sbanh.com/d/jenussoceew5.html
172.64.129.30301 Moved Permanently 0 B URL HTTP/1.1 sbanh.com/d/jenussoceew5.html
IP 172.64.129.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/jenussoceew5.html HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 23:44:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 00:44:27 GMT
Location: https://sbanh.com/d/jenussoceew5.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAvDA%2BmhFHwmnzoT0E9fHbN9mmsd6B%2FCBFOyAFsOLk4HKj4%2FHCQdP0XJUAVAMM%2B3qsVUDTCGLQEFQ0fVESXYqSB3huD5gdEA6qvvwnxNtACoAjhvVhfR0PdV2g4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77067dfe5a75e640-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17922
Expires: Sun, 27 Nov 2022 04:43:10 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 949
Cache-Control: max-age=126149
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 10:46:57 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2516
Expires: Sun, 27 Nov 2022 00:26:24 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 23:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1615
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: j/KLwwZ7iGojusnjPGIp9n0LwBxlDhP7Y/mczAbYL1EUxsOpIYiAMxswcYAJk/8qe8SqFNhnOdE=
x-amz-request-id: D3WFDH5GM43K6RJY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 23:41:24 GMT
age: 184
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 115f90a701a0f76e9a65d5dd14f821c5
605b7678b9f6ec7634eae82c85e7355ff586f952
94c1c49d480f9483aa7c7d0ee125ff8ef85404b54f615b866a2bb3813b98bdcd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "94C1C49D480F9483AA7C7D0EE125FF8EF85404B54F615B866A2BB3813B98BDCD"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8628
Expires: Sun, 27 Nov 2022 02:08:16 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 115f90a701a0f76e9a65d5dd14f821c5
605b7678b9f6ec7634eae82c85e7355ff586f952
94c1c49d480f9483aa7c7d0ee125ff8ef85404b54f615b866a2bb3813b98bdcd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "94C1C49D480F9483AA7C7D0EE125FF8EF85404B54F615B866A2BB3813B98BDCD"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8628
Expires: Sun, 27 Nov 2022 02:08:16 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 13c265f2c258e0bcea2ac1149188d332
3d42f91eec1fae7ff5e243d2a35afdd5a6d58db0
26666f4ea8fe16648ef9593216b725f692a1cb913763b186cd19d59e7875a930
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5710
Cache-Control: max-age=118318
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Etag: "6381b9bc-117"
Expires: Mon, 28 Nov 2022 08:36:26 GMT
Last-Modified: Sat, 26 Nov 2022 07:01:16 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
sbanh.com/streamSB_images/logo.png
172.64.129.30200 OK 2.6 kB URL HTTP/2 sbanh.com/streamSB_images/logo.png
IP 172.64.129.30:0
File type PNG image data, 182 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b3b8065574b402dd5196a5fd7640398
a1d798972bc09bff0ef46451955fb312b41e05a8
3e99d7e9b8e38754caf45ffa67940a03306b3cca016a7dffaba71d2ccdfcd7f2
GET /streamSB_images/logo.png HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: image/png
content-length: 2565
last-modified: Fri, 19 Feb 2021 18:46:45 GMT
etag: "a05-5bbb4dfb14f40"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4789
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yah4boDm2WbjiPXgHN1ZZak7NgnjL2XADcK856dxRiclZO5TQWoFKS53o3DB62k0IjrFdDT7Uz3TizTbG74Y8WR%2B63SUVtZXO%2FnhNSilBDFnyZn8UUBmSxG%2B9f4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01b9308861-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/streamSB_images/ico_f.png
172.64.129.30200 OK 663 B URL HTTP/2 sbanh.com/streamSB_images/ico_f.png
IP 172.64.129.30:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 661849be53e5f34afbcb9ee5dff02519
b324587dd5d63a966c9ca44cafe4abe4bc356f01
4ec32478b468957b2ed8b705d99a8d321e02a1214630584811bde65509c3bd83
GET /streamSB_images/ico_f.png HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: image/png
content-length: 663
last-modified: Fri, 19 Feb 2021 18:46:44 GMT
etag: "297-5bbb4dfa20d00"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4236
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmMrLZGvtY04f%2FQ5rpdNHOkeAoXck3NcwSEhrilvFG%2Fgm3vh64BlFeA4Y950GgKNlGkDAKfk9RTi0hz8%2BVxfRew57r9IvwhsMNHFDO9%2FKeDR353qV9GhbkHnOHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01c93f8861-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/streamSB_images/ico_t.png
172.64.129.30200 OK 781 B URL HTTP/2 sbanh.com/streamSB_images/ico_t.png
IP 172.64.129.30:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ae3da724ad6a63a5fb7e1c49a75b7a2
eb4489c94ff151aa7512afab7a37eb03916c5606
dc4f5897a8fbb036952ce65827bc42768c7b79f062def4ef3924a2ba0b110085
GET /streamSB_images/ico_t.png HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: image/png
content-length: 781
last-modified: Fri, 19 Feb 2021 18:46:43 GMT
etag: "30d-5bbb4df92cac0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNerBPloWv9fXk16go2cWbL6VKCOnY5ZGUh1vHLzwgXhcIGrQ1TBDsfyUeKHSb2Ibpz936xnKNVvNQLGAkAKaljgn1FQXvn1G7z%2FV4bFBzSuUga0P%2F9tdiRlj%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01c9408861-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/streamSB_images/ico_g.png
172.64.129.30200 OK 842 B URL HTTP/2 sbanh.com/streamSB_images/ico_g.png
IP 172.64.129.30:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash a0f16d7af9e67d16470edc5acf2f13a6
42fcf90dc3dd0db47575336bbeff9470ef819b01
2a134113f37df934aa750425409fa2e72223e215b1a0750ad892bece7ebda278
GET /streamSB_images/ico_g.png HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: image/png
content-length: 842
last-modified: Fri, 19 Feb 2021 18:46:41 GMT
etag: "34a-5bbb4df744640"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlTSoiTM69fy9rIHpr4kYgLAA8GLXcwZ1gcTmqlCMW9EJGP4ZP%2BzR7Gf6RtXai3JQzQNek4%2Fu7tX0wcekrwxihUlbEUcRrhSYCh7jqgxuc%2BZAGBbSTWaS6jU5NY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01c9428861-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/xfst_js/feather.min.js
172.64.129.30200 OK 20 kB URL HTTP/2 sbanh.com/xfst_js/feather.min.js
IP 172.64.129.30:0
File type Unicode text, UTF-8 text, with very long lines (61450)
Hash a2b865b2886deb3a6c43b27ee0f15c46
a06337ceb0d3062053f60cfe32a3f2fb434f0c78
997fca2ce4e1041ae12d933a2d9c7cff2d2a490785d5f605a0cc980a9f05eb32
GET /xfst_js/feather.min.js HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 14 Jul 2020 06:03:53 GMT
etag: W/"5f0d4ac9-11b55"
expires: Sat, 03 Dec 2022 18:09:15 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 20113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sArDP%2B8A5260eMaDyPLcNUYmskcTTmvsGjAFsn5hYyvG48DUHZdxjb1yyyHUh5UThHHFimyX9CH%2BFDg0uKeJsx2QW0v8dBHWJfFLGCMkB9y9lyXLkrtuKAeRdRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01a91b8861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/streamSB_css/main.css
172.64.129.30200 OK 4.7 kB URL HTTP/2 sbanh.com/streamSB_css/main.css
IP 172.64.129.30:0
File type ASCII text, with very long lines (15838), with no line terminators
Hash 89f836df3a94abd464ebd0d15015c364
a4e70d57fb8708a1bf099f6aea5b3a1cfc1fa06e
68c3cbb2d62f43b7ebd4680cdfdbddacdc2b031513e51f18b8de406d8655ed70
GET /streamSB_css/main.css HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=21326
etag: W/"534e-5e1bc938ac640"
last-modified: Sat, 18 Jun 2022 17:55:29 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 2187
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFaWmKQwjcedts9irV7lNi4bRzasjgQNzglAw2ihAVpAg%2FTaRP%2FUjpWoxqdoEZ3eOtfzsinDp8%2FcwGSbbynXvZub6lHcGzLwnCtZEu%2B3RrABr9UnudgL3SWSAC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01a90f8861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/xfst_js/theme_panel.js
172.64.129.30200 OK 133 kB URL HTTP/2 sbanh.com/xfst_js/theme_panel.js
IP 172.64.129.30:0
File type Unicode text, UTF-8 text, with very long lines (34245), with NEL line terminators
Size 133 kB (132894 bytes)
Hash 953f8f8ef6fe3e786460c0cf7127b56b
67896f088ab0c8529d41fc534fa3a6270123c892
3df44e69ac908462e1d5e32ad576b6479b25940e40040ee5b3fce476e5902112
GET /xfst_js/theme_panel.js HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-bgj: minify
etag: W/"5f0d4acf-62566"
expires: Sat, 03 Dec 2022 18:09:15 GMT
last-modified: Tue, 14 Jul 2020 06:03:59 GMT
cf-cache-status: HIT
age: 20113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii8hABU3vfSZbODklYF8kMeiRxu8Bpy2iM2ke64AdD64rUPeZ3oQ5i0xP5liU3aCPCW8igdyGiV%2BLoLJeVwOriQSmus8%2FF323cXUx55WjQIm9B7PhK%2FcGlZdkLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01a9168861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7d8726abc129a171336f2dd77bd5a744
70e44f661b5e92374fa76db71d09c0ce504ade53
58e8477c9460c09b96bd6ef1c62776cb8f14e26385a67fcb585234e5195cbc5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2521
Cache-Control: max-age=133469
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Etag: "63820160-118"
Expires: Mon, 28 Nov 2022 12:48:57 GMT
Last-Modified: Sat, 26 Nov 2022 12:06:56 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b96ad46c8f6f7181170b414c0c652cb4
d2e9ebed4a154c60e7904087edc91852872c3960
d3ceefd05a31389a3696861a22b655fafb34a732e904faf39ff333cd54cd7fe5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3CEEFD05A31389A3696861A22B655FAFB34A732E904FAF39FF333CD54CD7FE5"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6722
Expires: Sun, 27 Nov 2022 01:36:30 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a2153d60f21790e68869d1a38da9fcbb
1b641e7d5f418b7e82837e5a1284904d4a1f1c41
ea3c26c0c95b73f1b74a93b65b1d251eb967ab43e70c3f465490166643c9f08c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 988
Cache-Control: max-age=125833
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Etag: "6381e989-117"
Expires: Mon, 28 Nov 2022 10:41:41 GMT
Last-Modified: Sat, 26 Nov 2022 10:25:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5e5ace8de8f1135bdc8e32f93370a10
06ca4e779343beb7dbf0f049812499d6358aa0c8
e0e5ffe79b58e825422c495bf8e2db905abd8622ec93fc05f791c2b7ebbacd0a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0E5FFE79B58E825422C495BF8E2DB905ABD8622EC93FC05F791C2B7EBBACD0A"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3736
Expires: Sun, 27 Nov 2022 00:46:44 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
sbanh.com/xfst_js/main.js
172.64.129.30200 OK 2.3 kB URL HTTP/2 sbanh.com/xfst_js/main.js
IP 172.64.129.30:0
File type HTML document, ASCII text, with very long lines (1791)
Hash 68fdeff0417a6e43905acd45c09ef5e2
cdc56561db53bb6c3baba6faaf5a7d714c8a10ad
4ab5de4e2bb62862660342dc46c651028bc0862062b4296b9ca2b439164fab38
GET /xfst_js/main.js HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-bgj: minify
etag: W/"5f0d4aca-1a13"
expires: Sat, 03 Dec 2022 18:09:15 GMT
last-modified: Tue, 14 Jul 2020 06:03:54 GMT
cf-cache-status: HIT
age: 20113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRgzMyg9kt%2FoIojJ1pGffq1IM%2FlYxIssFH%2Fd4kSifyblD5q8tw6koAUp1hliT%2FQVCtYZEMDtVKzxHx%2B42y8X2nm9NMMf3H88Z1Y%2Fqc1TAdBijWDNBGxNzdrnoq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01a91c8861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-166622646-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-166622646-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash abed234683e149597da4eebc48e325c6
4bba7e52fb7166086a5293666fcd56d789fd3a6e
c8a0ba48e1dfabb513ec1ad1430e3d2d13b5e50ce4f6d0632bdb6d891a97da65
GET /gtag/js?id=UA-166622646-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 23:44:28 GMT
expires: Sat, 26 Nov 2022 23:44:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fm.ramouselong.com/tmFUyT2I6hRC5CG7g/55699
172.255.6.226200 OK 25 B URL HTTP/1.1 fm.ramouselong.com/tmFUyT2I6hRC5CG7g/55699
IP 172.255.6.226:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tmFUyT2I6hRC5CG7g/55699 HTTP/1.1
Host: fm.ramouselong.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 23:44:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sbanh.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 27-Nov-2022 23:44:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sun, 27-Nov-2022 23:44:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
sbanh.com/d/jenussoceew5.html
172.64.129.30200 OK 2.7 kB URL HTTP/2 sbanh.com/d/jenussoceew5.html
IP 172.64.129.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash fdf29fd36b6ad6f927abced8a3a0a314
5f03ed34b23dd358e40d151f6359ff29c7b31904
c195e6402dcc9c32709150b780c96c3d8803a5aae26b723bbf39eeee9fb5bc38
GET /d/jenussoceew5.html HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 25 Nov 2022 23:44:28 GMT
set-cookie: lang=1; domain=.sbanh.com; path=/; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prVqRdRmmsvF96xQGV%2BFb4tR1htaL5WZ6EQmtHTZPMZvyrK6DUrG7Smwn2slhsBx8k7JzwStijnaQCPeAKtw%2BAeX3AK4ZLLiOTR7bSwMVKX%2F5bE56pgrFqW9ql8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77067e001eb18861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7d8726abc129a171336f2dd77bd5a744
70e44f661b5e92374fa76db71d09c0ce504ade53
58e8477c9460c09b96bd6ef1c62776cb8f14e26385a67fcb585234e5195cbc5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2521
Cache-Control: max-age=133469
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Etag: "63820160-118"
Expires: Mon, 28 Nov 2022 12:48:57 GMT
Last-Modified: Sat, 26 Nov 2022 12:06:56 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
fm.ramouselong.com/tmFUyT2I6hRC5CG7g/55699
172.255.6.226200 OK 25 B URL HTTP/1.1 fm.ramouselong.com/tmFUyT2I6hRC5CG7g/55699
IP 172.255.6.226:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tmFUyT2I6hRC5CG7g/55699 HTTP/1.1
Host: fm.ramouselong.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 23:44:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sbanh.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 23:08:54 GMT
cache-control: public,max-age=3600
age: 2134
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5895
Cache-Control: max-age=126038
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:45:06 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Hash 0cd3b03c066851fd03e8e51a0bb713cd
ab90570fbff72d7d5070ef9629da2e31b506575a
ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6
GET /s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:42:27 GMT
expires: Fri, 24 Nov 2023 21:42:27 GMT
cache-control: public, max-age=31536000
age: 180121
last-modified: Tue, 19 Apr 2022 18:20:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb03e8e2d73432c5a3b0e890508952b2
60be359b2ea8b9577de2de888edb768b162d9fb3
086ab9cdead4dcf6465f56fa810793eba78f7c48975fd3d94369c47d7e2bc6ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "086AB9CDEAD4DCF6465F56FA810793EBA78F7C48975FD3D94369C47D7E2BC6CE"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3141
Expires: Sun, 27 Nov 2022 00:36:49 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b82036d6267d514aeeaeea3870237c66
6418bde26a5a8abb792631af6a7990e718863849
2a1100063616ff401c1648425e0957f9cd45f757fa81c775f18b422a521a4c03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A1100063616FF401C1648425E0957F9CD45F757FA81C775F18B422A521A4C03"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13110
Expires: Sun, 27 Nov 2022 03:22:58 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140905
Date: Sat, 26 Nov 2022 23:44:28 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 14:52:53 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GxFAyazmmb9SaAQpMfG139FRPOkSBfA3jq8lLq5KC7aMVgrzK5-Dtw==
Age: 4910
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7cbfd6a9d2b008518801934040a4e940
0b74341ad8623d4d7314eb708572e0a485aa0e19
4232a1ae9dfffa5fe1909c2e49b0f00e231f0301a20da60aaee483bfbe8b9299
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4232A1AE9DFFFA5FE1909C2E49B0F00E231F0301A20DA60AAEE483BFBE8B9299"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12404
Expires: Sun, 27 Nov 2022 03:11:12 GMT
Date: Sat, 26 Nov 2022 23:44:28 GMT
Connection: keep-alive
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 4195c1868c0a76bee825c3568617aae0
22e4a51bb05b00469d56646e0da2e8466764ef80
120dfc1a758d4aef1a790dff6605824cb9add0ea41d5ae98348b8af45ca7e68a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sbanh.com
access-control-allow-credentials: true
set-cookie: uid_id2=540a15ad-1050-4046-987b-06c10831c9a5:3:1; expires=Tue, 23 Nov 2032 23:44:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jHQ0v7puzu6wmot1KZJfJw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lt/5gAHghF1K6piTbUhIw0jSbm4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43dca8ebcf06bd09eb16b5516072ec48
84fe572e189c13383dc0a805a90c07de69c48ee6
be524e069364f1231ff9f6f8a5ca6ae8aa4353ba95fa7913c30c13ed008ab8fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE524E069364F1231FF9F6F8A5CA6AE8AA4353BA95FA7913C30C13ED008AB8FD"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9349
Expires: Sun, 27 Nov 2022 02:20:18 GMT
Date: Sat, 26 Nov 2022 23:44:29 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash a71372dfeddce60ce3f76bd04a587082
5c6cf145295ea76989b31ff3d932f71705ca2c43
aeac8a6b66bea207ff316159b25cb7eb31103be3159a0038869ed074f9f1234f
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://sbanh.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c61b91dc72a34b13be94f831b923cac7; expires=Sun, 26 Nov 2023 23:44:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=3785253
139.45.197.236200 OK 30 kB URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=3785253
IP 139.45.197.236:0
Hash 4a25f2e904147ed657ce385cdcdfca57
38d265af110d1111c205d96e656800bc251e00aa
e05fb5663f18e54e90be5d69bbcc82486b08e1529aca7e7831512e1bf4172f47
GET /apu.php?zoneid=3785253 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: application/javascript
x-trace-id: 7d987ca292063ac3d1bf134cc94b0194
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=61dc220cd39a4319b3d2a922590b9448; expires=Sun, 26 Nov 2023 23:44:29 GMT; path=/; secure; SameSite=None
oaidts=1669506269; expires=Sun, 26 Nov 2023 23:44:29 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
profitablegatetocontent.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 profitablegatetocontent.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37131), with no line terminators
Hash 12f8b0a888802f56bd086e9873f9aba0
ed0682ffd961127253350798e7d4112d3dc38a63
312b198f5c67040ef24195df1768024b6b252d5412e604e0a67de7c765359748
Analyzer Verdict Alert quad9 Sinkholed
GET /54/42/5b/54425b8e8ac39b56c91d1586d719761f.js HTTP/1.1
Host: profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 23:44:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80783af2c1fdab718178d74f7553359a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
akamai-images-content.com/jenussoceew5_xt.jpg
104.21.235.171200 OK 49 kB URL HTTP/2 akamai-images-content.com/jenussoceew5_xt.jpg
IP 104.21.235.171:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x362, components 3\012- data
Hash 4d97069a57601ccf3e1abe6e72d3c347
4879d09e09f746eb7fe70a618544cb007a789f9b
d50d4d9243ff148ed669c5e6a00f67332456a4837aeba73ed8eee8639995b85d
GET /jenussoceew5_xt.jpg HTTP/1.1
Host: akamai-images-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: image/jpeg
content-length: 48756
last-modified: Wed, 30 Mar 2022 21:51:08 GMT
etag: "6244d0cc-be74"
expires: Sat, 10 Dec 2022 23:44:29 GMT
cache-control: max-age=1209600
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RekHoW%2BCtfVEYxaEWFoXmqalej5BDfRJiGiNVGso12%2Fd%2BNC4nqbOqBrCO8a3tJZIEIecjHsPtS8rQNnerhxvcvWjJQzObwxJ58fKEmKU7uk01nq5H9dKCyr55MFcnV%2BfjvMH5eS7j0wRYI8L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e02b97a06ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a2153d60f21790e68869d1a38da9fcbb
1b641e7d5f418b7e82837e5a1284904d4a1f1c41
ea3c26c0c95b73f1b74a93b65b1d251eb967ab43e70c3f465490166643c9f08c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 989
Cache-Control: max-age=125833
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 23:44:29 GMT
Etag: "6381e989-117"
Expires: Mon, 28 Nov 2022 10:41:42 GMT
Last-Modified: Sat, 26 Nov 2022 10:25:13 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
fonts.googleapis.com/css2?family=Quicksand&display=swap
142.250.74.10200 OK 774 B URL HTTP/2 fonts.googleapis.com/css2?family=Quicksand&display=swap
IP 142.250.74.10:0
Hash ec254d70c9f24e37fcca7d7f5f23c29e
cb392d64f90c2b5082a965393b18a0702c5091a3
2f75c53643b4f2afbcc930804029f4452bd0aff82f1d240b0ebc27711396c5a5
GET /css2?family=Quicksand&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 23:44:28 GMT
date: Sat, 26 Nov 2022 23:44:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c61b91dc72a34b13be94f831b923cac7
139.45.197.239204 No Content 0 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c61b91dc72a34b13be94f831b923cac7
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c61b91dc72a34b13be94f831b923cac7 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sbanh.com/
Origin: https://sbanh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sbanh.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
dearestimmortality.com/ac/96/89/ac9689ea4c0b75250967275b2219e87e.json
192.243.59.12200 OK 408 B URL HTTP/1.1 dearestimmortality.com/ac/96/89/ac9689ea4c0b75250967275b2219e87e.json
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Hash 9d4ccb73ba1d528d5115ac7f31641474
e87438989c35f771568fce1bfef2ebbc9cd4b4f9
bb814ff97235190fd5747d1d461eb5191d745a0316822c2aab1e2f1826d1ddc9
GET /ac/96/89/ac9689ea4c0b75250967275b2219e87e.json HTTP/1.1
Host: dearestimmortality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 23:44:29 GMT
Content-Type: application/json
Content-Length: 408
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00acfd6aa0dd68fa560a0e2b476ba364
Strict-Transport-Security: max-age=0; includeSubdomains
use.fontawesome.com/releases/v5.10.2/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 75 kB URL HTTP/2 use.fontawesome.com/releases/v5.10.2/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 75408, version 330.15859\012- data
Hash d6d8d5da9214dc7d46b297672a602d55
9991033ce701c9a3d092ba2263a6a89c4d7e21da
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
GET /releases/v5.10.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: font/woff2
content-length: 75408
x-amz-id-2: PNisf2NuzJnrW9bd4UfKs4YkQ0G9XROnLfHaasZdO4T5E00Ld3A5NBenammgGs4foLHhEy0KgDE=
x-amz-request-id: 51FSD91YJGCDZN2S
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:36:28 GMT
etag: "d6d8d5da9214dc7d46b297672a602d55"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1574950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoKLX0NCZOMg9tcZMEj5yyG69OrTGxNG8a%2BkbJU8eBpBIQ6oVvwwe%2B5wLUZ%2BJs%2BJO3K9YClAUx9vuQ9tqj8oK4iOeXU3VwySdc4%2FK%2BtvIFc8u6QkSoDFPglVTOEz60ts7FrKwYAO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77067e081ceb71ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c61b91dc72a34b13be94f831b923cac7
139.45.197.239200 OK 7 B URL HTTP/2 cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c61b91dc72a34b13be94f831b923cac7
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
POST /9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c61b91dc72a34b13be94f831b923cac7 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 249
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Cookie: scm=1; OAID=d0fa30ab39084f368b3a2d4e81e39b2e; oaidts=1669506269
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://sbanh.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 212a17a4cae109306dcf8dabab125379
access-control-expose-headers: X-Sc
set-cookie: OAID=c61b91dc72a34b13be94f831b923cac7; expires=Sun, 26 Nov 2023 23:44:29 GMT; secure; SameSite=None
oaidts=1669506269; expires=Sun, 26 Nov 2023 23:44:29 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
inrhyhorntor.com/500/3766241?excludes=&oaid=c61b91dc72a34b13be94f831b923cac7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 inrhyhorntor.com/500/3766241?excludes=&oaid=c61b91dc72a34b13be94f831b923cac7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/3766241?excludes=&oaid=c61b91dc72a34b13be94f831b923cac7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inrhyhorntor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sbanh.com/
Origin: https://sbanh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://sbanh.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8b0a6ea4a1b52f72d93c9e643b0dd179
02df9611887db2044802892f436f0448eb0e332c
ec8284c369490389342d5a3a33d3501262ecd1498d46153689de13e4356b799c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "EC8284C369490389342D5A3A33D3501262ECD1498D46153689DE13E4356B799C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3126
Expires: Sun, 27 Nov 2022 00:36:35 GMT
Date: Sat, 26 Nov 2022 23:44:29 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-LKBMYHCW0K>m=2oeb90&_p=1354560139&cid=1793671306.1669506269&ul=en-us&sr=1280x1024&_s=1&sid=1669506268&sct=1&seg=0&dl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LKBMYHCW0K>m=2oeb90&_p=1354560139&cid=1793671306.1669506269&ul=en-us&sr=1280x1024&_s=1&sid=1669506268&sct=1&seg=0&dl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LKBMYHCW0K>m=2oeb90&_p=1354560139&cid=1793671306.1669506269&ul=en-us&sr=1280x1024&_s=1&sid=1669506268&sct=1&seg=0&dl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://sbanh.com
date: Sat, 26 Nov 2022 23:44:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
104.22.33.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data
Hash 2fed87d8d9131d075b72354b838c2d77
69624c46c1556c35c67e85724451cce20ad405ec
8adac582983620ad0421a1be7648f58c731feaf3de0bf027ebefe412505b01ed
GET /www/images/2fed87d8d9131d075b72354b838c2d77.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: image/jpeg
content-length: 10853
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b2c84c-2a65"
expires: Sun, 27 Nov 2022 08:24:02 GMT
last-modified: Wed, 22 Jun 2022 07:44:12 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 55222
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e0a8c6095eb-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c0285adfe1c03ece15941876c3655519
ad3012f2c06e7d5e0036026aac114da29db4e2a3
28d1729de2f16e8b2feec61b058f0953920c3d5713fc8f25af3ee9f6b6f79c3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28D1729DE2F16E8B2FEEC61B058F0953920C3D5713FC8F25AF3EE9F6B6F79C3B"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5007
Expires: Sun, 27 Nov 2022 01:07:56 GMT
Date: Sat, 26 Nov 2022 23:44:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c0285adfe1c03ece15941876c3655519
ad3012f2c06e7d5e0036026aac114da29db4e2a3
28d1729de2f16e8b2feec61b058f0953920c3d5713fc8f25af3ee9f6b6f79c3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28D1729DE2F16E8B2FEEC61B058F0953920C3D5713FC8F25AF3EE9F6B6F79C3B"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5007
Expires: Sun, 27 Nov 2022 01:07:56 GMT
Date: Sat, 26 Nov 2022 23:44:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a2f051b33f9f7ef186f920fc8cfeec0
91aafd49c21bfdb7600c28a852e0051b43a009ad
64a514a528a46cb9b2d728c20b2098c3e851d252ba039118fb1bb91f53595a34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64A514A528A46CB9B2D728C20B2098C3E851D252BA039118FB1BB91F53595A34"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3822
Expires: Sun, 27 Nov 2022 00:48:12 GMT
Date: Sat, 26 Nov 2022 23:44:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e23383f628afbb8f652d10c1fb0f102
ef19c4c2e7f2ae22fcad85858e8fbb9b4365d6b7
c994a865f6b42e1f1263d787c3d5712ce62d5771650470cb0681d8b4ce04643f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C994A865F6B42E1F1263D787C3D5712CE62D5771650470CB0681D8B4CE04643F"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9154
Expires: Sun, 27 Nov 2022 02:17:04 GMT
Date: Sat, 26 Nov 2022 23:44:30 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=540a15ad-1050-4046-987b-06c10831c9a5&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ac9689ea4c0b75250967275b2219e87e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=540a15ad-1050-4046-987b-06c10831c9a5&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ac9689ea4c0b75250967275b2219e87e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=540a15ad-1050-4046-987b-06c10831c9a5&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ac9689ea4c0b75250967275b2219e87e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 23:44:30 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1f8185881ae9c2addd810c7104a20f54
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=540a15ad-1050-4046-987b-06c10831c9a5&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=54425b8e8ac39b56c91d1586d719761f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=540a15ad-1050-4046-987b-06c10831c9a5&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=54425b8e8ac39b56c91d1586d719761f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=540a15ad-1050-4046-987b-06c10831c9a5&eb=571189e4c7fd56c848e0c687526c64f1&te=94d4becc704af97ad9b7161ef0f8c2eb&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=54425b8e8ac39b56c91d1586d719761f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 23:44:30 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c09b1f27712d2b808616d852b81bc633
Strict-Transport-Security: max-age=0; includeSubdomains
poshhateful.com/advertisers.js
192.243.59.20200 OK 0 B URL HTTP/1.1 poshhateful.com/advertisers.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: poshhateful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 26 Nov 2022 23:44:30 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d171fb72852e67501584bea297324b41
Strict-Transport-Security: max-age=0; includeSubdomains
residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js
192.243.61.227200 OK 11 kB URL HTTP/1.1 residenceseeingstanding.com/a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (32107), with no line terminators
Hash d4cdb1dbf8e5ac67e22bbdcb60236a01
340aa1c09a75f8fc7922dbec2354874e53570612
0c0315863aa22e5ad6ba7e7b4b11ec3516ccc480dc56a0355d10e9e6a3d8f954
Analyzer Verdict Alert quad9 Sinkholed
GET /a7/a4/a3/a7a4a3d358e01b43771ddd49cda3539d.js HTTP/1.1
Host: residenceseeingstanding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 26 Nov 2022 23:44:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d41f423ef9a83f96d2eb558b97f4ec7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fd31d87c534e5fb16d503dd2fbbceb2
b33fbc44c6922e66290c70bfc5132d252d48f3cf
1cd8f7e0e067e25543f8e4310f8664e256cbadded9aa1c52cb2546b815fdfeee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CD8F7E0E067E25543F8E4310F8664E256CBADDED9AA1C52CB2546B815FDFEEE"
Last-Modified: Fri, 25 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18284
Expires: Sun, 27 Nov 2022 04:49:14 GMT
Date: Sat, 26 Nov 2022 23:44:30 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 22:41:08 GMT
expires: Sun, 27 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 3802
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11142
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 23:44:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11142
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 23:44:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11142
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 23:44:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11142
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sat, 26 Nov 2022 23:44:30 GMT
Connection: keep-alive
cdn.itskiddien.club/?rb=VoUI5Qfjg872LYbJvw-EKbIU6P123TZC_xohlsKFBSjb9d3wT8SML-C-Zl9gmg1M00qjblcRSk8MvUZUkIbvc19Dgws7v2e_U50MMmgG1b6wEc_u6mWbyIaN3ZVWQGt2WoeZwhnvQ-gVKvv589Xpe27_wLrjr8yD69jJb3MVmEdNLaseWpjH6XFZIu9J7dwpPZFE--GpFXlg_1zIonVMFN0TIq-yrJkaIstNa_6jswo%3D&request_ab2=96002&zoneid=3785253&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=1bef1827-e4c8-4dd7-b76d-8f633c33145e&userId=c61b91dc72a34b13be94f831b923cac7&m=link
139.45.197.236200 OK 9.9 kB URL HTTP/2 cdn.itskiddien.club/?rb=VoUI5Qfjg872LYbJvw-EKbIU6P123TZC_xohlsKFBSjb9d3wT8SML-C-Zl9gmg1M00qjblcRSk8MvUZUkIbvc19Dgws7v2e_U50MMmgG1b6wEc_u6mWbyIaN3ZVWQGt2WoeZwhnvQ-gVKvv589Xpe27_wLrjr8yD69jJb3MVmEdNLaseWpjH6XFZIu9J7dwpPZFE--GpFXlg_1zIonVMFN0TIq-yrJkaIstNa_6jswo%3D&request_ab2=96002&zoneid=3785253&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=1bef1827-e4c8-4dd7-b76d-8f633c33145e&userId=c61b91dc72a34b13be94f831b923cac7&m=link
IP 139.45.197.236:0
Hash 9d4e834ab803083930e9dab8a7afc8d9
fec3b2dae4e3bacd39aed0c1a23846d99a9d68d9
fdeb1631862c646a1a6106be89548923404b940c54e2d37a25470cb74ce2e611
GET /?rb=VoUI5Qfjg872LYbJvw-EKbIU6P123TZC_xohlsKFBSjb9d3wT8SML-C-Zl9gmg1M00qjblcRSk8MvUZUkIbvc19Dgws7v2e_U50MMmgG1b6wEc_u6mWbyIaN3ZVWQGt2WoeZwhnvQ-gVKvv589Xpe27_wLrjr8yD69jJb3MVmEdNLaseWpjH6XFZIu9J7dwpPZFE--GpFXlg_1zIonVMFN0TIq-yrJkaIstNa_6jswo%3D&request_ab2=96002&zoneid=3785253&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=1bef1827-e4c8-4dd7-b76d-8f633c33145e&userId=c61b91dc72a34b13be94f831b923cac7&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sbanh.com/
Origin: https://sbanh.com
Connection: keep-alive
Cookie: OAID=61dc220cd39a4319b3d2a922590b9448; oaidts=1669506269
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: application/json
x-trace-id: 1dc4adc5d32c7a3616f24f6492a7194c
access-control-allow-origin: https://sbanh.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c61b91dc72a34b13be94f831b923cac7; expires=Sun, 26 Nov 2023 23:44:29 GMT; path=/; secure; SameSite=None
oaidts=1669506269; expires=Sun, 26 Nov 2023 23:44:29 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 03 Dec 2022 23:44:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JmJEzqrxMdQtAWft6FHjIqo-WhpiUDfaLpRUe59RcOwReYf1sL-xRg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 04:48:54 GMT
age: 68136
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1354560139&t=pageview&_s=1&dl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&ul=en-us&de=UTF-8&dt=StreamSB&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1517278736&gjid=1753305631&cid=1793671306.1669506269&tid=UA-166622646-1&_gid=739784850.1669506270&_r=1>m=2oub90&z=103860225
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1354560139&t=pageview&_s=1&dl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&ul=en-us&de=UTF-8&dt=StreamSB&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1517278736&gjid=1753305631&cid=1793671306.1669506269&tid=UA-166622646-1&_gid=739784850.1669506270&_r=1>m=2oub90&z=103860225
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1354560139&t=pageview&_s=1&dl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&ul=en-us&de=UTF-8&dt=StreamSB&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1517278736&gjid=1753305631&cid=1793671306.1669506269&tid=UA-166622646-1&_gid=739784850.1669506270&_r=1>m=2oub90&z=103860225 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://sbanh.com
date: Sat, 26 Nov 2022 23:44:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 7336
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 14:28:34 GMT
age: 33356
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ebedc2ec4252a54928ffc21c1ab1bb51
da7ffc7850a3c5f0e61287497ae7db665e796753
8b0ad4330c60cfa6c6bb4a24827fdb80075eb89e67e06cd89d0c868b98fd002e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:44:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 05:29:12 GMT
Expires: Sat, 03 Dec 2022 05:29:11 GMT
Etag: "da7ffc7850a3c5f0e61287497ae7db665e796753"
Cache-Control: max-age=538480,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77067e0e6ba0b506-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y0ofyT6UcPjB8mfRR1VMjHSTW64Qb_EQ0rrjsOdbby1CG-xMIFJMPw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:49:19 GMT
age: 6911
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 7336
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash c27e731fe30c0e880d9bd66f0457a07f
8d23f7c6510ac3aa60379dd0fb8ff0b374a5aa6a
0b82b9d52fb817b0e6bd7e58b55a04036dbc8755e49b2d2f6202ff037e778b81
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 23:44:30 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Wed, 30 Nov 2022 19:57:36 GMT
ETag: "8d23f7c6510ac3aa60379dd0fb8ff0b374a5aa6a"
Last-Modified: Sat, 26 Nov 2022 19:57:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2760
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77067e0eba3fb523-OSL
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Sat, 26 Nov 2022 23:44:30 GMT
access-control-allow-origin: *
etag: "637f41b2-11e33"
expires: Sun, 27 Nov 2022 00:44:30 GMT
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
widgets.amung.us/small/40/4075.png
104.22.74.171200 OK 344 B URL HTTP/2 widgets.amung.us/small/40/4075.png
IP 104.22.74.171:0
File type PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Hash cf04f08e915c9d3cec23279a43d5711c
94a9a6880f050841ee99435376f54520d3fddc25
fe10f02b80f6995130dae97f979d6c7be3eca5f13ca54beede7fe4ac9b00c9fc
GET /small/40/4075.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sbanh.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:30 GMT
content-type: image/png
content-length: 344
last-modified: Sun, 13 Jun 2010 09:48:33 GMT
etag: "4c14a971-158"
expires: Wed, 16 Nov 2022 02:18:19 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1027571
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e0fab249921-ARN
X-Firefox-Spdy: h2
wastedinvaluable.com/sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=540a15ad-1050-4046-987b-06c10831c9a5%3A3%3A1
173.233.139.164200 OK 4.2 kB URL HTTP/1.1 wastedinvaluable.com/sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=540a15ad-1050-4046-987b-06c10831c9a5%3A3%3A1
IP 173.233.139.164:0
File type JSON data\012- , ASCII text, with very long lines (5933), with no line terminators
Hash d62514ace022da2b9597ceefe05b50c7
66747e79a94c22be36b3955fc4da153e577dc614
14f90e2730fd78cdf8018035dde95baf20141a31ce8a7849ed0345cb5b6d9597
GET /sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=540a15ad-1050-4046-987b-06c10831c9a5%3A3%3A1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:44:30 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sbanh.com
Access-Control-Allow-Origin: https://sbanh.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16479293; expires=Sun, 27 Nov 2022 23:44:30 GMT; secure; SameSite=None
uid_id2=540a15ad-1050-4046-987b-06c10831c9a5:3:1; expires=Sat, 03 Dec 2022 23:44:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 23:44:30 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 23:44:30 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 27 Nov 2022 23:44:30 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 27 Nov 2022 23:44:30 GMT; secure; SameSite=None
slec54425b8e8ac39b56c91d1586d719761f=[3789938]; expires=Sat, 26 Nov 2022 23:44:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 54773bc979ea8492ad15053320b82a3e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTjYXvagI6sEwBwUVd7Z6pntn2iDBGCPBmIQkkqv1q3crW93VVHVPb%2FZiSDDkOOLFY%2B%2BbTRZ1EXNXIrNeZEHIGJBF3IN%2FgSDk4kVmdmDxHer7vnrf4b1XdXezOiAUFdu%2F%2FLHd0MawpbhNW29c17m0tW9dvNYKaZueal3X%2BXJ0qrU%2BPdzgnZDGbfpm60Ml1uxSh4aUhjRsndNOpXZ9acZCFztJ2E5oO%2Bq0wzjCuvv%2F7KsAngWQgwPyArScnFj95SG0GCPPvj%2Br%2FFppi7c%2FyCrDSuswkNuf5Gu5rXNkR23qAqT59nwb1k8I%2BeoYbL49dwA72Jo6ANcTEvwegufbc5ngg%2FuHSrmBysHls6gHYygzhmZjCHsHWj4mgJC4eAl59uCidTW7eciyKTshC0%2F%2Fga4nZOHPF5Fn350xer111Zqq1Db3WE8b6PUx9MoYRbWLciOArnchytvQ8ley9PQC8mzrkjcWWu6%2FFkeUhTGTiyGN6WJEo%2BXFpN%2Fji3RZhLTfDUXC4llEWo%2Bh0zGMGoL546h8gEoHqNIAVREgk%2FstFicppb2Up91uPxJCdLtCxP1lGctu1E8pKjH1MERZDCHMEMLdQuFuYU0P4aqf4FcbeBnAlwQD2aBWBLUnqBlBrQnqkqAeNPel8R3fPJDGVzyc1868dpuRLVc22X1brqicbBYH5PlZcP%2BW72JN7bfiKOrEvK%2F6THQTHi%2BLJJThVGUvTHrLYQqvG2h%2FDMwH2NAT8tJbz6HQE7Lw%2BUlwtgtvdiH062DVq2D1qNehYKujqE%2Bxke%2F40imWed7OVQlpGxTlCZQ3g01zQF6Z6UieOCixd%2FqvdAYI16BwDW7onwlWzL3RFVuTrSu29uThpaLUmd5g08e9WrJSLXzzkbpZWyfPn%2FXDr98TU2La7lxTvrzAcqnzFU%2B%2BPaOlVO6cdUKRH8%2F764pfrvzqmcrlVXHh8vvnzmeFU95rm4%2FB9ONPH0HoCXkmuzv7tif%2FuAvtxnBVg6zaI3NA212I4hZ8sXf6yctflj%2Fc%2BAzeEjhztMOLAHXVjFyHH10aTWDU0cx4A6%2BOIuBq79Hfh9ymv4cVF4CVd5BnDQauwcA0YGYIXx0flYXbO%2F1bdwZwE4y4ccEWN858cRit1%2FstFac0VbSjeJrwtMeoTNIo4SwJVY%2FHLETpJ%2BL21sF%2FAAAA%2F%2F8BAAD%2F%2FwkHUreOBAAA
173.233.139.164200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTjYXvagI6sEwBwUVd7Z6pntn2iDBGCPBmIQkkqv1q3crW93VVHVPb%2FZiSDDkOOLFY%2B%2BbTRZ1EXNXIrNeZEHIGJBF3IN%2FgSDk4kVmdmDxHer7vnrf4b1XdXezOiAUFdu%2F%2FLHd0MawpbhNW29c17m0tW9dvNYKaZueal3X%2BXJ0qrU%2BPdzgnZDGbfpm60Ml1uxSh4aUhjRsndNOpXZ9acZCFztJ2E5oO%2Bq0wzjCuvv%2F7KsAngWQgwPyArScnFj95SG0GCPPvj%2Br%2FFppi7c%2FyCrDSuswkNuf5Gu5rXNkR23qAqT59nwb1k8I%2BeoYbL49dwA72Jo6ANcTEvwegufbc5ngg%2FuHSrmBysHls6gHYygzhmZjCHsHWj4mgJC4eAl59uCidTW7eciyKTshC0%2F%2Fga4nZOHPF5Fn350xer111Zqq1Db3WE8b6PUx9MoYRbWLciOArnchytvQ8ley9PQC8mzrkjcWWu6%2FFkeUhTGTiyGN6WJEo%2BXFpN%2Fji3RZhLTfDUXC4llEWo%2Bh0zGMGoL546h8gEoHqNIAVREgk%2FstFicppb2Up91uPxJCdLtCxP1lGctu1E8pKjH1MERZDCHMEMLdQuFuYU0P4aqf4FcbeBnAlwQD2aBWBLUnqBlBrQnqkqAeNPel8R3fPJDGVzyc1868dpuRLVc22X1brqicbBYH5PlZcP%2BW72JN7bfiKOrEvK%2F6THQTHi%2BLJJThVGUvTHrLYQqvG2h%2FDMwH2NAT8tJbz6HQE7Lw%2BUlwtgtvdiH062DVq2D1qNehYKujqE%2Bxke%2F40imWed7OVQlpGxTlCZQ3g01zQF6Z6UieOCixd%2FqvdAYI16BwDW7onwlWzL3RFVuTrSu29uThpaLUmd5g08e9WrJSLXzzkbpZWyfPn%2FXDr98TU2La7lxTvrzAcqnzFU%2B%2BPaOlVO6cdUKRH8%2F764pfrvzqmcrlVXHh8vvnzmeFU95rm4%2FB9ONPH0HoCXkmuzv7tif%2FuAvtxnBVg6zaI3NA212I4hZ8sXf6yctflj%2Fc%2BAzeEjhztMOLAHXVjFyHH10aTWDU0cx4A6%2BOIuBq79Hfh9ymv4cVF4CVd5BnDQauwcA0YGYIXx0flYXbO%2F1bdwZwE4y4ccEWN858cRit1%2FstFac0VbSjeJrwtMeoTNIo4SwJVY%2FHLETpJ%2BL21sF%2FAAAA%2F%2F8BAAD%2F%2FwkHUreOBAAA
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTjYXvagI6sEwBwUVd7Z6pntn2iDBGCPBmIQkkqv1q3crW93VVHVPb%2FZiSDDkOOLFY%2B%2BbTRZ1EXNXIrNeZEHIGJBF3IN%2FgSDk4kVmdmDxHer7vnrf4b1XdXezOiAUFdu%2F%2FLHd0MawpbhNW29c17m0tW9dvNYKaZueal3X%2BXJ0qrU%2BPdzgnZDGbfpm60Ml1uxSh4aUhjRsndNOpXZ9acZCFztJ2E5oO%2Bq0wzjCuvv%2F7KsAngWQgwPyArScnFj95SG0GCPPvj%2Br%2FFppi7c%2FyCrDSuswkNuf5Gu5rXNkR23qAqT59nwb1k8I%2BeoYbL49dwA72Jo6ANcTEvwegufbc5ngg%2FuHSrmBysHls6gHYygzhmZjCHsHWj4mgJC4eAl59uCidTW7eciyKTshC0%2F%2Fga4nZOHPF5Fn350xer111Zqq1Db3WE8b6PUx9MoYRbWLciOArnchytvQ8ley9PQC8mzrkjcWWu6%2FFkeUhTGTiyGN6WJEo%2BXFpN%2Fji3RZhLTfDUXC4llEWo%2Bh0zGMGoL546h8gEoHqNIAVREgk%2FstFicppb2Up91uPxJCdLtCxP1lGctu1E8pKjH1MERZDCHMEMLdQuFuYU0P4aqf4FcbeBnAlwQD2aBWBLUnqBlBrQnqkqAeNPel8R3fPJDGVzyc1868dpuRLVc22X1brqicbBYH5PlZcP%2BW72JN7bfiKOrEvK%2F6THQTHi%2BLJJThVGUvTHrLYQqvG2h%2FDMwH2NAT8tJbz6HQE7Lw%2BUlwtgtvdiH062DVq2D1qNehYKujqE%2Bxke%2F40imWed7OVQlpGxTlCZQ3g01zQF6Z6UieOCixd%2FqvdAYI16BwDW7onwlWzL3RFVuTrSu29uThpaLUmd5g08e9WrJSLXzzkbpZWyfPn%2FXDr98TU2La7lxTvrzAcqnzFU%2B%2BPaOlVO6cdUKRH8%2F764pfrvzqmcrlVXHh8vvnzmeFU95rm4%2FB9ONPH0HoCXkmuzv7tif%2FuAvtxnBVg6zaI3NA212I4hZ8sXf6yctflj%2Fc%2BAzeEjhztMOLAHXVjFyHH10aTWDU0cx4A6%2BOIuBq79Hfh9ymv4cVF4CVd5BnDQauwcA0YGYIXx0flYXbO%2F1bdwZwE4y4ccEWN858cRit1%2FstFac0VbSjeJrwtMeoTNIo4SwJVY%2FHLETpJ%2BL21sF%2FAAAA%2F%2F8BAAD%2F%2FwkHUreOBAAA HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Cookie: u_pl=16479293; uid_id2=540a15ad-1050-4046-987b-06c10831c9a5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec54425b8e8ac39b56c91d1586d719761f=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:44:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5f707d3de3e466be885ec7d6aa707b84
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3a3efe248a599bcccf04881f3d686cb
10e5741399303e7c20f334d8dd72b4b8c968c0d4
cef064183db51cefadcca610b91c5ea86154ae2024029d60e59a152a7a3b1723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF064183DB51CEFADCCA610B91C5EA86154AE2024029D60E59A152A7A3B1723"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1697
Expires: Sun, 27 Nov 2022 00:12:47 GMT
Date: Sat, 26 Nov 2022 23:44:30 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 737 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 938295c83451b6dfbe06a3d3a4c9419a
f64d883577238cb330225a4b5125e184ec4c533e
00c64c6cf12213200bf077299d9e85a6f1372eeb27f55f5b77378f5c4da282ec
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3504
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 23:44:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3504
Expires: Sun, 27 Nov 2022 00:42:55 GMT
Date: Sat, 26 Nov 2022 23:44:31 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
172.64.108.13200 OK 322 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
IP 172.64.108.13:0
File type PNG image data, 729 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size 322 kB (322399 bytes)
Hash 47b7ae41a98644de6d46d58a0e51a793
b0f736609af3c0b3214ee52cc9f0798dcc972df6
b2ad5bf8fc066203168fbceb53b7df6012e8897be344b240e94105af1b4ba0f2
GET /sb/notifications/games/nutaku/multi/2/img/girls.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:31 GMT
content-type: image/png
content-length: 322399
last-modified: Wed, 07 Sep 2022 14:37:32 GMT
etag: "6318acac-4eb5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 985951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbSdSBoisLPCnlHqN5Emh4E3BNgbOf2e2XYuaU7pdlUDFc9dL0b1CqoYUUK7TIGR94e2On0meER7pEbjaO2fEzbw1TT%2Fsv8jnJ0UyAwzjK72b%2B%2FDuh%2FLznoFlyZ51vV1R0K66ugE%2BteH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e12db147702-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/64815175?wmode=7&page-url=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1564343435743%3Ahid%3A1033640926%3Az%3A0%3Ai%3A20221126234430%3Aet%3A1669506271%3Ac%3A1%3Arn%3A749920929%3Arqn%3A1%3Au%3A1669506271513187701%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C80%2C164%2C0%2C261%2C0%2C%2C1003%2C7%2C%2C%2C%2C1518%3Ans%3A1669506267684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669506271%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 1 B URL HTTP/2 mc.yandex.ru/watch/64815175?wmode=7&page-url=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1564343435743%3Ahid%3A1033640926%3Az%3A0%3Ai%3A20221126234430%3Aet%3A1669506271%3Ac%3A1%3Arn%3A749920929%3Arqn%3A1%3Au%3A1669506271513187701%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C80%2C164%2C0%2C261%2C0%2C%2C1003%2C7%2C%2C%2C%2C1518%3Ans%3A1669506267684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669506271%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
GET /watch/64815175?wmode=7&page-url=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1564343435743%3Ahid%3A1033640926%3Az%3A0%3Ai%3A20221126234430%3Aet%3A1669506271%3Ac%3A1%3Arn%3A749920929%3Arqn%3A1%3Au%3A1669506271513187701%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C80%2C164%2C0%2C261%2C0%2C%2C1003%2C7%2C%2C%2C%2C1518%3Ans%3A1669506267684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669506271%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1564343435743%3Ahid%3A1033640926%3Az%3A0%3Ai%3A20221126234430%3Aet%3A1669506271%3Ac%3A1%3Arn%3A749920929%3Arqn%3A1%3Au%3A1669506271513187701%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C80%2C164%2C0%2C261%2C0%2C%2C1003%2C7%2C%2C%2C%2C1518%3Ans%3A1669506267684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669506271%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 26 Nov 2022 23:44:30 GMT
access-control-allow-origin: https://sbanh.com
set-cookie: yandexuid=107859821669506270; Expires=Sun, 26-Nov-2023 23:44:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=107859821669506270; Expires=Sun, 26-Nov-2023 23:44:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2175324001669506270; Path=/; SameSite=None; Secure
i=JF948FSQ4VmN2u2AUzEYKBKtj4rf6tS91zI/3L0FYOupS9Q5GjfVXstssIKAAcWqlhugr54SXSo+vw/w5UbOwIPARk8=; Expires=Tue, 23-Nov-2032 23:44:19 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701042270.yc.1669506270#1701042270.yrts.1669506270#1701042270.yrtsi.1669506270; Expires=Sun, 26-Nov-2023 23:44:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 26-Nov-2022 23:44:30 GMT
last-modified: Sat, 26-Nov-2022 23:44:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d734a7a2d2656fcb2c7964591a0fe9c8
3190ed3610ec19f25864a2b0ff3e1798d142be37
f08f6d4462a469f4089a112dc35953447c09125b9f56cfad7ea6a95a80e49565
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F08F6D4462A469F4089A112DC35953447C09125B9F56CFAD7EA6A95A80E49565"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Sun, 27 Nov 2022 00:22:00 GMT
Date: Sat, 26 Nov 2022 23:44:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d734a7a2d2656fcb2c7964591a0fe9c8
3190ed3610ec19f25864a2b0ff3e1798d142be37
f08f6d4462a469f4089a112dc35953447c09125b9f56cfad7ea6a95a80e49565
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F08F6D4462A469F4089A112DC35953447C09125B9F56CFAD7EA6A95A80E49565"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Sun, 27 Nov 2022 00:22:00 GMT
Date: Sat, 26 Nov 2022 23:44:31 GMT
Connection: keep-alive
wastedinvaluable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTjYXvagI6sEwBwUVd7Z6pnt%2BGCQYYyQYkyWJ7NXqqurZylZ3NVXd07N7cUlwyXHEi8feN7tZ1EXMXYnMepEFIWNAFnEP%2FgWCkIsXmdmBxXeo7%2FvqfYf3XtXWdnFMKAp2tPyx2VBas6WwTmtvrKhUmNLVrt%2Bu%2BbROL9RWVNoKLtQG08P23%2FFpWKdv1j6UfM0sNahPqU%2F92hVlZWwGSzMWKtvv%2BvUurQeNuh8GGNj%2Fz67w4JgH0T8mL0CJybnVXx5C8THS5PvL0q3lJnv7g6TQLDcWfbH3SbqWmjJFctrG1kOc7s23YdyEkK%2FOwKR7cwcw%2FZ2pA0RqQrzffUTp3lwmov7uidJIQ6aIxLMo%2B2NIPYZiY3BzD0o8JgAXuH4DafLgurElWz9h2ZSdkIWn%2F0CVE7Lw54tIk%2B8uaTWo3TK6yJVJHQZxBTUYQ%2FXGyIoD5BseVHkAnt%2BFEr%2BSpafXkCY7N5w2UOLotTCgzA%2BZWPRpSBcDGrQWu512tEhb3Kedps%2B7LJxFpNQYKh5DyyGYO4vCeSiUhyL2UGQeEnFUY2E3prQdR3Gz2Qk4580m52GnJULRDDoxRcGnHobIsyG4HoLbTWR2E2tqCFv8BLdawQkPLifoiwqlJCgdQckISkVQ5gRlv9oV2jVc9UBoV0T%2BvDbmtVmNTN7bZrsm78mUbGfH5PlZcP%2Fm72JNHtXCIGiEUUd2GG92o7DFu77wpyrbfrfd8mM4VUG5M2DOw4aakJfeeg6ZmpCFz88jYgdw%2BgBcvQ5WvApWjtoNCrY6CjoUG%2Bm%2By61kiYvqqcwhTIUsP4d83dvWx%2BSVmY7uEwvJDy%2F%2BFc8AbitktsId9TNBT98f3TQl2blpSkce3shylagNNn3cWznL5cI3H8n10lhx9bIbfv0enxLTdv%2B2dPk1lgqV9hz59pISQtorxnJJfrzqVmS0XLjVS4VNi%2Bza8vtXriaZlc4pk47B1ONPH4GrCXkm2Zp92%2FN%2FbEHZMWxRISkOyRxQ5gA824TLDi8%2BefnL%2FIc7n8EZAqtPd6LMQ1lUI9uITi%2B1ItDydGZRBSdPI4jk4aO%2FT7htdx8964Hl95AmFfq2Ql9XYHoIV5wd5Zk9vPhbcwZE2htF2no7kbb6i5NonTqqhX4gO1GnzYWIJBd%2Bu9HsNCltCBG0u9LvIncTfnfn%2BD8AAAD%2F%2FwEAAP%2F%2FHQ%2FcUY4EAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTjYXvagI6sEwBwUVd7Z6pnt%2BGCQYYyQYkyWJ7NXqqurZylZ3NVXd07N7cUlwyXHEi8feN7tZ1EXMXYnMepEFIWNAFnEP%2FgWCkIsXmdmBxXeo7%2FvqfYf3XtXWdnFMKAp2tPyx2VBas6WwTmtvrKhUmNLVrt%2Bu%2BbROL9RWVNoKLtQG08P23%2FFpWKdv1j6UfM0sNahPqU%2F92hVlZWwGSzMWKtvv%2BvUurQeNuh8GGNj%2Fz67w4JgH0T8mL0CJybnVXx5C8THS5PvL0q3lJnv7g6TQLDcWfbH3SbqWmjJFctrG1kOc7s23YdyEkK%2FOwKR7cwcw%2FZ2pA0RqQrzffUTp3lwmov7uidJIQ6aIxLMo%2B2NIPYZiY3BzD0o8JgAXuH4DafLgurElWz9h2ZSdkIWn%2F0CVE7Lw54tIk%2B8uaTWo3TK6yJVJHQZxBTUYQ%2FXGyIoD5BseVHkAnt%2BFEr%2BSpafXkCY7N5w2UOLotTCgzA%2BZWPRpSBcDGrQWu512tEhb3Kedps%2B7LJxFpNQYKh5DyyGYO4vCeSiUhyL2UGQeEnFUY2E3prQdR3Gz2Qk4580m52GnJULRDDoxRcGnHobIsyG4HoLbTWR2E2tqCFv8BLdawQkPLifoiwqlJCgdQckISkVQ5gRlv9oV2jVc9UBoV0T%2BvDbmtVmNTN7bZrsm78mUbGfH5PlZcP%2Fm72JNHtXCIGiEUUd2GG92o7DFu77wpyrbfrfd8mM4VUG5M2DOw4aakJfeeg6ZmpCFz88jYgdw%2BgBcvQ5WvApWjtoNCrY6CjoUG%2Bm%2By61kiYvqqcwhTIUsP4d83dvWx%2BSVmY7uEwvJDy%2F%2BFc8AbitktsId9TNBT98f3TQl2blpSkce3shylagNNn3cWznL5cI3H8n10lhx9bIbfv0enxLTdv%2B2dPk1lgqV9hz59pISQtorxnJJfrzqVmS0XLjVS4VNi%2Bza8vtXriaZlc4pk47B1ONPH4GrCXkm2Zp92%2FN%2FbEHZMWxRISkOyRxQ5gA824TLDi8%2BefnL%2FIc7n8EZAqtPd6LMQ1lUI9uITi%2B1ItDydGZRBSdPI4jk4aO%2FT7htdx8964Hl95AmFfq2Ql9XYHoIV5wd5Zk9vPhbcwZE2htF2no7kbb6i5NonTqqhX4gO1GnzYWIJBd%2Bu9HsNCltCBG0u9LvIncTfnfn%2BD8AAAD%2F%2FwEAAP%2F%2FHQ%2FcUY4EAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTjYXvagI6sEwBwUVd7Z6pnt%2BGCQYYyQYkyWJ7NXqqurZylZ3NVXd07N7cUlwyXHEi8feN7tZ1EXMXYnMepEFIWNAFnEP%2FgWCkIsXmdmBxXeo7%2FvqfYf3XtXWdnFMKAp2tPyx2VBas6WwTmtvrKhUmNLVrt%2Bu%2BbROL9RWVNoKLtQG08P23%2FFpWKdv1j6UfM0sNahPqU%2F92hVlZWwGSzMWKtvv%2BvUurQeNuh8GGNj%2Fz67w4JgH0T8mL0CJybnVXx5C8THS5PvL0q3lJnv7g6TQLDcWfbH3SbqWmjJFctrG1kOc7s23YdyEkK%2FOwKR7cwcw%2FZ2pA0RqQrzffUTp3lwmov7uidJIQ6aIxLMo%2B2NIPYZiY3BzD0o8JgAXuH4DafLgurElWz9h2ZSdkIWn%2F0CVE7Lw54tIk%2B8uaTWo3TK6yJVJHQZxBTUYQ%2FXGyIoD5BseVHkAnt%2BFEr%2BSpafXkCY7N5w2UOLotTCgzA%2BZWPRpSBcDGrQWu512tEhb3Kedps%2B7LJxFpNQYKh5DyyGYO4vCeSiUhyL2UGQeEnFUY2E3prQdR3Gz2Qk4580m52GnJULRDDoxRcGnHobIsyG4HoLbTWR2E2tqCFv8BLdawQkPLifoiwqlJCgdQckISkVQ5gRlv9oV2jVc9UBoV0T%2BvDbmtVmNTN7bZrsm78mUbGfH5PlZcP%2Fm72JNHtXCIGiEUUd2GG92o7DFu77wpyrbfrfd8mM4VUG5M2DOw4aakJfeeg6ZmpCFz88jYgdw%2BgBcvQ5WvApWjtoNCrY6CjoUG%2Bm%2By61kiYvqqcwhTIUsP4d83dvWx%2BSVmY7uEwvJDy%2F%2BFc8AbitktsId9TNBT98f3TQl2blpSkce3shylagNNn3cWznL5cI3H8n10lhx9bIbfv0enxLTdv%2B2dPk1lgqV9hz59pISQtorxnJJfrzqVmS0XLjVS4VNi%2Bza8vtXriaZlc4pk47B1ONPH4GrCXkm2Zp92%2FN%2FbEHZMWxRISkOyRxQ5gA824TLDi8%2BefnL%2FIc7n8EZAqtPd6LMQ1lUI9uITi%2B1ItDydGZRBSdPI4jk4aO%2FT7htdx8964Hl95AmFfq2Ql9XYHoIV5wd5Zk9vPhbcwZE2htF2no7kbb6i5NonTqqhX4gO1GnzYWIJBd%2Bu9HsNCltCBG0u9LvIncTfnfn%2BD8AAAD%2F%2FwEAAP%2F%2FHQ%2FcUY4EAAA%3D HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Cookie: u_pl=16479293; uid_id2=540a15ad-1050-4046-987b-06c10831c9a5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec54425b8e8ac39b56c91d1586d719761f=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:44:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2322c6079401445bb49363f16e63ec23
Strict-Transport-Security: max-age=0; includeSubdomains
veilsuccessfully.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=101
173.233.139.164200 OK 0 B URL HTTP/1.1 veilsuccessfully.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=101
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=101 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:44:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
veilsuccessfully.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=33
173.233.139.164200 OK 0 B URL HTTP/1.1 veilsuccessfully.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=33
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=33 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:44:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
veilsuccessfully.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fanimate.css&l=79249&fd=101
173.233.139.164200 OK 0 B URL HTTP/1.1 veilsuccessfully.com/pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fanimate.css&l=79249&fd=101
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.2.6607&tmpl=481&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fanimate.css&l=79249&fd=101 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:44:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
45.133.44.3200 OK 447 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 69dac4ff153c6f3d4ac2052f464fe121
69206b5461f92b875778a9d155472a3114b8bb07
c4b34692c0069e15cd48c41da9a66236e058e3f50bec4ca4298e377999ac8a8f
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/games/nutaku/multi/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:30 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 15 Sep 2022 10:38:26 GMT
etag: W/"632300a2-514"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 27 Nov 2022 00:44:30 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
wastedinvaluable.com/pixel/sbs?c=1
173.233.139.164200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Cookie: u_pl=16479293; uid_id2=540a15ad-1050-4046-987b-06c10831c9a5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec54425b8e8ac39b56c91d1586d719761f=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 23:44:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 26 Nov 2022 23:44:31 GMT
access-control-allow-origin: *
etag: "637f41b2-2b"
expires: Sun, 27 Nov 2022 00:44:31 GMT
accept-ranges: bytes
last-modified: Thu, 24 Nov 2022 13:04:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1564343435743%3Ahid%3A1033640926%3Az%3A0%3Ai%3A20221126234430%3Aet%3A1669506271%3Ac%3A1%3Arn%3A749920929%3Arqn%3A1%3Au%3A1669506271513187701%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C80%2C164%2C0%2C261%2C0%2C%2C1003%2C7%2C%2C%2C%2C1518%3Ans%3A1669506267684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669506271%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1564343435743%3Ahid%3A1033640926%3Az%3A0%3Ai%3A20221126234430%3Aet%3A1669506271%3Ac%3A1%3Arn%3A749920929%3Arqn%3A1%3Au%3A1669506271513187701%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C80%2C164%2C0%2C261%2C0%2C%2C1003%2C7%2C%2C%2C%2C1518%3Ans%3A1669506267684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669506271%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 5aca11f48aa2aa25ed32412f33448566
88663a6ea9ee83a8141b0c25b24ab6a81def31e9
b9abe6cdcf13372514937599d08f97c2b78eeb1e183ecda237eff7698e25d8ea
GET /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A923%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1564343435743%3Ahid%3A1033640926%3Az%3A0%3Ai%3A20221126234430%3Aet%3A1669506271%3Ac%3A1%3Arn%3A749920929%3Arqn%3A1%3Au%3A1669506271513187701%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C80%2C164%2C0%2C261%2C0%2C%2C1003%2C7%2C%2C%2C%2C1518%3Ans%3A1669506267684%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669506271%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Referer: https://sbanh.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sat, 26 Nov 2022 23:44:31 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://sbanh.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 26-Nov-2022 23:44:31 GMT
last-modified: Sat, 26-Nov-2022 23:44:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.10.2/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.10.2/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.10.2/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: text/css
x-amz-id-2: 9oHacZp0W4NdVOhcZ02ibD75z9pE4Un49UGdeLzWR6/PWfmoIstb6XRsAr6qMKurxrspsHjQNDI=
x-amz-request-id: YZA92TJQ2VVP396Q
last-modified: Wed, 30 Jun 2021 15:36:08 GMT
etag: W/"e0fe4a6191bf975ee1a105ea1cb4c41e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 30054471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=609BuQ%2BUHEtUt0Ihf4fGaBozvtMZBp5xr4dvPUfpFcAkN1mQB9pIl3Emgky1wzoLf93teqWwRJIDZOd3ku%2FLYz9R2Rpf63IMFvRYZtyEBljrpFWIT4guo8hOqWQns5AgMsTvn9w6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e02af607795-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
inrhyhorntor.com/500/3766241?excludes=&oaid=c61b91dc72a34b13be94f831b923cac7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 inrhyhorntor.com/500/3766241?excludes=&oaid=c61b91dc72a34b13be94f831b923cac7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/3766241?excludes=&oaid=c61b91dc72a34b13be94f831b923cac7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fsbanh.com%2Fd%2Fjenussoceew5.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inrhyhorntor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Cookie: OAID=f904668fefc34aed87e8a15fb39eb965
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: application/javascript
x-trace-id: 86d4a7274cc47a81f6474c04b373ed93
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://sbanh.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c61b91dc72a34b13be94f831b923cac7; expires=Sun, 26 Nov 2023 23:44:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/css/styles.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:31 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 08:03:32 GMT
etag: W/"632ac554-2c89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 985717
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBXYtk7UGgNXZoBzoV7V3RqzDpzRkpkBgHfO9%2FRQpci1ZkomkhXVjVFBO67dH%2FOihl2NQ6H48O7Fj7%2FmquaXuccfODdj6qvdsKHFgZ3zM1hjcBoXmuGtimOakEnCzwyysJr%2FX85CZLfQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e129a967702-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:31 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 10:38:28 GMT
etag: W/"632300a4-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 985717
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02LDOKFhdt%2BKsQPl8uh8T0Te1X9qvLNH7zqU07VWxngSeuCQCBpkwFVslqvIMI7TVjET1qVHYlEFAo%2Br4t1y4aG3f%2FKYSdzC%2BOrxyOCnLPgijpqzJSHIW3c69SDpWgP%2BLZcHZqaRrm4Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e129aa27702-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.10.2/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.10.2/css/all.css
IP 172.64.133.15:0
GET /releases/v5.10.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: text/css
x-amz-id-2: GhbN+A8ZKduJYtRXDaTwNB12OIuv3GVMDpyGOZzUSS8gKjnz3f6xuBUqJ292IoA7SPKnFJGuGOI=
x-amz-request-id: BJWR2AMPWD0M3Z20
last-modified: Wed, 30 Jun 2021 15:36:08 GMT
etag: W/"164a58dcca37a5b00c22e06ee8e2fc68"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 9196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMHSb8jcSM33gH6SiWxgoL2shD850JnVA4Vz928gzwq%2FmF5H2u%2BI44n3LITVvwMkglLpWaXZY7Ji61lV%2B79mHy0Jv50YKituohArOpqzuuBo3%2BQ8LCB4blGNdUEHa2Q6Knuom4Wz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e02af5e7795-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/streamSB_css/style.css
172.64.129.30200 OK 0 B URL HTTP/2 sbanh.com/streamSB_css/style.css
IP 172.64.129.30:0
GET /streamSB_css/style.css HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: text/css
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"11e23-5ec06e9525800"
last-modified: Thu, 27 Oct 2022 16:48:32 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojgzvJTuxgqYIhQiiH9QkEF%2BqFFpX7l%2Ba0OnRrqq63snNxqeeLqPb%2FWVy4IXiWtrT4K%2BbAqfF2YoKF3%2BPvB4Vb4eUk7mq3wpMgLE%2FBj8fgP%2F9U40TywYZGOW2tM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01a9118861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/xfst_js/home_page.js
172.64.129.30200 OK 0 B URL HTTP/2 sbanh.com/xfst_js/home_page.js
IP 172.64.129.30:0
GET /xfst_js/home_page.js HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-bgj: minify
etag: W/"5f0d4ac9-481d1"
expires: Sat, 03 Dec 2022 18:09:15 GMT
last-modified: Tue, 14 Jul 2020 06:03:53 GMT
cf-cache-status: HIT
age: 20113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYpAdADn8md%2B1WSJ3NMzS%2Bn35Hg%2BIr3%2B75oRP43Gu3B5FnEKzzep%2BaPBtNiGF8n5WXTVIPdENLFKv8ITZjHh46XBDgtG1PxjUzRQkT2TBRO3vBuVj3P1TUqgJnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01a91a8861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:31 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 08:55:27 GMT
etag: W/"62fdfe7f-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 985951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JS11hJHeiZ4Fd4YfyA6Zgr%2FViwecglCSofOdtjqTQdZ2tGlwGNm0CjlhgzDhbYXAVgfEazigMNJMvI8XrKUnaVBScAam%2FILxPVqB7NnazozRfAnwZ1eCGd6%2Frf0dZwODrB17ptq6u6R8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e12db1a7702-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f8129310bb5c648c28b7e0af81a905b5
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 23:44:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6WOuelvrPEyUs7ZgVjCHsMp5t%2FX9YGmEEI3sFEgJNzmu1T0LeiFFXWcIw3wGmTam7sfsMwAdnCXypF9aSJYM4GfsGOQxqVhkpbp%2FyazpNWkgux%2BKfcMsoAtK8eyfSEu7TOwgys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e07ee744089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/main.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/main.js
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/js/main.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sbanh.com
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:31 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 07:29:33 GMT
etag: W/"632abd5d-20ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 985403
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o18oTzUYGLD78ibZFIeECIZZCebXBBhSgqlhBG%2BbKTHyxldX2DI3tG16nIIVm%2BM9mMpCde1iYzznG21rsJJBM3aVDAPhA0MMqAnlfy2JYvbDaknIG%2FMcbqi%2BItf1JuDQuTgyR3Ar%2B5ic"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e138c087702-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/js/xupload.js?v=3
172.64.129.30200 OK 0 B URL HTTP/2 sbanh.com/js/xupload.js?v=3
IP 172.64.129.30:0
GET /js/xupload.js?v=3 HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=9897
etag: W/"5f734aae-26a9"
expires: Sat, 03 Dec 2022 18:09:15 GMT
last-modified: Tue, 29 Sep 2020 14:54:38 GMT
cf-cache-status: HIT
age: 20113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz6S%2FBxOhIXQuD9ykq5IyhNmx5QVsmkk3MqHUeeeRKCUeNXPhpiVWv7n9TwIf5ZcoxG4ynNc4w4GFMQlWsJbBUWVmBEH01Ap3mZTwZcqGoqg83%2FtYBVfGPfIaxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01b92c8861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sbanh.com/js/jquery.min.js
172.64.129.30200 OK 0 B URL HTTP/2 sbanh.com/js/jquery.min.js
IP 172.64.129.30:0
GET /js/jquery.min.js HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 05 May 2020 04:02:38 GMT
etag: W/"5eb0e55e-15d84"
expires: Sat, 03 Dec 2022 18:07:55 GMT
cache-control: max-age=604800
access-control-allow-origin: *
cf-cache-status: HIT
age: 20193
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqBXmHiRCCsnWDvKhQvFoIuFAqCfOVF1egomyp3UcKkL4F4hoHrhTPIg%2BZIJ7CxCF%2BSlBK276KZaRjy18F0YO0Pid49H0%2BJHF7029VhQULRMkpxINHJ7oWZo2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01b92a8861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/27/22b0ff6d446d45dfe24f0ae457b1c7db
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/27/22b0ff6d446d45dfe24f0ae457b1c7db
IP 139.45.197.239:0
GET /27/22b0ff6d446d45dfe24f0ae457b1c7db HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Cookie: scm=1; OAID=d0fa30ab39084f368b3a2d4e81e39b2e; oaidts=1669506269
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 25 Nov 2022 08:14:39 GMT
expires: Fri, 25 Dec 2082 08:14:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
sbanh.com/js/mainpc.js
172.64.129.30200 OK 0 B IP 172.64.129.30:0
GET /js/mainpc.js HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-bgj: minify
etag: W/"628e8e9b-10e30"
expires: Sat, 03 Dec 2022 19:06:13 GMT
last-modified: Wed, 25 May 2022 20:16:27 GMT
cf-cache-status: HIT
age: 16695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wy6Jj6aaf6M5rbXJlwUyfz%2FE3F4TCy0UNTlegQb3avqbYx3jbGmvbb5JOyJZszGNDj3A9S3F24pS6zDp4LfJiNLUQdFiRz5yVa8hZqO7Lo6VDtmZyYZDMwM5kkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01c9338861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
inrhyhorntor.com/400/3766241
139.45.197.237200 OK 0 B URL HTTP/2 inrhyhorntor.com/400/3766241
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/3766241 HTTP/1.1
Host: inrhyhorntor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript
x-trace-id: 7aef8bda6d651f54f114e7ebc91eb239
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f904668fefc34aed87e8a15fb39eb965; expires=Sun, 26 Nov 2023 23:44:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Allerta&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Allerta&display=swap
IP 142.250.74.10:0
GET /css2?family=Allerta&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 23:44:28 GMT
date: Sat, 26 Nov 2022 23:44:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.uponelectabuzzor.club/1?z=4422977
139.45.197.239200 OK 0 B URL HTTP/2 cdn.uponelectabuzzor.club/1?z=4422977
IP 139.45.197.239:0
GET /1?z=4422977 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 23:44:29 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7b3dcf39af6a1d60d24559c819d2cd93
access-control-expose-headers: X-Sc
x-sc: Dxs2a8IkjI-Lsm1RsGQ6fhcvkTU13M9Hz-q2nXJzcTw-aNkR0N7sVjc1j6ChUueKQ9HSrCsExd8-NenUV_kvNCLY_OM=
set-cookie: scm=1; expires=Sun, 26 Nov 2023 23:44:29 GMT; secure; SameSite=None
OAID=d0fa30ab39084f368b3a2d4e81e39b2e; expires=Sun, 26 Nov 2023 23:44:29 GMT; secure; SameSite=None
oaidts=1669506269; expires=Sun, 26 Nov 2023 23:44:29 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
sbanh.com/js/modernizr.custom.04022.js
172.64.129.30200 OK 0 B URL HTTP/2 sbanh.com/js/modernizr.custom.04022.js
IP 172.64.129.30:0
GET /js/modernizr.custom.04022.js HTTP/1.1
Host: sbanh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/d/jenussoceew5.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=6925
etag: W/"54cfc154-1b0d"
expires: Sat, 03 Dec 2022 18:09:15 GMT
last-modified: Mon, 02 Feb 2015 18:26:28 GMT
cf-cache-status: HIT
age: 20113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeV3ChPBLfOxB9KgyTvZuwETZrX8VeJOltHU5woF%2BcMgxh7D%2F0fZV3L2ZCsJZv392BOuQK8FzjYnlMiiQoakX1ljm1ccSnYyNQQoGlbddeDzVc%2BdpV2yNl3tqzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77067e01b9298861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sbanh.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 23:44:28 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 18817075
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77067e01ff12b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2