops.9barv.com/9bar/img/slider/slider_join_10011.jpg
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
520 kB (520431 bytes)
Hash
0846f8e8c7e004a895bc89670e620fb5
be8ed625fc984890a75a800cf8ac71ae1c254ac0
b7d1326bbfcd314257453e1714e86e334452b0a1b807a76c18d434fe91e2c9c7

HTTP Headers

GET /9bar/img/slider/slider_join_10011.jpg HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/jpeg
content-length: 507510
cf-bgj: h2pri
etag: "12a75bc0d9c3598655d1f92991b14637"
last-modified: Wed, 06 Oct 2021 02:54:22 GMT
via: 1.1 4bdc4e02725e6de1af31e5bb25800f68.cloudfront.net (CloudFront)
x-amz-cf-id: bBkB_Z6sW_8jMXxACtFCezk_v6C15i1_45Wy7RzHZzbbbtDblx_YSg==
x-amz-cf-pop: ARN54-C1
x-cache: Hit from cloudfront
x-amz-version-id: uy66UToz3_r_zDcKy2nVnnWcvxZlvi16
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a78b1db509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aops.9barv.com/9bar/adchange/img/porndude32x32.png

104.22.55.199

200 OK

3.6 kB

URL HTTP/2
aops.9barv.com/9bar/adchange/img/porndude32x32.png
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.6 kB (3569 bytes)
Hash
46b4da6f25fada36aa2a076da6759c9f
a3ba9d6f2ab0df6bd642246bc532d11e84d7c037
3ca36cb8f0afe3ea2de4a86a50474297e78028ac41730eabfb347d2937589107

HTTP Headers

GET /9bar/adchange/img/porndude32x32.png HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/png
content-length: 1576
last-modified: Fri, 21 Jan 2022 04:35:05 GMT
etag: "e05d03cbbf9dc784d2f4a3ecb4ad6987"
x-amz-version-id: ck6MoEmxGBP0UEB2D9mtJ6a7V0cMT6Ve
x-cache: Miss from cloudfront
via: 1.1 3fcabc15a7f22952dcacfedd3d2b6a14.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: mXfB2NC5QnLwsWEd2HtX4le3gk0ij5aSXe5Ays_HVNj2ulcd71sang==
cache-control: max-age=31536000
cf-cache-status: HIT
age: 275315
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a7cb6cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
49cffe0343a660d4e315ac58b76b8641
a1aa391f03993b5bdecb5bd7421ef2ccfff3c002
605e4947860ee813b809b866ad646f15cf292924be5a316d02da3afaa1fdcc7c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "605E4947860EE813B809B866AD646F15CF292924BE5A316D02DA3AFAA1FDCC7C"
Last-Modified: Fri, 09 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 11 Sep 2022 02:13:53 GMT
Date: Sat, 10 Sep 2022 20:13:53 GMT
Connection: keep-alive

aops.9barv.com/9bar/adchange/img/pay69/1100x490/bbcc_pay69_1100o490_04.gif

104.22.55.199

200 OK

425 kB

URL HTTP/2
aops.9barv.com/9bar/adchange/img/pay69/1100x490/bbcc_pay69_1100o490_04.gif
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1100 x 490\012- data
Size
425 kB (425252 bytes)
Hash
7abfbde23ac351ba2bedc3053cc8c31a
67197e5488570b2c91aeb93d1581f87bf126c639
67ee2b122c6f98776fd951fbc5c773900169956ceea26ac5e0cc1bd6fb1c211b

HTTP Headers

GET /9bar/adchange/img/pay69/1100x490/bbcc_pay69_1100o490_04.gif HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/gif
content-length: 425252
last-modified: Tue, 19 Apr 2022 08:52:13 GMT
etag: "7abfbde23ac351ba2bedc3053cc8c31a"
x-amz-version-id: K6Zk3GCyZjF6Ckg0_R3ZUDEdQ8ePZQt5
x-cache: Hit from cloudfront
via: 1.1 6e0da02f02a5cb102417e895dead977a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 0YhySZmYdIwYvlzlGNuhqc0JIbNInP1XTmE25pHy9FhSszQYNR9Saw==
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a78b1ab509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

aops.9barv.com/9bar/adchange/img/pay69/1100x490/bbcc_pay69_1100o490_08.jpg

104.22.55.199

200 OK

172 kB

URL HTTP/2
aops.9barv.com/9bar/adchange/img/pay69/1100x490/bbcc_pay69_1100o490_08.jpg
IP
104.22.55.199:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2200x980, components 3\012- data
Size
172 kB (171608 bytes)
Hash
7e5a5f2c1075d4887aea5b910ed177d4
3db29750dc33d7995635d15fa2264daaca6b6efb
c62488700e786532e4be4cd70ed2b942f496f3d7cc613811443dd07783dd256f

HTTP Headers

GET /9bar/adchange/img/pay69/1100x490/bbcc_pay69_1100o490_08.jpg HTTP/1.1
Host: aops.9barv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:53 GMT
content-type: image/jpeg
content-length: 171608
cf-bgj: h2pri
etag: "7e5a5f2c1075d4887aea5b910ed177d4"
last-modified: Tue, 26 Apr 2022 09:48:20 GMT
via: 1.1 471577f2b3efe669f21e138a1621a8ca.cloudfront.net (CloudFront)
x-amz-cf-id: D1e1gC_UskYwgQAdQc3lm4haGB2MFqApFrKcIwVBurP6t00kr0LY7g==
x-amz-cf-pop: ARN56-P2
x-cache: Miss from cloudfront
x-amz-version-id: uF1R6tx2Cj4SSCo9Z3l90aCxHWwHrKir
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 748ad3a78b19b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
44d8f6e9e4d94d1b7702d0709cbace42
ae33719736a1d61227861722dd351e60b47a5d97
bea9a96fb0a44aeae6ff36ddfd208b8202c9071f1ea0c249873fe367351f0406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEA9A96FB0A44AEAE6FF36DDFD208B8202C9071F1EA0C249873FE367351F0406"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Sun, 11 Sep 2022 02:13:02 GMT
Date: Sat, 10 Sep 2022 20:13:53 GMT
Connection: keep-alive

negationsome.com/df2fb6f89fec3719616ec21c6d988481/invoke.js

192.243.59.12

200 OK

27 kB

URL HTTP/1.1
negationsome.com/df2fb6f89fec3719616ec21c6d988481/invoke.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
27 kB (26629 bytes)
Hash
2cd86b970209da5f8331401cfa0840f0
b3f80c3948c4c506b54f2ee0808542382d3cb349
658f78524e20068d3e74135b70aabede43824c657039a28e2f66371e6067cf3e

HTTP Headers

GET /df2fb6f89fec3719616ec21c6d988481/invoke.js HTTP/1.1
Host: negationsome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 20:13:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87db271e46cb500a93ae1c9476297816
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5ada5a3460ccb735aad6c923c1abfb02
105c3e13eac9750088629e1c200794b102c48e4d
503713d1d8dfca76a5efc81db761b240cee2fd8d832225be9f00efe6332dccc4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 20:13:54 GMT
Last-Modified: Sat, 10 Sep 2022 18:59:24 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gSTk2Han2H7ri-8GbfGXfPTThIgZLtSaE5DvTKKTtPmLxqeFgYB0xg==
Age: 4470

simplewebanalysis.com/stats

52.59.153.168

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.59.153.168:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
f2e6d59c6ef07abcfedf2d3a1baaecb8
8f668af112be880db07973f4ab58aecf7d6348f6
0d883d38a6821dd5d51b638a352ff4f1de520a5ec8b4e4ff707f356f2ead1fb9

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9bar.studio
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://9bar.studio
access-control-allow-credentials: true
set-cookie: uid_id2=410e9b61-f0e8-4ff2-9a02-f5d5de3f1a5a:1:1; expires=Tue, 07 Sep 2032 20:13:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc14d6088231eaff89c1a7ee72fa469c
01e3899ad26b7a14500509f6bf632d2ae4684195
44c31461b01b40d61a2489d404ccdb956aca524b11be849f7ce35875fa144e93

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44C31461B01B40D61A2489D404CCDB956ACA524B11BE849F7CE35875FA144E93"
Last-Modified: Fri, 09 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Sat, 10 Sep 2022 22:03:26 GMT
Date: Sat, 10 Sep 2022 20:13:54 GMT
Connection: keep-alive

cuesingle.com/ntv.json?key=df2fb6f89fec3719616ec21c6d988481&vstc=4

192.243.59.12

200 OK

17 kB

URL HTTP/1.1
cuesingle.com/ntv.json?key=df2fb6f89fec3719616ec21c6d988481&vstc=4
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (17126), with no line terminators
Size
17 kB (17131 bytes)
Hash
9b1d295d60f2cc16262a9c3959317dc6
c504371715cd7e728a0c9dbcd0a5303a004077c3
d2b851f1678ea766db811dd9e9eb825cad1338c55c2610d06003ecf232860cd5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ntv.json?key=df2fb6f89fec3719616ec21c6d988481&vstc=4 HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9bar.studio
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 20:13:54 GMT
Content-Type: application/json
Content-Length: 17131
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://9bar.studio
Access-Control-Allow-Origin: https://9bar.studio
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17008214; expires=Sun, 11 Sep 2022 20:13:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 11 Sep 2022 20:13:54 GMT; secure; SameSite=None
uncs=1; expires=Sun, 11 Sep 2022 20:13:54 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sun, 11 Sep 2022 20:13:54 GMT; secure; SameSite=None
uncs49=1; expires=Sun, 11 Sep 2022 20:13:54 GMT; secure; SameSite=None
nlecdf2fb6f89fec3719616ec21c6d988481=[3262652,3262677,3262651,3637745]; expires=Sat, 10 Sep 2022 20:13:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae5fd2fdb597ab6bf54a7bfd95b87b13
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a1543fa75949583b4223a1d3f0f8b937
fe06a05582a0cdc1cde39f17fac440a1d43495ab
46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4805
Expires: Sat, 10 Sep 2022 21:33:59 GMT
Date: Sat, 10 Sep 2022 20:13:54 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a1543fa75949583b4223a1d3f0f8b937
fe06a05582a0cdc1cde39f17fac440a1d43495ab
46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4805
Expires: Sat, 10 Sep 2022 21:33:59 GMT
Date: Sat, 10 Sep 2022 20:13:54 GMT
Connection: keep-alive

cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTgYRvajsZVFkjgoy6e6Z9My4h8UYI8G42R%2F%2Bukl1VfeknJqupqprepJT1sVl8SBz8KKnzjfJBt1F9LagLjJZ1BAQMughB%2FMPeFGEPUuPwXEf9Hvv6%2B87fO%2B9urljT4kLS0%2BW31RbQkq6sFhzqy%2B853kXqmsisYPqoBW8HzQuVHX%2F5XZQc1%2Bsvh6xrlrwXc91PderrggdxWqwUJIQ6d22V2u7tYZf8xYbGOhHsbEODHXA%2B6fkGQg%2BqTxwzkGwMZLe18uR6WYqfem1npU0Uxp9vv920k1UnqA3a2PtIE72z9RQ5njlPlSyN7UL1f9PGIoJcX66jzDZPzOJsL879RlKRAlC%2FiTy%2FhiRHEPQMZi6AcGPCcA4Lq0j6d2%2BpHRON%2F9laclOSOXh3xD5hFR%2BP4ek99WSFIPqNSVtJlRiMIgLiMEYojNGag%2BQbc1B5Adg2YcQ%2FBey8HANSW933UgFwYvp7EKMIeIxZDQENQ5s%2BQkHNnZgUwc9flJlnuc1Xc6o22ozVufNKAy469Fm7FHPDVqwrLQ3RJYOweQQTG8j1dvoiiG0%2FQFmo4DhDkw2Ic6VbfR5gTwiyA1BTglyQZBnBHm%2F2OPS%2BKa4zaWxoXdW%2FbNaL0Yq6%2BzQPZV1ooTspKfk6XIvzvzNd9CNTqo89uMwiFvtOGL1ptcOvCBivscC3m61Gi0PRhQQZm466paYkGfXDpGKCXlM%2FYiQHsDIAzDxFKj1QPNR03dBN0aNlout5E47pLpmMsuFAlcF0qyCbNPZkafk%2FPQ83s%2FfIWJHFz%2B5d%2BWPj56%2FB6YLpLrAB%2BIBQUfeGl1VOdm9qnJDvllPM9ETW7Q83bWMZtH8l29Em7nSfHXZDL94hZVE2d59KzLZGk24SDqG3FkSnEd6RWkWke9XzbtReNmajSWrE5uuXX51ZbWX6sgYoZIxqDjuXgcTE%2FJ4%2F9fpmzz%2F8SGEHkPbAj17RM4CQh2Apdsw6cy9UfPQcqYJUwe5LUbaD2c%2FpSCQ0QzTsID5Hw5n%2FY65hY72QbMbSHoF%2BrpAXxagcghjnxhlqT66ePhZGZ8jlJVRKHVlN5RafjpdbZl%2BK9O3E9K8%2FheMOKk263WXBu1Fr9mkUTNs%2BK048DilfiPwg4DWkZkJe%2B7PuX8AAAD%2F%2FwEAAP%2F%2F4QS6120EAAA%3D

192.243.59.12

200 OK

7 B

URL HTTP/1.1
cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTgYRvajsZVFkjgoy6e6Z9My4h8UYI8G42R%2F%2Bukl1VfeknJqupqprepJT1sVl8SBz8KKnzjfJBt1F9LagLjJZ1BAQMughB%2FMPeFGEPUuPwXEf9Hvv6%2B87fO%2B9urljT4kLS0%2BW31RbQkq6sFhzqy%2B853kXqmsisYPqoBW8HzQuVHX%2F5XZQc1%2Bsvh6xrlrwXc91PderrggdxWqwUJIQ6d22V2u7tYZf8xYbGOhHsbEODHXA%2B6fkGQg%2BqTxwzkGwMZLe18uR6WYqfem1npU0Uxp9vv920k1UnqA3a2PtIE72z9RQ5njlPlSyN7UL1f9PGIoJcX66jzDZPzOJsL879RlKRAlC%2FiTy%2FhiRHEPQMZi6AcGPCcA4Lq0j6d2%2BpHRON%2F9laclOSOXh3xD5hFR%2BP4ek99WSFIPqNSVtJlRiMIgLiMEYojNGag%2BQbc1B5Adg2YcQ%2FBey8HANSW933UgFwYvp7EKMIeIxZDQENQ5s%2BQkHNnZgUwc9flJlnuc1Xc6o22ozVufNKAy469Fm7FHPDVqwrLQ3RJYOweQQTG8j1dvoiiG0%2FQFmo4DhDkw2Ic6VbfR5gTwiyA1BTglyQZBnBHm%2F2OPS%2BKa4zaWxoXdW%2FbNaL0Yq6%2BzQPZV1ooTspKfk6XIvzvzNd9CNTqo89uMwiFvtOGL1ptcOvCBivscC3m61Gi0PRhQQZm466paYkGfXDpGKCXlM%2FYiQHsDIAzDxFKj1QPNR03dBN0aNlout5E47pLpmMsuFAlcF0qyCbNPZkafk%2FPQ83s%2FfIWJHFz%2B5d%2BWPj56%2FB6YLpLrAB%2BIBQUfeGl1VOdm9qnJDvllPM9ETW7Q83bWMZtH8l29Em7nSfHXZDL94hZVE2d59KzLZGk24SDqG3FkSnEd6RWkWke9XzbtReNmajSWrE5uuXX51ZbWX6sgYoZIxqDjuXgcTE%2FJ4%2F9fpmzz%2F8SGEHkPbAj17RM4CQh2Apdsw6cy9UfPQcqYJUwe5LUbaD2c%2FpSCQ0QzTsID5Hw5n%2FY65hY72QbMbSHoF%2BrpAXxagcghjnxhlqT66ePhZGZ8jlJVRKHVlN5RafjpdbZl%2BK9O3E9K8%2FheMOKk263WXBu1Fr9mkUTNs%2BK048DilfiPwg4DWkZkJe%2B7PuX8AAAD%2F%2FwEAAP%2F%2F4QS6120EAAA%3D
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTgYRvajsZVFkjgoy6e6Z9My4h8UYI8G42R%2F%2Bukl1VfeknJqupqprepJT1sVl8SBz8KKnzjfJBt1F9LagLjJZ1BAQMughB%2FMPeFGEPUuPwXEf9Hvv6%2B87fO%2B9urljT4kLS0%2BW31RbQkq6sFhzqy%2B853kXqmsisYPqoBW8HzQuVHX%2F5XZQc1%2Bsvh6xrlrwXc91PderrggdxWqwUJIQ6d22V2u7tYZf8xYbGOhHsbEODHXA%2B6fkGQg%2BqTxwzkGwMZLe18uR6WYqfem1npU0Uxp9vv920k1UnqA3a2PtIE72z9RQ5njlPlSyN7UL1f9PGIoJcX66jzDZPzOJsL879RlKRAlC%2FiTy%2FhiRHEPQMZi6AcGPCcA4Lq0j6d2%2BpHRON%2F9laclOSOXh3xD5hFR%2BP4ek99WSFIPqNSVtJlRiMIgLiMEYojNGag%2BQbc1B5Adg2YcQ%2FBey8HANSW933UgFwYvp7EKMIeIxZDQENQ5s%2BQkHNnZgUwc9flJlnuc1Xc6o22ozVufNKAy469Fm7FHPDVqwrLQ3RJYOweQQTG8j1dvoiiG0%2FQFmo4DhDkw2Ic6VbfR5gTwiyA1BTglyQZBnBHm%2F2OPS%2BKa4zaWxoXdW%2FbNaL0Yq6%2BzQPZV1ooTspKfk6XIvzvzNd9CNTqo89uMwiFvtOGL1ptcOvCBivscC3m61Gi0PRhQQZm466paYkGfXDpGKCXlM%2FYiQHsDIAzDxFKj1QPNR03dBN0aNlout5E47pLpmMsuFAlcF0qyCbNPZkafk%2FPQ83s%2FfIWJHFz%2B5d%2BWPj56%2FB6YLpLrAB%2BIBQUfeGl1VOdm9qnJDvllPM9ETW7Q83bWMZtH8l29Em7nSfHXZDL94hZVE2d59KzLZGk24SDqG3FkSnEd6RWkWke9XzbtReNmajSWrE5uuXX51ZbWX6sgYoZIxqDjuXgcTE%2FJ4%2F9fpmzz%2F8SGEHkPbAj17RM4CQh2Apdsw6cy9UfPQcqYJUwe5LUbaD2c%2FpSCQ0QzTsID5Hw5n%2FY65hY72QbMbSHoF%2BrpAXxagcghjnxhlqT66ePhZGZ8jlJVRKHVlN5RafjpdbZl%2BK9O3E9K8%2FheMOKk263WXBu1Fr9mkUTNs%2BK048DilfiPwg4DWkZkJe%2B7PuX8AAAD%2F%2FwEAAP%2F%2F4QS6120EAAA%3D HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Cookie: u_pl=17008214; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecdf2fb6f89fec3719616ec21c6d988481=[3262652,3262677,3262651,3637745]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 20:13:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9103a51915b41ac6e9c96b5a48d2472
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/41/43/92/414392f786f321adac19c50c7ac3d316/1646333163.jpg

45.133.44.10

200 OK

36 kB

URL HTTP/2
cdn.cloudimagesb.com/si/41/43/92/414392f786f321adac19c50c7ac3d316/1646333163.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 555x416, components 3\012- data
Size
36 kB (35641 bytes)
Hash
7b8e2bc74a3caa5e56d4b81d7948ccfa
27789384b54882716711bd497a287a5fe015569b
aadd2e7eee0e3daed2bf3f8aecca664971b89b201b9116ece129f5c786c230eb

HTTP Headers

GET /si/41/43/92/414392f786f321adac19c50c7ac3d316/1646333163.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:55 GMT
content-type: image/jpeg
content-length: 35641
server: nginx/1.17.6
last-modified: Thu, 03 Mar 2022 18:46:11 GMT
etag: "62210cf3-8b39"
expires: Mon, 12 Sep 2022 20:13:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg

45.133.44.10

200 OK

21 kB

URL HTTP/2
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
21 kB (20566 bytes)
Hash
8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919

HTTP Headers

GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:55 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.17.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Mon, 12 Sep 2022 20:13:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/40/10/fc/4010fc193ad35fbbc2adbb9248bd94e3/1646333155.jpg

45.133.44.10

200 OK

43 kB

URL HTTP/2
cdn.cloudimagesb.com/si/40/10/fc/4010fc193ad35fbbc2adbb9248bd94e3/1646333155.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 580x435, components 3\012- data
Size
43 kB (42903 bytes)
Hash
aaed1f28f7895b8e120ff16ff720cb9b
b5bb819c46db891bde121b61e96d7972ab6fd80b
95b978c133b25457f9d36fc6b397f33ef38abeff710d5433fb600f2a73714bc7

HTTP Headers

GET /si/40/10/fc/4010fc193ad35fbbc2adbb9248bd94e3/1646333155.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:55 GMT
content-type: image/jpeg
content-length: 42903
server: nginx/1.17.6
last-modified: Thu, 03 Mar 2022 18:46:02 GMT
etag: "62210cea-a797"
expires: Mon, 12 Sep 2022 20:13:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/8e/ac/41/8eac411f0e2d57865a1c7cb213a4e853/1646333286.jpg

45.133.44.10

200 OK

80 kB

URL HTTP/2
cdn.cloudimagesb.com/si/8e/ac/41/8eac411f0e2d57865a1c7cb213a4e853/1646333286.jpg
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 520x350, components 3\012- data
Size
80 kB (79968 bytes)
Hash
f74eb7e867be9c3915808bf02dd9a2de
0e43b8b7744449d6af1aa62c7e02dfca1d223153
27ecd147b3ef6b985e28fe288d474cd0d4f6fc586daa11331502a38f4e4f1a57

HTTP Headers

GET /si/8e/ac/41/8eac411f0e2d57865a1c7cb213a4e853/1646333286.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:55 GMT
content-type: image/jpeg
content-length: 76271
server: nginx/1.17.6
last-modified: Thu, 03 Mar 2022 18:48:16 GMT
etag: "62210d70-129ef"
expires: Mon, 12 Sep 2022 20:13:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSebSyE4AKolwqEfAQJObtrd23TQ0UJQRGh6Q9%2B3dDszKwzeLyzmtnxOjmlVFQVB%2BQDFzhtPieNoBWCWyWgQk4FrSIhxYJDDuQf4AJC6hnZRBieNPPem%2B87fO97c2PbHRMfjh4tvak3pVJ08WzNr77wXhCcq67K1A2qg1b0ftQ4VzX9l9tRzX%2Bx%2BrpgXb0Y%2BoHvB35QXZZGJHqwOAUhszvtoNb2a42wFpxtYGD%2B31vnwVIPvH9MnoHkk8p97zQkGyPtfb0kbDfX2Uuv9ZyiuTbo8723026qixS9eZkYD0m6d8KGtofL96DT3Zlc6P6%2FxFhOiPfTPcTp3olIxP2dmc5YQaSI%2BZMo%2BmMINYakYzB9HZIfEoBxXFxD2rt1UZuCbvyD0ik6IZVHf0EWE1L57TTS3lcXlBxUr2rlcqlTi0FSQg7GkJ0xMrePfPMUZLEPln8IyX8mi49WkfZ21qzSkLyczS7lGDIZQ4khqPXgpkd6cIkHl3no8aMqC4Kg6XNG%2FVabsTpvijjifkCbSUADP2rBsam8IfJsCKaGYGYLmdlCVw5h3A%2Bw6yUs92DzCfEub6HPSxSCoLAEBSUoJEGRExT9cpcrG9ryFlfWxcFJDk9yvRzpvLNNd3XeESnZzo7J01NfvIUb76Arjqo8CZM4SlrtRLB6M2hHQSRYGLCIt1utRiuAlSWkPTUbdVNOyLOrD5HJCXlM%2F4iY7sOqfTD5FKgLQItRM%2FRB10eNlo%2FN9HY7pqZmc8elBtclsryCfMPbVsfkzGw9wYNvIdjB%2BU%2FuXv79o%2BfvgpkSmSnxgbxP0FE3R1d0QXau6MKSb9ayXPbkJp2u7mpOc7Hw5Rtio9CGryzZ4RevsCkwLe%2B8JWy%2BSlMu044lty9IzoVZ1oYJ8v2KfVfEl5xdv%2BBM6rLVS68ur%2FQyI6yVOh2DysPuNTA5IY%2F3f5n9yTMfP4A0YxhXoucOyElA6n2wbAs2m6u3egFGzTlxtoDClSMTxvNHJQmUmPc0LmH%2F08fzetveRMeEoPl1pL0SfVOir0pQNYR1T4zyzBycf%2FjZND5HrCqjWJnKTqyM%2BnRq7XfT69eZyRPSvPYnrDyqNut1n0bts0GzSUUzboStJAo4pWEjCqOI1pHbCXvuj1N%2FAwAA%2F%2F8BAAD%2F%2F1uXhK9tBAAA

192.243.59.12

200 OK

753 B

URL HTTP/1.1
cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSebSyE4AKolwqEfAQJObtrd23TQ0UJQRGh6Q9%2B3dDszKwzeLyzmtnxOjmlVFQVB%2BQDFzhtPieNoBWCWyWgQk4FrSIhxYJDDuQf4AJC6hnZRBieNPPem%2B87fO97c2PbHRMfjh4tvak3pVJ08WzNr77wXhCcq67K1A2qg1b0ftQ4VzX9l9tRzX%2Bx%2BrpgXb0Y%2BoHvB35QXZZGJHqwOAUhszvtoNb2a42wFpxtYGD%2B31vnwVIPvH9MnoHkk8p97zQkGyPtfb0kbDfX2Uuv9ZyiuTbo8723026qixS9eZkYD0m6d8KGtofL96DT3Zlc6P6%2FxFhOiPfTPcTp3olIxP2dmc5YQaSI%2BZMo%2BmMINYakYzB9HZIfEoBxXFxD2rt1UZuCbvyD0ik6IZVHf0EWE1L57TTS3lcXlBxUr2rlcqlTi0FSQg7GkJ0xMrePfPMUZLEPln8IyX8mi49WkfZ21qzSkLyczS7lGDIZQ4khqPXgpkd6cIkHl3no8aMqC4Kg6XNG%2FVabsTpvijjifkCbSUADP2rBsam8IfJsCKaGYGYLmdlCVw5h3A%2Bw6yUs92DzCfEub6HPSxSCoLAEBSUoJEGRExT9cpcrG9ryFlfWxcFJDk9yvRzpvLNNd3XeESnZzo7J01NfvIUb76Arjqo8CZM4SlrtRLB6M2hHQSRYGLCIt1utRiuAlSWkPTUbdVNOyLOrD5HJCXlM%2F4iY7sOqfTD5FKgLQItRM%2FRB10eNlo%2FN9HY7pqZmc8elBtclsryCfMPbVsfkzGw9wYNvIdjB%2BU%2FuXv79o%2BfvgpkSmSnxgbxP0FE3R1d0QXau6MKSb9ayXPbkJp2u7mpOc7Hw5Rtio9CGryzZ4RevsCkwLe%2B8JWy%2BSlMu044lty9IzoVZ1oYJ8v2KfVfEl5xdv%2BBM6rLVS68ur%2FQyI6yVOh2DysPuNTA5IY%2F3f5n9yTMfP4A0YxhXoucOyElA6n2wbAs2m6u3egFGzTlxtoDClSMTxvNHJQmUmPc0LmH%2F08fzetveRMeEoPl1pL0SfVOir0pQNYR1T4zyzBycf%2FjZND5HrCqjWJnKTqyM%2BnRq7XfT69eZyRPSvPYnrDyqNut1n0bts0GzSUUzboStJAo4pWEjCqOI1pHbCXvuj1N%2FAwAA%2F%2F8BAAD%2F%2F1uXhK9tBAAA
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
753 B (753 bytes)
Hash
8d134f71fdf8c3ffa33e1ff4727f41bd
fa0bb5b011330e5d1baa5f966a3fba77b37a9662
6b97e691e5b37e026eb29dcded19cdeca346784074b78723d17925ac2bee3434

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSebSyE4AKolwqEfAQJObtrd23TQ0UJQRGh6Q9%2B3dDszKwzeLyzmtnxOjmlVFQVB%2BQDFzhtPieNoBWCWyWgQk4FrSIhxYJDDuQf4AJC6hnZRBieNPPem%2B87fO97c2PbHRMfjh4tvak3pVJ08WzNr77wXhCcq67K1A2qg1b0ftQ4VzX9l9tRzX%2Bx%2BrpgXb0Y%2BoHvB35QXZZGJHqwOAUhszvtoNb2a42wFpxtYGD%2B31vnwVIPvH9MnoHkk8p97zQkGyPtfb0kbDfX2Uuv9ZyiuTbo8723026qixS9eZkYD0m6d8KGtofL96DT3Zlc6P6%2FxFhOiPfTPcTp3olIxP2dmc5YQaSI%2BZMo%2BmMINYakYzB9HZIfEoBxXFxD2rt1UZuCbvyD0ik6IZVHf0EWE1L57TTS3lcXlBxUr2rlcqlTi0FSQg7GkJ0xMrePfPMUZLEPln8IyX8mi49WkfZ21qzSkLyczS7lGDIZQ4khqPXgpkd6cIkHl3no8aMqC4Kg6XNG%2FVabsTpvijjifkCbSUADP2rBsam8IfJsCKaGYGYLmdlCVw5h3A%2Bw6yUs92DzCfEub6HPSxSCoLAEBSUoJEGRExT9cpcrG9ryFlfWxcFJDk9yvRzpvLNNd3XeESnZzo7J01NfvIUb76Arjqo8CZM4SlrtRLB6M2hHQSRYGLCIt1utRiuAlSWkPTUbdVNOyLOrD5HJCXlM%2F4iY7sOqfTD5FKgLQItRM%2FRB10eNlo%2FN9HY7pqZmc8elBtclsryCfMPbVsfkzGw9wYNvIdjB%2BU%2FuXv79o%2BfvgpkSmSnxgbxP0FE3R1d0QXau6MKSb9ayXPbkJp2u7mpOc7Hw5Rtio9CGryzZ4RevsCkwLe%2B8JWy%2BSlMu044lty9IzoVZ1oYJ8v2KfVfEl5xdv%2BBM6rLVS68ur%2FQyI6yVOh2DysPuNTA5IY%2F3f5n9yTMfP4A0YxhXoucOyElA6n2wbAs2m6u3egFGzTlxtoDClSMTxvNHJQmUmPc0LmH%2F08fzetveRMeEoPl1pL0SfVOir0pQNYR1T4zyzBycf%2FjZND5HrCqjWJnKTqyM%2BnRq7XfT69eZyRPSvPYnrDyqNut1n0bts0GzSUUzboStJAo4pWEjCqOI1pHbCXvuj1N%2FAwAA%2F%2F8BAAD%2F%2F1uXhK9tBAAA HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Cookie: u_pl=17008214; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecdf2fb6f89fec3719616ec21c6d988481=[3262652,3262677,3262651,3637745]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 20:13:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b9876988b89cab6203fae49a07b23048
Strict-Transport-Security: max-age=0; includeSubdomains

cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdP84KcuVGYjftDLGZBOVXWnuttZBGOMBONkPvxaCPLqvarOM6%2FrFe%2FV6%2BpkFR0cZqW9cKOryulkgk4Q3Q2og1QGdQgIaXCRhfkH3CjirKV6gtELde89dc7i3HvfjS17TFxYerTwmtoQUtKZ2YZbP%2F%2B2512sL4vEDuvDTvBu0LpY14MXukHDvVB%2FJWJrasZ3Pdf1XK%2B%2BKHQUq%2BFMRUKke12v0XUbLb%2FhzbYw1P%2FFxjow1AEfHJMnIfikds85B8FKJP2vFiKzlqn0%2BZf7VtJMaQz47hvJWqLyBP3TNtYO4mT3RA1lDhfvQiU7U7tQg3%2BEoZgQ58e7CJPdE5MIB9tTn6FElCDkjyIflIhkCUFLMHUdgh8SgHFcWkHSv3VJ6ZyuP2RpxU5I7cGfEPmE1H49h6T%2F5bwUw%2Fo1JW0mVGIwjAuIYQnRK5HafWQbZyDyfbDsAwj%2BM5l5sIykv71ipILgxXR2IUqIuISMRqDGga0%2B4cDGDmzqoM%2BP6szzvLbLGXU7XcaavB2FAXc92o496rlBB5ZV9kbI0hGYHIHpTaR6E2tiBG2%2Fh1ktYLgDk02Ic2UTA14gjwhyQ5BTglwQ5BlBPih2uDS%2BKW5xaWzonVT%2FpDaLscp6W3RHZb0oIVvpMXmi2otz9sabWIuO6jz24zCIO904Ys221w28IGK%2BxwLe7XRaHQ9GFBDmzHTUDTEhTy%2FfRyom5H%2FqB4R0H0bug4nHQa0Hmo%2Fbvgu6Om51XGwkt7sh1Q2TWS4UuCqQZjVk686WPCZPTc%2FTfv8PROxgbu%2F8X%2BXH71wA0wVSXeA9cY%2BgJ2%2BOr6qcbF9VuSFfr6SZ6IsNWp3uWkaz6OwXr0brudJ8acGMPn%2BRVUTV7r0emWyZJlwkPUNuzwvOI72oNIvId0vmrSi8bM3qvNWJTZcvv7S41E91ZIxQSQkqDh8rwcSE%2FP9gYfomn11chdAltC3QtwfkJCDUPli6CZMezH1058pvHz53B0adhZanmjCtIbfFWPvh6U8pCGR0imlYwPwLh6f9lrmJnvZBs%2BtI%2BgUGusBAFqByBGMfGWepPpi7%2F2kVnyGUtXEodW07lFp%2BMiHeT99W6ZcqffNw00Yc1dvNpkuD7qzXbtOoHbb8Thx4nFK%2FFfhBQJvIzIQ98%2FuZvwEAAP%2F%2FAQAA%2F%2F%2F4dRK1bQQAAA%3D%3D

192.243.59.12

200 OK

4.8 kB

URL HTTP/1.1
cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdP84KcuVGYjftDLGZBOVXWnuttZBGOMBONkPvxaCPLqvarOM6%2FrFe%2FV6%2BpkFR0cZqW9cKOryulkgk4Q3Q2og1QGdQgIaXCRhfkH3CjirKV6gtELde89dc7i3HvfjS17TFxYerTwmtoQUtKZ2YZbP%2F%2B2512sL4vEDuvDTvBu0LpY14MXukHDvVB%2FJWJrasZ3Pdf1XK%2B%2BKHQUq%2BFMRUKke12v0XUbLb%2FhzbYw1P%2FFxjow1AEfHJMnIfikds85B8FKJP2vFiKzlqn0%2BZf7VtJMaQz47hvJWqLyBP3TNtYO4mT3RA1lDhfvQiU7U7tQg3%2BEoZgQ58e7CJPdE5MIB9tTn6FElCDkjyIflIhkCUFLMHUdgh8SgHFcWkHSv3VJ6ZyuP2RpxU5I7cGfEPmE1H49h6T%2F5bwUw%2Fo1JW0mVGIwjAuIYQnRK5HafWQbZyDyfbDsAwj%2BM5l5sIykv71ipILgxXR2IUqIuISMRqDGga0%2B4cDGDmzqoM%2BP6szzvLbLGXU7XcaavB2FAXc92o496rlBB5ZV9kbI0hGYHIHpTaR6E2tiBG2%2Fh1ktYLgDk02Ic2UTA14gjwhyQ5BTglwQ5BlBPih2uDS%2BKW5xaWzonVT%2FpDaLscp6W3RHZb0oIVvpMXmi2otz9sabWIuO6jz24zCIO904Ys221w28IGK%2BxwLe7XRaHQ9GFBDmzHTUDTEhTy%2FfRyom5H%2FqB4R0H0bug4nHQa0Hmo%2Fbvgu6Om51XGwkt7sh1Q2TWS4UuCqQZjVk686WPCZPTc%2FTfv8PROxgbu%2F8X%2BXH71wA0wVSXeA9cY%2BgJ2%2BOr6qcbF9VuSFfr6SZ6IsNWp3uWkaz6OwXr0brudJ8acGMPn%2BRVUTV7r0emWyZJlwkPUNuzwvOI72oNIvId0vmrSi8bM3qvNWJTZcvv7S41E91ZIxQSQkqDh8rwcSE%2FP9gYfomn11chdAltC3QtwfkJCDUPli6CZMezH1058pvHz53B0adhZanmjCtIbfFWPvh6U8pCGR0imlYwPwLh6f9lrmJnvZBs%2BtI%2BgUGusBAFqByBGMfGWepPpi7%2F2kVnyGUtXEodW07lFp%2BMiHeT99W6ZcqffNw00Yc1dvNpkuD7qzXbtOoHbb8Thx4nFK%2FFfhBQJvIzIQ98%2FuZvwEAAP%2F%2FAQAA%2F%2F%2F4dRK1bQQAAA%3D%3D
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
4.8 kB (4804 bytes)
Hash
dc0ee5caf0e0f01b9d45ca164150daa9
00d40046233206e68a4d706561b5f3fc536ba371
bd02177caf5720c952a039a0f66967db857957bd6751c91fb10e5e4881ea25b5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdP84KcuVGYjftDLGZBOVXWnuttZBGOMBONkPvxaCPLqvarOM6%2FrFe%2FV6%2BpkFR0cZqW9cKOryulkgk4Q3Q2og1QGdQgIaXCRhfkH3CjirKV6gtELde89dc7i3HvfjS17TFxYerTwmtoQUtKZ2YZbP%2F%2B2512sL4vEDuvDTvBu0LpY14MXukHDvVB%2FJWJrasZ3Pdf1XK%2B%2BKHQUq%2BFMRUKke12v0XUbLb%2FhzbYw1P%2FFxjow1AEfHJMnIfikds85B8FKJP2vFiKzlqn0%2BZf7VtJMaQz47hvJWqLyBP3TNtYO4mT3RA1lDhfvQiU7U7tQg3%2BEoZgQ58e7CJPdE5MIB9tTn6FElCDkjyIflIhkCUFLMHUdgh8SgHFcWkHSv3VJ6ZyuP2RpxU5I7cGfEPmE1H49h6T%2F5bwUw%2Fo1JW0mVGIwjAuIYQnRK5HafWQbZyDyfbDsAwj%2BM5l5sIykv71ipILgxXR2IUqIuISMRqDGga0%2B4cDGDmzqoM%2BP6szzvLbLGXU7XcaavB2FAXc92o496rlBB5ZV9kbI0hGYHIHpTaR6E2tiBG2%2Fh1ktYLgDk02Ic2UTA14gjwhyQ5BTglwQ5BlBPih2uDS%2BKW5xaWzonVT%2FpDaLscp6W3RHZb0oIVvpMXmi2otz9sabWIuO6jz24zCIO904Ys221w28IGK%2BxwLe7XRaHQ9GFBDmzHTUDTEhTy%2FfRyom5H%2FqB4R0H0bug4nHQa0Hmo%2Fbvgu6Om51XGwkt7sh1Q2TWS4UuCqQZjVk686WPCZPTc%2FTfv8PROxgbu%2F8X%2BXH71wA0wVSXeA9cY%2BgJ2%2BOr6qcbF9VuSFfr6SZ6IsNWp3uWkaz6OwXr0brudJ8acGMPn%2BRVUTV7r0emWyZJlwkPUNuzwvOI72oNIvId0vmrSi8bM3qvNWJTZcvv7S41E91ZIxQSQkqDh8rwcSE%2FP9gYfomn11chdAltC3QtwfkJCDUPli6CZMezH1058pvHz53B0adhZanmjCtIbfFWPvh6U8pCGR0imlYwPwLh6f9lrmJnvZBs%2BtI%2BgUGusBAFqByBGMfGWepPpi7%2F2kVnyGUtXEodW07lFp%2BMiHeT99W6ZcqffNw00Yc1dvNpkuD7qzXbtOoHbb8Thx4nFK%2FFfhBQJvIzIQ98%2FuZvwEAAP%2F%2FAQAA%2F%2F%2F4dRK1bQQAAA%3D%3D HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Cookie: u_pl=17008214; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecdf2fb6f89fec3719616ec21c6d988481=[3262652,3262677,3262651,3637745]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 20:13:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46334d80cd96a6c347421d1fd2738ac8
Strict-Transport-Security: max-age=0; includeSubdomains

cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3gwielHJJSgyRwWZ7e6Z9MyYQzCuK4trNj%2F%2B3aS6qnq2nJqupqprenZPG4MheJA5eNFT7ze7WTRB9BZQg8wGNSwIO6CwB%2Ffg1Ysi5CwzLo4%2BqHrv1fcdvve9urHtjokPR4%2BWXtebUim6eLbmV597JwjOVVdl6gbVQSt6N2qcq5r%2Bi%2B2o5j9ffVWwrl4M%2FcD3Az%2BoLksjEj1YnIKQ2Z12UGv7tUZYC842MDD%2F763zYKkH3j8mT0HySeW%2BdxqSjZH2vlwStpvr7IVXek7RXBv0%2Bd6baTfVRYrevEyMhyTdO2FD28Ple9Dp7kwudP9fYiwnxPvhHuJ070Qk4v7OTGesIFLE%2FHEU%2FTGEGkPSMZi%2BDskPCcA4Lq4h7d26qE1BN%2F5B6RSdkMrDvyCLCan8ehpp74sLSg6qV7VyudSpxSApIQdjyM4YmdtHvrkAWeyD5e9D8p%2FI4sNVpL2dNas0JC9ns0s5hkzGUGIIaj246ZEeXOLBZR56%2FKjKgiBo%2BpxRv9VmrM6bIo64H9BmEtDAj1pwbCpviDwbgqkhmNlCZrbQlUMY9x3segnLPdh8QrzLW%2BjzEoUgKCxBQQkKSVDkBEW%2F3OXKhra8xZV1cXCSw5NcL0c672zTXZ13REq2s2Py5NQX79SNt9AVR1WehEkcJa12Ili9GbSjIBIsDFjE261WoxXAyhLSLsxG3ZQT8vTqA2RyQh7R3yOm%2B7BqH0w%2BAeoC0GLUDH3Q9VGj5WMzvd2OqanZ3HGpwXWJLK8g3%2FC21TE5M1tP8OPPEOzg%2FEd3L%2F%2F%2BwbN3wUyJzJR4T94n6Kiboyu6IDtXdGHJV2tZLntyk05XdzWnuTj1%2BWtio9CGryzZ4WcvsSkwLe%2B8IWy%2BSlMu044lty9IzoVZ1oYJ8u2KfVvEl5xdv%2BBM6rLVSy8vr%2FQyI6yVOh2DysPuNTA5IY%2F2f5n9yTMf%2FgZpxjCuRM8dkJOA1Ptg2RZsNldv9SkYNefE2QIKV45MGM8flSRQYt7TuIT9Tx%2FP6217Ex0TgubXkfZK9E2JvipB1RDWPTbKM3Nw%2FsEn0%2FgUsaqMYmUqO7Ey6uOptd%2FM%2FJ1eX09I89qfsPKo2qzXfRq1zwbNJhXNuBG2kijglIaNKIwiWkduJ%2ByZPxb%2BBgAA%2F%2F8BAAD%2F%2F%2B7%2BjsRtBAAA

192.243.59.12

200 OK

7 B

URL HTTP/1.1
cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3gwielHJJSgyRwWZ7e6Z9MyYQzCuK4trNj%2F%2B3aS6qnq2nJqupqprenZPG4MheJA5eNFT7ze7WTRB9BZQg8wGNSwIO6CwB%2Ffg1Ysi5CwzLo4%2BqHrv1fcdvve9urHtjokPR4%2BWXtebUim6eLbmV597JwjOVVdl6gbVQSt6N2qcq5r%2Bi%2B2o5j9ffVWwrl4M%2FcD3Az%2BoLksjEj1YnIKQ2Z12UGv7tUZYC842MDD%2F763zYKkH3j8mT0HySeW%2BdxqSjZH2vlwStpvr7IVXek7RXBv0%2Bd6baTfVRYrevEyMhyTdO2FD28Ple9Dp7kwudP9fYiwnxPvhHuJ070Qk4v7OTGesIFLE%2FHEU%2FTGEGkPSMZi%2BDskPCcA4Lq4h7d26qE1BN%2F5B6RSdkMrDvyCLCan8ehpp74sLSg6qV7VyudSpxSApIQdjyM4YmdtHvrkAWeyD5e9D8p%2FI4sNVpL2dNas0JC9ns0s5hkzGUGIIaj246ZEeXOLBZR56%2FKjKgiBo%2BpxRv9VmrM6bIo64H9BmEtDAj1pwbCpviDwbgqkhmNlCZrbQlUMY9x3segnLPdh8QrzLW%2BjzEoUgKCxBQQkKSVDkBEW%2F3OXKhra8xZV1cXCSw5NcL0c672zTXZ13REq2s2Py5NQX79SNt9AVR1WehEkcJa12Ili9GbSjIBIsDFjE261WoxXAyhLSLsxG3ZQT8vTqA2RyQh7R3yOm%2B7BqH0w%2BAeoC0GLUDH3Q9VGj5WMzvd2OqanZ3HGpwXWJLK8g3%2FC21TE5M1tP8OPPEOzg%2FEd3L%2F%2F%2BwbN3wUyJzJR4T94n6Kiboyu6IDtXdGHJV2tZLntyk05XdzWnuTj1%2BWtio9CGryzZ4WcvsSkwLe%2B8IWy%2BSlMu044lty9IzoVZ1oYJ8u2KfVvEl5xdv%2BBM6rLVSy8vr%2FQyI6yVOh2DysPuNTA5IY%2F2f5n9yTMf%2FgZpxjCuRM8dkJOA1Ptg2RZsNldv9SkYNefE2QIKV45MGM8flSRQYt7TuIT9Tx%2FP6217Ex0TgubXkfZK9E2JvipB1RDWPTbKM3Nw%2FsEn0%2FgUsaqMYmUqO7Ey6uOptd%2FM%2FJ1eX09I89qfsPKo2qzXfRq1zwbNJhXNuBG2kijglIaNKIwiWkduJ%2ByZPxb%2BBgAA%2F%2F8BAAD%2F%2F%2B7%2BjsRtBAAA
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3gwielHJJSgyRwWZ7e6Z9MyYQzCuK4trNj%2F%2B3aS6qnq2nJqupqprenZPG4MheJA5eNFT7ze7WTRB9BZQg8wGNSwIO6CwB%2Ffg1Ysi5CwzLo4%2BqHrv1fcdvve9urHtjokPR4%2BWXtebUim6eLbmV597JwjOVVdl6gbVQSt6N2qcq5r%2Bi%2B2o5j9ffVWwrl4M%2FcD3Az%2BoLksjEj1YnIKQ2Z12UGv7tUZYC842MDD%2F763zYKkH3j8mT0HySeW%2BdxqSjZH2vlwStpvr7IVXek7RXBv0%2Bd6baTfVRYrevEyMhyTdO2FD28Ple9Dp7kwudP9fYiwnxPvhHuJ070Qk4v7OTGesIFLE%2FHEU%2FTGEGkPSMZi%2BDskPCcA4Lq4h7d26qE1BN%2F5B6RSdkMrDvyCLCan8ehpp74sLSg6qV7VyudSpxSApIQdjyM4YmdtHvrkAWeyD5e9D8p%2FI4sNVpL2dNas0JC9ns0s5hkzGUGIIaj246ZEeXOLBZR56%2FKjKgiBo%2BpxRv9VmrM6bIo64H9BmEtDAj1pwbCpviDwbgqkhmNlCZrbQlUMY9x3segnLPdh8QrzLW%2BjzEoUgKCxBQQkKSVDkBEW%2F3OXKhra8xZV1cXCSw5NcL0c672zTXZ13REq2s2Py5NQX79SNt9AVR1WehEkcJa12Ili9GbSjIBIsDFjE261WoxXAyhLSLsxG3ZQT8vTqA2RyQh7R3yOm%2B7BqH0w%2BAeoC0GLUDH3Q9VGj5WMzvd2OqanZ3HGpwXWJLK8g3%2FC21TE5M1tP8OPPEOzg%2FEd3L%2F%2F%2BwbN3wUyJzJR4T94n6Kiboyu6IDtXdGHJV2tZLntyk05XdzWnuTj1%2BWtio9CGryzZ4WcvsSkwLe%2B8IWy%2BSlMu044lty9IzoVZ1oYJ8u2KfVvEl5xdv%2BBM6rLVSy8vr%2FQyI6yVOh2DysPuNTA5IY%2F2f5n9yTMf%2FgZpxjCuRM8dkJOA1Ptg2RZsNldv9SkYNefE2QIKV45MGM8flSRQYt7TuIT9Tx%2FP6217Ex0TgubXkfZK9E2JvipB1RDWPTbKM3Nw%2FsEn0%2FgUsaqMYmUqO7Ey6uOptd%2FM%2FJ1eX09I89qfsPKo2qzXfRq1zwbNJhXNuBG2kijglIaNKIwiWkduJ%2ByZPxb%2BBgAA%2F%2F8BAAD%2F%2F%2B7%2BjsRtBAAA HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9bar.studio/
Cookie: u_pl=17008214; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecdf2fb6f89fec3719616ec21c6d988481=[3262652,3262677,3262651,3637745]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 10 Sep 2022 20:13:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5feaffbeee06868515cde8cfd2871460
Strict-Transport-Security: max-age=0; includeSubdomains

api.9bar.studio/th1/speed_test

172.67.172.55

200 OK

0 B

URL HTTP/2
api.9bar.studio/th1/speed_test
IP
172.67.172.55:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /th1/speed_test HTTP/1.1
Host: api.9bar.studio
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9bar.studio
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ej79oII0%2Fyb854y9Bn%2BVPAHluTT6rIJ027o7tpBd5oK7lhj8Zec0lSNO4I6Kydjb%2B8lwjwPQi8Tbq5zmFgXBEZdl6El%2BQk%2BZzVil4%2BWZ600YpS5j1jdIB1iW%2FkmQt2M8gDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ad3a148b0b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

9bar.studio/

172.67.172.55

200 OK

0 B

URL HTTP/2
9bar.studio/
IP
172.67.172.55:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: 9bar.studio
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:51 GMT
content-type: text/html
last-modified: Mon, 05 Sep 2022 07:36:12 GMT
vary: Accept-Encoding
cache-control: private, no-store, max-age=0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TB9jRuqbJxgbgmB4vsknuqxdGoU7DAkAmXSjmxnzyALdVTr10%2FNQ7rXiyxKs99UWUTp8U7A2FEy3mtyYghZHd1EXIZuVewRZkwzlxOmDEac1SkKyENsFhKSZ0yunVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ad398ff7db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api2.9bar.studio/th1/speed_test

172.67.172.55

200 OK

0 B

URL HTTP/2
api2.9bar.studio/th1/speed_test
IP
172.67.172.55:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /th1/speed_test HTTP/1.1
Host: api2.9bar.studio
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Referer: https://9bar.studio/
Origin: https://9bar.studio
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuRV%2FckIFS7XUJnPOtZUBXQeFO0xMUzAclCsPxr%2BToGdsZgjjuiUG5IvFEWQDlV63vp6GCRoN21kgfkyJNdEfk%2B3wdC6B5NcA20WWEnr08SRDk1n50bF0dioL0UWmKZ1m2aR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ad39ffe8ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api3.9bar.studio/th1/speed_test

172.67.172.55

200 OK

0 B

URL HTTP/2
api3.9bar.studio/th1/speed_test
IP
172.67.172.55:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /th1/speed_test HTTP/1.1
Host: api3.9bar.studio
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9bar.studio
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Sw6ae3xGsoOwv7D30qA1zUV4kxnE7Yel0gcHiqfHJfojPVeHpkoNZnxmrf7qtRLhXd%2F1FApfvrpN48E8t%2FMol93w62FzE9hPM%2FJDOIkyyRlFwW%2FCZ0fWtHxKQTfDJM6Mld4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ad3a14ee0b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api3.9bar.studio/th1/speed_test

172.67.172.55

200 OK

0 B

URL HTTP/2
api3.9bar.studio/th1/speed_test
IP
172.67.172.55:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /th1/speed_test HTTP/1.1
Host: api3.9bar.studio
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Referer: https://9bar.studio/
Origin: https://9bar.studio
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBqYQ7IN0QV9bGsex%2F%2BYsGC5WD3OAzYnCvAis%2FEWV%2B6QC0DpmIG1P6wQmKnWfmbqDhcbiHaH5HYXNbvUBS8xYMYlLXnzCcQr5UFev5jy%2FTQ56FEXWHxZRzS66TOJWC8h4MdL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ad39ffd07b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.9bar.studio/th1/speed_test

172.67.172.55

200 OK

0 B

URL HTTP/2
api.9bar.studio/th1/speed_test
IP
172.67.172.55:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /th1/speed_test HTTP/1.1
Host: api.9bar.studio
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Referer: https://9bar.studio/
Origin: https://9bar.studio
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9Y1k2GZnDbFHVcZNVFTSMHofaQ1GnxRdelhfI8RVa5aorZ%2BLViHKDI3yGYTVTz57Q%2FmgtP3SDZW602uRBTdql0AP1quwBG1D8feLaRNpOgl490%2FErtgnReM0p81C5H0%2FXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ad39fee6db51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api2.9bar.studio/th1/speed_test

172.67.172.55

200 OK

0 B

URL HTTP/2
api2.9bar.studio/th1/speed_test
IP
172.67.172.55:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /th1/speed_test HTTP/1.1
Host: api2.9bar.studio
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9bar.studio
Connection: keep-alive
Referer: https://9bar.studio/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Sep 2022 20:13:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AV%2FDrA%2Bo5DKycwVQQO5ayC8jlBi4RTw0UZcGZ385fHnqAO6ttDo9BTnrwQQt%2FxN81bdv8JEnqXBR7M5Oo46WtsY3xYjnOmiyaZlaZibjmaqV7VzLCNtaFwCyH%2FqACggbZ%2Bc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748ad3a1287eb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations